[4a8f84a] | 1 | |
---|
[97a6a36] | 2 | /***** |
---|
| 3 | abac_attr.java |
---|
| 4 | |
---|
| 5 | To demonstrate how to use ABAC's api in java |
---|
| 6 | |
---|
| 7 | call: abac_attr IceCream_ID.pem IceCream_private.pem IceCream_attr.der Chocolate_ID.pem |
---|
| 8 | |
---|
| 9 | This program will generate 2 principal credentials, (IceCream, Chocolate) and |
---|
| 10 | an attribute rule, write it out to an external |
---|
| 11 | file and also load it into the context (prolog db) |
---|
| 12 | [keyid:IceCream].delicious <- [Keyid:Chocolate] |
---|
| 13 | |
---|
| 14 | Then, a query is made against the context to see if it is populated correctly. |
---|
| 15 | |
---|
| 16 | Note: Chocolate's principal is loaded without it private key. It does not |
---|
| 17 | need to because it is not being used to generate attribute credential |
---|
| 18 | ***/ |
---|
| 19 | |
---|
| 20 | import java.io.*; |
---|
| 21 | import java.util.*; |
---|
| 22 | |
---|
| 23 | import net.deterlab.abac.*; |
---|
| 24 | |
---|
| 25 | public class abac_attr { |
---|
| 26 | |
---|
| 27 | static { |
---|
| 28 | System.loadLibrary("jABAC"); |
---|
| 29 | } |
---|
| 30 | |
---|
| 31 | public static void main(String[] args) { |
---|
| 32 | Context ctxt=new Context(); |
---|
| 33 | |
---|
| 34 | ID iceID=new ID("IceCream",0); |
---|
| 35 | iceID.id_write_cert("IceCream_ID.pem"); |
---|
| 36 | iceID.id_write_privkey("IceCream_private.pem"); |
---|
| 37 | |
---|
| 38 | ID chocoID=new ID("Chocolate",0); |
---|
| 39 | chocoID.id_write_cert("Chocolate_ID.pem"); |
---|
| 40 | chocoID.id_write_privkey("Chocolate_private.pem"); |
---|
| 41 | ctxt.load_id(chocoID); |
---|
| 42 | |
---|
| 43 | ctxt.load_id_chunks(iceID.id_cert_chunk(), iceID.id_privkey_chunk()); |
---|
| 44 | /*or, ctxt.load_id(iceID); */ |
---|
| 45 | |
---|
| 46 | /* create an attribute cert |
---|
| 47 | iceCream.delicous <- chocolate */ |
---|
| 48 | Role head= new Role(iceID.id_keyid(),"delicious"); |
---|
| 49 | Role tail= new Role(chocoID.id_keyid()); |
---|
| 50 | |
---|
| 51 | Attribute attr = new Attribute(head, 1800); |
---|
| 52 | attr.attribute_add_tail(tail); |
---|
| 53 | attr.attribute_bake(); |
---|
| 54 | |
---|
| 55 | /* write it out */ |
---|
| 56 | attr.attribute_write_cert("IceCream_attr.der"); |
---|
| 57 | |
---|
| 58 | /* load attribute cert into the context */ |
---|
| 59 | ctxt.load_attribute_chunk(attr.cert_chunk()); |
---|
| 60 | /* or, ctxt.load_attribute(attr); */ |
---|
| 61 | |
---|
| 62 | /* what is in prolog db |
---|
| 63 | ctxt.dump_yap_db(); */ |
---|
| 64 | |
---|
| 65 | AttributeVector credentials = ctxt.query(head, tail); |
---|
| 66 | long sz=credentials.size(); |
---|
| 67 | if(sz > 0) |
---|
| 68 | System.out.println("prover success!!"); |
---|
| 69 | else |
---|
| 70 | System.out.println("prover failed!!"); |
---|
| 71 | |
---|
| 72 | for(int i=0; i<sz; i++) { |
---|
| 73 | Attribute c=credentials.get(i); |
---|
| 74 | System.out.println(c.head_string()+"<- "+c.tail_string()); |
---|
| 75 | } |
---|
[e3c7769] | 76 | |
---|
| 77 | ctxt.free_context_now(); |
---|
| 78 | System.out.println("done, main from abac_attr.java"); |
---|
[97a6a36] | 79 | |
---|
| 80 | } |
---|
| 81 | } |
---|
| 82 | |
---|