source: examples/creddy_prover_tests/alumni_rt1/README @ 4b46680

mei_rt2mei_rt2_fix_1
Last change on this file since 4b46680 was f824a9e, checked in by Mei <mei@…>, 12 years ago

1) add more doc to python_tests

  • Property mode set to 100755
File size: 3.5 KB
Line 
1#!/bin/sh
2#
3# This example shows an example of reasoning about a role's parameters.  There
4# are 4 principals StateU, Bob, Maryann, and Joe.  StateU wants to establish a
5# set of founding alumni based on the year of graduation.  On graduation each
6# alum has previously been issued a credential parameterized with their major
7# and graduation year.  StateU sets up a policy that says that a principal is a
8# founding alum if they graduated in 1955 through 1958 inclusive no matter what
9# major the principal had.  This policy is expressed in Credential 1.
10#
11# Credentials 2, 3, and 4 each assign a diploma credential to Bob (a 1960
12# mathematics degree), Joe (a 1955 zoology degree) and Maryann (a 1956
13# psychology degree).
14#
15# The attached ./run_query file asks if each of these principals are favored
16# alums and Joe and Maryann are.
17
18# alumni_rt1
19
20# [keyid:stateU].role:foundingAlumni <-?- [keyid:Bob] (no)
21# [keyid:stateU].role:foundingAlumni <-?- [keyid:Maryann] (yes)
22# [keyid:stateU].role:foundingAlumni <-?- [keyid:Joe] (yes)
23
24creddy --generate --cn StateU
25creddy --generate --cn Bob
26creddy --generate --cn Maryann
27creddy --generate --cn Joe
28
29stateU_keyid=`creddy --keyid --cert StateU_ID.pem`
30bob_keyid=`creddy --keyid --cert Bob_ID.pem`
31maryann_keyid=`creddy --keyid --cert Maryann_ID.pem`
32joe_keyid=`creddy --keyid --cert Joe_ID.pem`
33
34diploma_q_qY="diploma([?], [integer:?Year:[1955..1958]])"
35
36diploma_m="diploma([string:'mathmatics'],[integer:1960])"
37diploma_z="diploma([string:'zoology'],[integer:1955])"
38diploma_p="diploma([string:'psychology'],[integer:1956])"
39
40# [keyid:stateU].role:foundingAlumni
41#                   <- [keyid:stateU].role:diploma([?], [integer:?Year:[1955..1958]])
42# Credential 1
43creddy --attribute \
44       --issuer StateU_ID.pem --key StateU_private.pem --role "foundingAlumni" \
45       --subject-cert StateU_ID.pem --subject-role "$diploma_q_qY" \
46       --out StateU_foundingAlumni__stateU_diploma_q_qY_attr.der
47
48# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1960]) <- [keyid:bob]
49# Credential 2
50creddy --attribute \
51        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_m" \
52        --subject-cert Bob_ID.pem \
53        --out StateU_diploma_m__Bob_attr.der
54
55# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955]) <- [keyid:joe]
56# Credential 3
57creddy --attribute \
58        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_z" \
59        --subject-cert Joe_ID.pem \
60        --out StateU_diploma_m__Joe_attr.der
61
62# [keyid:stateU].role:diploma([string:'psychology'],[integer:1956]) <- [keyid:maryann]
63# Credential 4
64creddy --attribute \
65        --issuer StateU_ID.pem --key StateU_private.pem --role "$diploma_p" \
66        --subject-cert Maryann_ID.pem \
67        --out StateU_diploma_m__Maryann_attr.der
68
69
70#####################################################################
71# stateU.foundingAlumni <- stateU.diploma(?, ?Year:[1955..1958])
72# [keyid:stateU].role:foundingAlumni
73#                <- [keyid:stateU].role:diploma([?], [integer:?Year:[1955..1958]])
74#
75# stateU.diploma(mathmatics,1960)<-bob
76# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1960]) <- [keyid:bob]
77#
78# stateU.diploma(zoology,1955)<-joe
79# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955]) <- [keyid:joe]
80#
81# stateU.diploma(psychology,1956)<-maryann
82# [keyid:stateU].role:diploma([string:'psychology'],[integer:1956]) <- [keyid:maryann]
83#
84# query,
85# stateU.foundingAlumni<-?-bob  bad
86# [keyid:stateU].role:foundingAlumni <- [keyid:bob]
87#
88# stateU.foundingAlumni<-?-maryann  good
89# [keyid:stateU].role:foundingAlumni <- [keyid:maryann]
90#
Note: See TracBrowser for help on using the repository browser.