source: examples/example_scripts/python/abac_attr.py @ 163aadf

abac0-leakabac0-meimei-idmei-rt0-nmei_rt0tvf-new-xml
Last change on this file since 163aadf was 4721618, checked in by Mei <mei@…>, 11 years ago

1) tested out python and perl test scripts along with

abac_chunk_t calls in libabac's abac.hh

  • Property mode set to 100755
File size: 2.3 KB
Line 
1#!/usr/bin/env python
2
3"""
4     abac_attr.py
5
6     To demonstrate how to use ABAC's api in python
7 
8     call:   attr_abac IceCream_ID.pem IceCream_private.pem IceCream_attr.xml Chocolate_ID.pem
9 
10     pre-conditions: generate IceCream_ID.pem and IceCream_private.pem with
11             creddy --generate --cn IceCream
12                     generate Chocolate_ID.pem and Chocolate_private.pem with
13             creddy --generate --cn Chocolate
14 
15     This program will generate an attribute rule, write it out to an external
16             file and also load it into the context (prolog db)
17             IceCream.delicious <- Chocolate
18 
19     Then, a query is made against the context to see if it is populated correctly.
20 
21     Note: Chocolate's principal is loaded without it private key. It does not
22           need to because it is not being used to generate attribute credential
23 
24"""
25
26from sys import argv, exit
27from ABAC import Context
28from ABAC import ID, Attribute, Role
29
30debug=0
31
32## initial context
33ctxt = Context()
34
35print len(argv)
36
37if len(argv) != 5:
38    print "Usage: abac_attr.py <cert.pem> <key.pem> <attr.xml> <pcert.pem>"
39    exit(1)
40
41# load the ID and its key
42id = None
43cid = None
44
45try:
46    id = ID(argv[1])
47    id.load_privkey(argv[2])
48    cid = ID(argv[4])
49except Exception, e:
50    print "Problem loading ID cert: %s" % e
51    exit(1)
52
53# load the id into the context
54ctxt.load_id_chunk(id.cert_chunk())
55# another way to load the id into the context
56#XXX  not implemented yet...ctxt.load_id(cid)
57ctxt.load_id_chunk(cid.cert_chunk())
58
59#out = ctxt.credentials()
60#print "\n...final principal set..."
61#for x in out[1]:
62#    print "%s " % x.string()
63
64# create an attribute cert
65# iceCream.delicous <- chocolate
66attr = Attribute(id, "delicious", 1000)
67attr.principal(cid.keyid())
68attr.bake()
69
70# load attribute cert into the context
71ctxt.load_attribute_chunk(attr.cert_chunk())
72
73# another way to load the attribute cert into the context,
74# not implemented, ctxt.load_attribute(attr)
75
76# yet another way to load the attribute cert into the context,
77attr.write_file(argv[3])
78# ctxt.load_attribute_file(argv[3])
79
80# run a proof
81(success, credentials) = ctxt.query("%s.delicious" % id.keyid(), cid.keyid())
82
83if success:
84    print "success!"
85
86for credential in credentials:
87    print "credential %s <- %s" % (credential.head().string(), credential.tail().string())
88
89
Note: See TracBrowser for help on using the repository browser.