mei_rt2mei_rt2_fix_1
Last change
on this file since 928b1b7 was
ba6027a,
checked in by Mei <mei@…>, 12 years ago
|
1) modified code all around to add support for encrypted private key for
ID credential
2) add new abac_key_t structure (abac_key.c)
3) add new keycheck option to creddy
4) add 2 new test suites
|
-
Property mode set to
100755
|
File size:
1.2 KB
|
Rev | Line | |
---|
[ba6027a] | 1 | # |
---|
| 2 | # The example makes use of 2 principals, Acme and Coyote. |
---|
| 3 | # |
---|
| 4 | # This example shows a very simple delegation of roles by Acme. Acme's |
---|
| 5 | # buy_rockets role includes all of Acme's preferred customers. |
---|
| 6 | # The setup.py creates the principals where Acme is using a pre-existing |
---|
| 7 | # encrypted key file and the attr.py creates 2 policy credentials. |
---|
| 8 | # Credential 1 encodes the policy that all of Acme's preferred customers |
---|
| 9 | # can buy rockets from Acme |
---|
| 10 | # Credential 2 defines the Coyote as an Acme preferred customer. |
---|
| 11 | # In both cases, the private key is decrypted a file that contains the passphrase |
---|
| 12 | # while the attribute is being baked |
---|
| 13 | |
---|
| 14 | # The ./run_query script issues queries to show that the Coyote is both a preferred |
---|
| 15 | # customer and can buy rockets. Two invalid queries are also made, checking if |
---|
| 16 | # Acme is the Coyote's friend, which it isn't and whether a query about |
---|
| 17 | # something other than a principal works (it doesn't). |
---|
| 18 | |
---|
| 19 | # acme_rockets_rt0 |
---|
| 20 | |
---|
| 21 | rm -rf *.der *.pem |
---|
| 22 | cp ../../PFILE pfile |
---|
| 23 | cp ../../ENC_PRIVATE.PEM Acme_private.pem |
---|
| 24 | |
---|
| 25 | # Credential 1 |
---|
| 26 | #[keyid:Acme].role:buy_rockets <- [keyid:Acme].role:preferred_customer |
---|
| 27 | |
---|
| 28 | # Credential 2 |
---|
| 29 | #[keyid:Acme].role:preferred_customer <- [keyid:Coyote] |
---|
| 30 | |
---|
Note: See
TracBrowser
for help on using the repository browser.