1 | /***** |
---|
2 | abac_attr.java |
---|
3 | |
---|
4 | To demonstrate how to use ABAC's api in java |
---|
5 | |
---|
6 | call: abac_attr IceCream_ID.pem IceCream_private.pem IceCream_attr.der Chocolate_ID.pem |
---|
7 | |
---|
8 | This program will generate 2 principal credentials, (IceCream, Chocolate) and |
---|
9 | an attribute rule, write it out to an external |
---|
10 | file and also load it into the context (prolog db) |
---|
11 | [keyid:IceCream].delicious <- [Keyid:Chocolate] |
---|
12 | |
---|
13 | Then, a query is made against the context to see if it is populated correctly. |
---|
14 | |
---|
15 | Note: Chocolate's principal is loaded without it private key. It does not |
---|
16 | need to because it is not being used to generate attribute credential |
---|
17 | ***/ |
---|
18 | |
---|
19 | import java.io.*; |
---|
20 | import java.util.*; |
---|
21 | |
---|
22 | import net.deterlab.abac.*; |
---|
23 | |
---|
24 | public class abac_attr { |
---|
25 | |
---|
26 | static { |
---|
27 | System.loadLibrary("jABAC"); |
---|
28 | } |
---|
29 | |
---|
30 | public static void main(String[] args) { |
---|
31 | Context ctxt=new Context(); |
---|
32 | |
---|
33 | ID iceID=new ID("IceCream",0); |
---|
34 | iceID.id_write_cert("IceCream_ID.pem"); |
---|
35 | iceID.id_write_privkey("IceCream_private.pem"); |
---|
36 | |
---|
37 | ID chocoID=new ID("Chocolate",0); |
---|
38 | chocoID.id_write_cert("Chocolate_ID.pem"); |
---|
39 | chocoID.id_write_privkey("Chocolate_private.pem"); |
---|
40 | ctxt.load_id(chocoID); |
---|
41 | |
---|
42 | ctxt.load_id_chunks(iceID.id_cert_chunk(), iceID.id_privkey_chunk()); |
---|
43 | /*or, ctxt.load_id(iceID); */ |
---|
44 | |
---|
45 | /* create an attribute cert |
---|
46 | iceCream.delicous <- chocolate */ |
---|
47 | Role head= new Role(iceID.id_keyid(),"delicious"); |
---|
48 | Role tail= new Role(chocoID.id_keyid()); |
---|
49 | |
---|
50 | Attribute attr = new Attribute(head, 1800); |
---|
51 | attr.attribute_add_tail(tail); |
---|
52 | attr.attribute_bake(); |
---|
53 | |
---|
54 | /* write it out */ |
---|
55 | attr.attribute_write_cert("IceCream_attr.der"); |
---|
56 | |
---|
57 | /* load attribute cert into the context */ |
---|
58 | ctxt.load_attribute_chunk(attr.cert_chunk()); |
---|
59 | /* or, ctxt.load_attribute(attr); */ |
---|
60 | |
---|
61 | /* what is in prolog db |
---|
62 | ctxt.dump_yap_db(); */ |
---|
63 | |
---|
64 | AttributeVector credentials = ctxt.query(head, tail); |
---|
65 | long sz=credentials.size(); |
---|
66 | if(sz > 0) |
---|
67 | System.out.println("prover success!!"); |
---|
68 | else |
---|
69 | System.out.println("prover failed!!"); |
---|
70 | |
---|
71 | for(int i=0; i<sz; i++) { |
---|
72 | Attribute c=credentials.get(i); |
---|
73 | System.out.println(c.head_string()+"<- "+c.tail_string()); |
---|
74 | } |
---|
75 | |
---|
76 | ctxt.free_context_now(); |
---|
77 | System.out.println("done, main from abac_attr.java"); |
---|
78 | |
---|
79 | } |
---|
80 | } |
---|
81 | |
---|