Context Navigation

source: examples/python_tests/acme_friend_rt1/attr.py @ c3c73bd

mei_rt2mei_rt2_fix_1

Last change on this file since c3c73bd was 646e57e, checked in by Mei <mei@…>, 12 years ago
1) add partial proof
Property mode set to `100755`
File size: 3.1 KB

Line
1	#!/usr/bin/env python
2
3	"""
4	See README in this directory for the semantics of the example. This file
5	constructs the credentials described and puts copies into this directory
6
7	cmd1:env keystore=`pwd` ./attr.py
8	"""
9
10	import os
11	import ABAC
12
13	ctxt = ABAC.Context()
14	print "ABAC version %s" % ctxt.version()
15
16	# Keystore is the directory containing the principal credentials.
17	# Load existing principals and/or policy credentials
18	if (os.environ.has_key("keystore")) :
19	keystore=os.environ["keystore"]
20	ctxt.load_directory(keystore)
21	else:
22	print("keystore is not set...")
23	exit(1)
24
25	out = ctxt.context_principals()
26	print "...initial principal set..."
27	for x in out[1]:
28	print "%s " % x.string()
29	print "\n"
30
31	out = ctxt.context_credentials()
32	print "...initial policy attribute set..."
33	for c in out[1]:
34	print "%s <- %s" % (c.head_string(), c.tail_string())
35	print "\n"
36
37	# retrieve principals' keyid value from local credential files
38	acmeID=ABAC.ID("Acme_ID.pem")
39	acmeID.id_load_privkey_file("Acme_private.pem");
40	acme=acmeID.id_keyid()
41
42	coyoteID=ABAC.ID("Coyote_ID.pem")
43	coyoteID.id_load_privkey_file("Coyote_private.pem");
44	coyote=coyoteID.id_keyid()
45
46	roadrunnerID=ABAC.ID("Roadrunner_ID.pem")
47	roadrunnerID.id_load_privkey_file("Roadrunner_private.pem");
48	roadrunner=roadrunnerID.id_keyid()
49
50	jackrabbitID=ABAC.ID("Jackrabbit_ID.pem")
51	jackrabbitID.id_load_privkey_file("Jackrabbit_private.pem");
52	jackrabbit=jackrabbitID.id_keyid()
53
54	################################################
55	# Credential 1
56	# [keyid:Acme].role:preferred_customer <- [keyid:Acme].role:friendof([keyid:Roadrunner])
57	head = ABAC.Role(acme,"preferred_customer")
58	param=ABAC.DataTerm(roadrunnerID)
59	tail = ABAC.Role(acme,"friendof")
60
61	# adding parameter to friendOf role
62	tail.role_add_data_term(param)
63
64	# link the head and tail parts of attribute together
65	attr=ABAC.Attribute(head, 1800)
66	attr.attribute_add_tail(tail)
67
68	# finalize the attribute
69	attr.attribute_bake()
70
71	# write to file system to be accessible later on
72	attr.attribute_write_cert("Acme_preferred_customer__Acme_friendof_Roadrunner_attr.der")
73
74	# load the credential just made into the context directly
75	# (bypass the external credential file)
76	ctxt.load_attribute(attr)
77	print attr.string()
78	print attr.typed_string()
79	print "\n"
80
81	#################################################
82	# Credential 2
83	# [keyid:Acme].role:prefered_customer <- [keyid:Coyote]
84	head = ABAC.Role(acme,"preferred_customer")
85	tail = ABAC.Role(coyote)
86	attr=ABAC.Attribute(head, 1800)
87	attr.attribute_add_tail(tail)
88	attr.attribute_bake()
89	attr.attribute_write_cert("Acme_preferred_customer__Coyote_attr.der")
90	ctxt.load_attribute(attr)
91	print attr.string()
92	print attr.typed_string()
93	print "\n"
94
95	#################################################
96	# Credential 3
97	# [keyid:Acme].role:friendof([keyid:Roadrunner]) <- [keyid:Jackrabbit]
98	param=ABAC.DataTerm(roadrunnerID)
99	head = ABAC.Role(acme,"friendof")
100	head.role_add_data_term(param)
101	tail = ABAC.Role(jackrabbit)
102	attr=ABAC.Attribute(head, 1800)
103	attr.attribute_add_tail(tail)
104	attr.attribute_bake()
105	attr.attribute_write_cert("Acme_friendof_Roadrunner__Jackrabbit_attr.der")
106	ctxt.load_attribute(attr)
107	print attr.string()
108	print attr.typed_string()
109	print "\n"
110

Note: See TracBrowser for help on using the repository browser.

Download in other formats: