mei_rt2mei_rt2_fix_1
Last change
on this file since ba6027a was
ba6027a,
checked in by Mei <mei@…>, 12 years ago
|
1) modified code all around to add support for encrypted private key for
ID credential
2) add new abac_key_t structure (abac_key.c)
3) add new keycheck option to creddy
4) add 2 new test suites
|
-
Property mode set to
100755
|
File size:
1.2 KB
|
Line | |
---|
1 | # |
---|
2 | # The example makes use of 2 principals, Acme and Coyote. |
---|
3 | # |
---|
4 | # This example shows a very simple delegation of roles by Acme. Acme's |
---|
5 | # buy_rockets role includes all of Acme's preferred customers. |
---|
6 | # The setup.py creates the principals where Acme is using a pre-existing |
---|
7 | # encrypted key file and the attr.py creates 2 policy credentials. |
---|
8 | # Credential 1 encodes the policy that all of Acme's preferred customers |
---|
9 | # can buy rockets from Acme |
---|
10 | # Credential 2 defines the Coyote as an Acme preferred customer. |
---|
11 | # In both cases, the private key is decrypted a file that contains the passphrase |
---|
12 | # while the attribute is being baked |
---|
13 | |
---|
14 | # The ./run_query script issues queries to show that the Coyote is both a preferred |
---|
15 | # customer and can buy rockets. Two invalid queries are also made, checking if |
---|
16 | # Acme is the Coyote's friend, which it isn't and whether a query about |
---|
17 | # something other than a principal works (it doesn't). |
---|
18 | |
---|
19 | # acme_rockets_rt0 |
---|
20 | |
---|
21 | rm -rf *.der *.pem |
---|
22 | cp ../../PFILE pfile |
---|
23 | cp ../../ENC_PRIVATE.PEM Acme_private.pem |
---|
24 | |
---|
25 | # Credential 1 |
---|
26 | #[keyid:Acme].role:buy_rockets <- [keyid:Acme].role:preferred_customer |
---|
27 | |
---|
28 | # Credential 2 |
---|
29 | #[keyid:Acme].role:preferred_customer <- [keyid:Coyote] |
---|
30 | |
---|
Note: See
TracBrowser
for help on using the repository browser.