source: examples/creddy_prover_tests/acme_rockets_rt0/README @ 163aadf

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change on this file since 163aadf was 92661b4, checked in by Mei <mei@…>, 11 years ago

1) add some doc
2) fix the version in abac_xml
  • Property mode set to 100755
File size: 1.5 KB
RevLine 
[461541a]1#!/bin/sh
[92661b4]2#
3# The example makes use of 2 principals, Acme and Coyote.
4#
5# This example shows a very simple delegation of roles by Acme.  Acme's
6# buy_rockets role includes all of Acme's preferred customers.  The example
7# creates the principals and 2 credentials.  Credential 1 encodes the policy
8# that all of Acme's preferred customers can buy rockets from Acme and
9# Credential 2 defines the Coyote as an Acme preferred customer.
10
11# The ./run_query script issues queries to show that the Coyote is both a preferred
12# customer and can buy rockets.  Two invalid queries are also made, checking if
13# Acme is the Coyote's friend, which it isn't and whether a query about
14# something other than a principal works (it doesn't).
15
16# acme_rockets_rt0
[461541a]17
18#Acme.buy_rockets <- Acme.preferred_customer
19#Acme.preferred_customer <- Coyote
20
21rm -rf *.pem *.xml
22
23pwd=`pwd`
24eloc=`which creddy | sed 's/\/creddy//'`
25if [ "$eloc" = "" ]; then
26  echo "ERROR: creddy is not in the search path!!!"
27  exit 1
28fi
29
30$eloc/creddy --generate --cn Acme
31
32$eloc/creddy --generate --cn Coyote
33
34$eloc/creddy --attribute \
35       --issuer Acme_ID.pem --key Acme_private.pem --role buy_rockets \
36       --subject-cert Acme_ID.pem --subject-role preferred_customer \
37       --out Acme_buy_rockets__Acme_preferred_customer_attr.xml
38
39$eloc/creddy --attribute \
40       --issuer Acme_ID.pem --key Acme_private.pem --role preferred_customer \
41       --subject-cert Coyote_ID.pem \
42       --out Acme_preferred_customer__Coyote_attr.xml
Note: See TracBrowser for help on using the repository browser.