| 1 | /***** |
|---|
| 2 | abac_attr.java |
|---|
| 3 | |
|---|
| 4 | To demonstrate how to use ABAC's api in java |
|---|
| 5 | |
|---|
| 6 | call: abac_attr IceCream_ID.pem IceCream_private.pem IceCream_attr.der Chocolate_ID.pem |
|---|
| 7 | |
|---|
| 8 | This program will generate 2 principal credentials, (IceCream, Chocolate) and |
|---|
| 9 | an attribute rule, write it out to an external |
|---|
| 10 | file and also load it into the context (prolog db) |
|---|
| 11 | [keyid:IceCream].delicious <- [Keyid:Chocolate] |
|---|
| 12 | |
|---|
| 13 | Then, a query is made against the context to see if it is populated correctly. |
|---|
| 14 | |
|---|
| 15 | Note: Chocolate's principal is loaded without it private key. It does not |
|---|
| 16 | need to because it is not being used to generate attribute credential |
|---|
| 17 | ***/ |
|---|
| 18 | |
|---|
| 19 | import java.io.*; |
|---|
| 20 | import java.util.*; |
|---|
| 21 | |
|---|
| 22 | import net.deterlab.abac.*; |
|---|
| 23 | |
|---|
| 24 | public class abac_attr { |
|---|
| 25 | |
|---|
| 26 | static { |
|---|
| 27 | System.loadLibrary("jABAC"); |
|---|
| 28 | } |
|---|
| 29 | |
|---|
| 30 | public static void main(String[] args) { |
|---|
| 31 | Context ctxt=new Context(); |
|---|
| 32 | |
|---|
| 33 | ID iceID=new ID("IceCream",0); |
|---|
| 34 | iceID.id_write_cert("IceCream_ID.pem"); |
|---|
| 35 | iceID.id_write_privkey("IceCream_private.pem"); |
|---|
| 36 | |
|---|
| 37 | ID chocoID=new ID("Chocolate",0); |
|---|
| 38 | chocoID.id_write_cert("Chocolate_ID.pem"); |
|---|
| 39 | chocoID.id_write_privkey("Chocolate_private.pem"); |
|---|
| 40 | ctxt.load_id(chocoID); |
|---|
| 41 | |
|---|
| 42 | ctxt.load_id_chunks(iceID.id_cert_chunk(), iceID.id_privkey_chunk()); |
|---|
| 43 | /*or, ctxt.load_id(iceID); */ |
|---|
| 44 | |
|---|
| 45 | /* create an attribute cert |
|---|
| 46 | iceCream.delicous <- chocolate */ |
|---|
| 47 | Role head= new Role(iceID.id_keyid(),"delicious"); |
|---|
| 48 | Role tail= new Role(chocoID.id_keyid()); |
|---|
| 49 | |
|---|
| 50 | Attribute attr = new Attribute(head, 1800); |
|---|
| 51 | attr.attribute_add_tail(tail); |
|---|
| 52 | attr.attribute_bake(); |
|---|
| 53 | |
|---|
| 54 | /* write it out */ |
|---|
| 55 | attr.attribute_write_cert("IceCream_attr.der"); |
|---|
| 56 | |
|---|
| 57 | /* load attribute cert into the context */ |
|---|
| 58 | ctxt.load_attribute_chunk(attr.cert_chunk()); |
|---|
| 59 | /* or, ctxt.load_attribute(attr); */ |
|---|
| 60 | |
|---|
| 61 | /* what is in prolog db |
|---|
| 62 | ctxt.dump_yap_db(); */ |
|---|
| 63 | |
|---|
| 64 | AttributeVector credentials = ctxt.query(head, tail); |
|---|
| 65 | long sz=credentials.size(); |
|---|
| 66 | if(sz > 0) |
|---|
| 67 | System.out.println("prover success!!"); |
|---|
| 68 | else |
|---|
| 69 | System.out.println("prover failed!!"); |
|---|
| 70 | |
|---|
| 71 | for(int i=0; i<sz; i++) { |
|---|
| 72 | Attribute c=credentials.get(i); |
|---|
| 73 | System.out.println(c.head_string()+"<- "+c.tail_string()); |
|---|
| 74 | } |
|---|
| 75 | |
|---|
| 76 | ctxt.free_context_now(); |
|---|
| 77 | System.out.println("done, main from abac_attr.java"); |
|---|
| 78 | |
|---|
| 79 | } |
|---|
| 80 | } |
|---|
| 81 | |
|---|
