source: examples/python_tests/alumni3_ctxt_rt1/ctxt_prover.c @ 7751094

mei_rt2
Last change on this file since 7751094 was 2e9455f, checked in by Mei <mei@…>, 11 years ago

1) added namespace
2) tweak ?This,
3) allowing linking role/oset as constraining conditions
4) adding access_tests regression testing that uses GENI's access policy
5) added couple multi contexts regression tests
6) add compression/uncompression calls to abac_encode_string/abac_decode_string
(libstrongwan only allows 512 char for attribute rule storage)
7) add attribute_now option to creddy that takes a whole char string for attribute
rule
  • Property mode set to 100644
File size: 3.7 KB
Line 
1/**
2   ctxt_prover.c
3
4gcc -g -o ctxt_prover ctxt_prover.c -L/usr/local/lib -L/usr/local/lib/ipsec -labac -lYap -lreadline -lm -lstrongswan -lpthread -Wl,-rpath -Wl,/usr/local/lib/ipsec
5
6./ctxt_prover
7env ABAC_CN=1 ./ctxt_prover
8**/
9
10#include <err.h>
11#include <stdio.h>
12#include <assert.h>
13#include <string.h>
14
15#include <abac.h>
16#include "abac_external.h"
17
18extern void abac_print_cred_info(abac_credential_t*, FILE*);
19extern void abac_print_prin_info(abac_id_credential_t*, FILE*);
20
21    /* dump credentials from context */
22void print_attrs(abac_context_t *ctxt, char *stub)
23{
24    int i;
25
26    abac_credential_t *cred=NULL;
27    abac_credential_t **credentials=NULL;
28    printf("\n\n");
29    puts("%s attrs :", stub);
30    credentials = abac_context_credentials(ctxt);
31    if (credentials != NULL) {
32        for (i = 0; credentials[i] != NULL; ++i) {
33           cred = credentials[i];
34           abac_print_typed_cred_info(cred,NULL);
35        }
36    }
37    if(credentials)
38        abac_free_credentials(credentials);
39}
40
41void print_ids(abac_context_t *ctxt, char *stub)
42{
43    int i;
44
45    abac_id_credential_t *id_cred=NULL;
46    abac_id_credential_t **id_credentials=NULL;
47    printf("\n\n");
48    puts("%s principals :", stub);
49    id_credentials = abac_context_principals(ctxt);
50    if (id_credentials != NULL) {
51        for (i = 0; id_credentials[i] != NULL; ++i) {
52           id_cred = id_credentials[i];
53           abac_print_prin_info(id_cred,NULL);
54        }
55    }
56    if(id_credentials)
57        abac_free_principals(id_credentials);
58}
59
60void query(abac_context_t *ctxt, char* who, char *what)
61{
62    abac_credential_t *cred=NULL;
63    abac_credential_t **credentials=NULL;
64    int i, success=0;
65
66    abac_aspect_t *query=abac_role_create(who,"foundingAlumni");
67    abac_aspect_t *with=abac_role_principal_create(what);
68
69    credentials = abac_context_query_with_structure(ctxt, query, with, &success);
70    if (success)
71        puts("prover success!!");
72        else puts("prover failed!!");
73
74    if (credentials != NULL && success) {
75        puts("credentials needed :");
76        for (i = 0; credentials[i] != NULL; ++i) {
77           cred = credentials[i];
78           abac_print_cred_info(cred,NULL);
79        }
80    }
81    if(credentials)
82        abac_free_credentials(credentials);
83}
84
85
86int main(int argc, char **argv)
87{
88    abac_context_t *ctxtA = abac_context_new();
89/* abac_context_load_id_files(ctxtA,"StateU_ID.pem","StateU_private.pem"); */
90    abac_id_t *id;
91    abac_id_t *stateid=abac_id_from_file("StateU_ID.pem");
92    abac_id_load_privkey_file(stateid,"StateU_private.pem");
93    char* stateU=abac_id_keyid(stateid);
94    abac_context_load_id(ctxtA, stateid);
95   
96/*  abac_context_load_id_file(ctxtA,"Bob_ID.pem"); */
97    abac_id_t *bobid=abac_id_from_file("Bob_ID.pem");
98    char* bob=abac_id_keyid(bobid);
99    abac_context_load_id(ctxtA, bobid);
100
101/*  abac_context_load_id_file(ctxtA,"Mark_ID.pem"); */
102    abac_id_t *markid=abac_id_from_file("Mark_ID.pem");
103    char* mark=abac_id_keyid(markid);
104    abac_context_load_id(ctxtA, markid);
105
106    abac_context_load_attribute_file(ctxtA,"StateU_foundingAlumni__stateU_diploma_q_qY_attr.der");
107
108    abac_context_t *ctxtB = abac_context_dup(ctxtA);
109
110/*  abac_context_load_id_file(ctxtB,"Joe_ID.pem"); */
111    abac_id_t *joeid=abac_id_from_file("Joe_ID.pem");
112    abac_context_load_id(ctxtA, joeid);
113
114/*  abac_context_load_id_file(ctxtB,"Maryann_ID.pem"); */
115    abac_id_t *maryannid=abac_id_from_file("Maryann_ID.pem");
116    abac_context_load_id(ctxtA, maryannid);
117
118/*  abac_context_load_id_file(ctxtB,"Jan_ID.pem"); */
119    abac_id_t *janid=abac_id_from_file("Jan_ID.pem");
120    abac_context_load_id(ctxtA, janid);
121
122    abac_verifier_session_dump();
123
124    query(ctxtA, stateU, bob);
125    query(ctxtB, stateU, bob);
126
127
128    return 0;
129}
Note: See TracBrowser for help on using the repository browser.