source: examples/alumni2_rt1_typed/README @ b84753b

mei_rt2mei_rt2_fix_1rt2
Last change on this file since b84753b was 9502c50, checked in by Mei <mei@…>, 13 years ago

1) rename examples' rr to run_query
2) updated some doc
3) add decode to creddy --roles and creddy --display --show so it will

show more useful attribute rule string

4) stub in the python script in one of the example directory

  • Property mode set to 100755
File size: 2.8 KB
Line 
1#!/bin/sh
2#
3# This example shows an example of reasoning about a role's parameters.  There
4# are 4 principals StateU, Bob, Maryann, and Joe.  StateU wants to establish a
5# set of founding alumni based on the year of graduation.  On graduation each
6# alum has previously been issued a credential parameterized with their major
7# and graduation year.  StateU sets up a policy that says that a principal is a
8# founding alum if they graduated in 1960, 1961, or 1963 no matter what major
9# the principal had.  One assumes there was some kind of NCAA suspension in
10# 1962.  This policy is expressed in Credential 1.
11#
12# Credentials 2, 3, and 4 each assign a diploma credential to Bob (a 1961
13# mathematics degree), Joe (a 1955 zoology degree) and Maryann (a 1962
14# psychology degree).
15#
16# The attached ./run_query file asks if each of these principals are favored
17# alums, and only Bob is.
18
19# alumni2_rt1_typeD
20
21# [keyid:stateU].role:foundingAlumni <-?- [keyid:Bob] (yes)
22# [keyid:stateU].role:foundingAlumni <-?- [keyid:Maryann] (no)
23# [keyid:stateU].role:foundingAlumni <-?- [keyid:Joe] (no)
24
25creddy --generate --cn StateU
26creddy --generate --cn Bob
27creddy --generate --cn Maryann
28creddy --generate --cn Joe
29
30stateU_keyid=`creddy --keyid --cert StateU_ID.pem`
31bob_keyid=`creddy --keyid --cert Bob_ID.pem`
32maryann_keyid=`creddy --keyid --cert Maryann_ID.pem`
33joe_keyid=`creddy --keyid --cert Joe_ID.pem`
34
35diploma_q_qY="diploma([?], [integer:?Year:[1960,1961,1963]])"
36
37diploma_m="diploma([string:'mathmatics'],[integer:1961])"
38diploma_z="diploma([string:'zoology'],[integer:1955])"
39diploma_p="diploma([string:'psychology'],[integer:1962])"
40
41# [keyid:stateU].role:foundingAlumni
42#                   <- [keyid:stateU].role:diploma([?], [integer:?Year:[1960,1961,1963]])
43# Credential 1
44creddy --attribute \
45       --issuer StateU_ID.pem --key StateU_private.pem --role "foundingAlumni" \
46       --subject-cert StateU_ID.pem --subject-role "$diploma_q_qY" \
47       --out StateU_foundingAlumni__stateU_diploma_q_qY_attr.der
48
49# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1961]) <- [keyid:bob]
50# Credential 2
51creddy --attribute \
52        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_m" \
53        --subject-cert Bob_ID.pem \
54        --out StateU_diploma_m__Bob_attr.der
55
56# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955]) <- [keyid:joe]
57# Credential 3
58creddy --attribute \
59        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_z" \
60        --subject-cert Joe_ID.pem \
61        --out StateU_diploma_m__Joe_attr.der
62
63# [keyid:stateU].role:diploma([string:'psychology'],[integer:1962]) <- [keyid:maryann]
64# Credential 4
65creddy --attribute \
66        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_p" \
67        --subject-cert Maryann_ID.pem \
68        --out StateU_diploma_m__Maryann_attr.der
69
Note: See TracBrowser for help on using the repository browser.