source: examples/alumni3_rt1_typed/README @ 9937351

mei_rt2mei_rt2_fix_1meiyap-rt1rt2
Last change on this file since 9937351 was 9502c50, checked in by Mei <mei@…>, 13 years ago

1) rename examples' rr to run_query
2) updated some doc
3) add decode to creddy --roles and creddy --display --show so it will

show more useful attribute rule string

4) stub in the python script in one of the example directory

  • Property mode set to 100755
File size: 3.8 KB
Line 
1#!/bin/sh
2#
3# This example shows an example of reasoning about a role's parameters.  There
4# are 4 principals StateU, Bob, Mark, Maryann, Joe, and Jan.  StateU wants to
5# establish a set of founding alumni based on the year of graduation.  On
6# graduation each alum has previously been issued a credential parameterized
7# with their major and graduation year.  StateU sets up a policy that says that
8# a principal is a founding alum if they graduated in 1960, 1961, or 1963 in
9# either mathematics or psychology.  One assumes there was some kind of NCAA
10# suspension in 1962.  This policy is expressed in Credential 1.
11#
12# Credentials 2, 3, 4, 5, and 6 each assign a diploma credential to Bob (a 1961
13# mathematics degree), Mark (a 1965 mathematics degree), Joe (a 1961 zoology degree), Maryann (a 1962 psychology degree), and Jan (a 1960 psychology degree)
14#
15# The attached ./run_query file asks if each of these principals are favored
16# alums, and only Bob and Jan are.
17
18# alumni3_rt1_typed
19
20rm -rf *.der *.pem
21# [keyid:stateU].role:foundingAlumni <-?- [keyid:Bob] (yes)
22# [keyid:stateU].role:foundingAlumni <-?- [keyid:Maryann] (no)
23# [keyid:stateU].role:foundingAlumni <-?- [keyid:Joe] (no)
24
25creddy --generate --cn StateU
26creddy --generate --cn Bob
27creddy --generate --cn Mark
28creddy --generate --cn Joe
29creddy --generate --cn Maryann
30creddy --generate --cn Jan
31
32stateU_keyid=`creddy --keyid --cert StateU_ID.pem`
33
34bob_keyid=`creddy --keyid --cert Bob_ID.pem`
35mark_keyid=`creddy --keyid --cert Mark_ID.pem`
36joe_keyid=`creddy --keyid --cert Joe_ID.pem`
37maryann_keyid=`creddy --keyid --cert Maryann_ID.pem`
38jan_keyid=`creddy --keyid --cert Jan_ID.pem`
39
40diploma_q_qY="diploma([string:?D:['mathmatics','psychology']], [integer:?Year:[1960,1961,1963]])"
41
42diploma_m="diploma([string:'mathmatics'],[integer:1961])"
43diploma_mm="diploma([string:'mathmatics'],[integer:1965])"
44diploma_z="diploma([string:'zoology'],[integer:1961])"
45diploma_p="diploma([string:'psychology'],[integer:1962])"
46diploma_pp="diploma([string:'psychology'],[integer:1960])"
47
48# [keyid:stateU].role:foundingAlumni
49#                   <- [keyid:stateU].role:diploma([string:?D:['mathmatics','psychology']], [integer:?Year:[1960,1961,1963]])
50# Credential 1
51creddy --attribute \
52       --issuer StateU_ID.pem --key StateU_private.pem --role "foundingAlumni" \
53       --subject-cert StateU_ID.pem --subject-role "$diploma_q_qY" \
54       --out StateU_foundingAlumni__stateU_diploma_q_qY_attr.der
55
56# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1961]) <- [keyid:bob]
57# Credential 2
58creddy --attribute \
59        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_m" \
60        --subject-cert Bob_ID.pem \
61        --out StateU_diploma_m__Bob_attr.der
62
63# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1965]) <- [keyid:mark]
64# Credential 3
65creddy --attribute \
66        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_mm" \
67        --subject-cert Mark_ID.pem \
68        --out StateU_diploma_mm__Mark_attr.der
69
70# [keyid:stateU].role:diploma([string:'zoology'],[integer:1961]) <- [keyid:joe]
71# Credential 4
72creddy --attribute \
73        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_z" \
74        --subject-cert Joe_ID.pem \
75        --out StateU_diploma_z__Joe_attr.der
76
77# [keyid:stateU].role:diploma([string:'psychology'],[integer:1962]) <- [keyid:maryann]
78# Credential 5
79creddy --attribute \
80        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_p" \
81        --subject-cert Maryann_ID.pem \
82        --out StateU_diploma_p__Maryann_attr.der
83
84# [keyid:stateU].role:diploma([string:'psychology'],[integer:1960]) <- [keyid:jan]
85# Credential 6
86creddy --attribute \
87        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_pp" \
88        --subject-cert Jan_ID.pem \
89        --out StateU_diploma_pp__Jan_attr.der
90
Note: See TracBrowser for help on using the repository browser.