source: examples/alumni_rt1_typed/README @ 8fa2c49

mei_rt2mei_rt2_fix_1meiyap-rt1rt2
Last change on this file since 8fa2c49 was 2c01913, checked in by Ted Faber <faber@…>, 12 years ago

Added docs
  • Property mode set to 100755
File size: 3.5 KB
Line 
1#!/bin/sh
2
3# This example shows an example of reasoning about a role's parameters.  There
4# are 4 principals StateU, Bob, Maryann, and Joe.  StateU wants to establish a
5# set of founding alumni based on the year of graduation.  On graduation each
6# alum has previously been issued a credential parameterized with their major
7# and graduation year.  StateU sets up a policy that says that a principal is a
8# founding alum if they graduated in 1955 through 1958 inclusive no matter what
9# major the principal had.  This policy is expressed in Credential 1.
10#
11# Credentials 2, 3, and 4 each assign a diploma credential to Bob (a 1960
12# mathematics degree), Joe (a 1955 zoology degree) and Maryann (a 1956
13# psychology degree).
14#
15# The attached ./rr file asks if each of these principals are favored alums,
16# and Joe and MAryann are.
17
18rm -rf *.der *.pem
19# [keyid:stateU].role:foundingAlumni <-?- [keyid:Bob] (yes)
20# [keyid:stateU].role:foundingAlumni <-?- [keyid:Maryann] (yes)
21
22creddy --generate --cn StateU
23creddy --generate --cn Bob
24creddy --generate --cn Maryann
25creddy --generate --cn Joe
26
27stateU_keyid=`creddy --keyid --cert StateU_ID.pem`
28bob_keyid=`creddy --keyid --cert Bob_ID.pem`
29maryann_keyid=`creddy --keyid --cert Maryann_ID.pem`
30joe_keyid=`creddy --keyid --cert Joe_ID.pem`
31
32diploma_q_qY="diploma([?], [integer:?Year:[1955..1958]])"
33
34diploma_m="diploma([string:'mathmatics'],[integer:1960])"
35diploma_z="diploma([string:'zoology'],[integer:1955])"
36diploma_p="diploma([string:'psychology'],[integer:1956])"
37
38# [keyid:stateU].role:foundingAlumni
39#                   <- [keyid:stateU].role:diploma([?], [integer:?Year:[1955..1958]])
40# Credential 1
41creddy --attribute \
42       --issuer StateU_ID.pem --key StateU_private.pem --role "foundingAlumni" \
43       --subject-cert StateU_ID.pem --subject-role "$diploma_q_qY" \
44       --out StateU_foundingAlumni__stateU_diploma_q_qY_attr.der
45
46# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1960]) <- [keyid:bob]
47# Credential 2
48creddy --attribute \
49        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_m" \
50        --subject-cert Bob_ID.pem \
51        --out StateU_diploma_m__Bob_attr.der
52
53# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955]) <- [keyid:joe]
54# Credential 3
55creddy --attribute \
56        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_z" \
57        --subject-cert Joe_ID.pem \
58        --out StateU_diploma_m__Joe_attr.der
59
60# [keyid:stateU].role:diploma([string:'psychology'],[integer:1956]) <- [keyid:maryann]
61# Credential 4
62creddy --attribute \
63        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_p" \
64        --subject-cert Maryann_ID.pem \
65        --out StateU_diploma_m__Maryann_attr.der
66
67
68#####################################################################
69# stateU.foundingAlumni <- stateU.diploma(?, ?Year:[1955..1958])
70# [keyid:stateU].role:foundingAlumni
71#                <- [keyid:stateU].role:diploma([?], [integer:?Year:[1955..1958]])
72#
73# stateU.diploma(mathmatics,1960)<-bob
74# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1960]) <- [keyid:bob]
75#
76# stateU.diploma(zoology,1955)<-joe
77# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955]) <- [keyid:joe]
78#
79# stateU.diploma(psychology,1956)<-maryann
80# [keyid:stateU].role:diploma([string:'psychology'],[integer:1956]) <- [keyid:maryann]
81#
82# query,
83# stateU.foundingAlumni<-?-bob  bad
84# [keyid:stateU].role:foundingAlumni <- [keyid:bob]
85#
86# stateU.foundingAlumni<-?-maryann  good
87# [keyid:stateU].role:foundingAlumni <- [keyid:maryann]
88#
Note: See TracBrowser for help on using the repository browser.