1 | /** |
---|
2 | ctxt_prover.c |
---|
3 | |
---|
4 | gcc -g -o ctxt_prover ctxt_prover.c -L/usr/local/lib -L/usr/local/lib/ipsec -labac -lYap -lreadline -lm -lstrongswan -lpthread -Wl,-rpath -Wl,/usr/local/lib/ipsec |
---|
5 | |
---|
6 | ./ctxt_prover |
---|
7 | env ABAC_CN=1 ./ctxt_prover |
---|
8 | **/ |
---|
9 | |
---|
10 | #include <err.h> |
---|
11 | #include <stdio.h> |
---|
12 | #include <assert.h> |
---|
13 | #include <string.h> |
---|
14 | |
---|
15 | #include <abac.h> |
---|
16 | #include "abac_external.h" |
---|
17 | |
---|
18 | extern void abac_print_cred_info(abac_credential_t*, FILE*); |
---|
19 | extern void abac_print_prin_info(abac_id_credential_t*, FILE*); |
---|
20 | |
---|
21 | /* dump credentials from context */ |
---|
22 | void print_attrs(abac_context_t *ctxt, char *stub) |
---|
23 | { |
---|
24 | int i; |
---|
25 | |
---|
26 | abac_credential_t *cred=NULL; |
---|
27 | abac_credential_t **credentials=NULL; |
---|
28 | printf("\n\n"); |
---|
29 | puts("%s attrs :", stub); |
---|
30 | credentials = abac_context_credentials(ctxt); |
---|
31 | if (credentials != NULL) { |
---|
32 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
33 | cred = credentials[i]; |
---|
34 | abac_print_typed_cred_info(cred,NULL); |
---|
35 | } |
---|
36 | } |
---|
37 | if(credentials) |
---|
38 | abac_free_credentials(credentials); |
---|
39 | } |
---|
40 | |
---|
41 | void print_ids(abac_context_t *ctxt, char *stub) |
---|
42 | { |
---|
43 | int i; |
---|
44 | |
---|
45 | abac_id_credential_t *id_cred=NULL; |
---|
46 | abac_id_credential_t **id_credentials=NULL; |
---|
47 | printf("\n\n"); |
---|
48 | puts("%s principals :", stub); |
---|
49 | id_credentials = abac_context_principals(ctxt); |
---|
50 | if (id_credentials != NULL) { |
---|
51 | for (i = 0; id_credentials[i] != NULL; ++i) { |
---|
52 | id_cred = id_credentials[i]; |
---|
53 | abac_print_prin_info(id_cred,NULL); |
---|
54 | } |
---|
55 | } |
---|
56 | if(id_credentials) |
---|
57 | abac_free_principals(id_credentials); |
---|
58 | } |
---|
59 | |
---|
60 | void query(abac_context_t *ctxt, char* who, char *what) |
---|
61 | { |
---|
62 | abac_credential_t *cred=NULL; |
---|
63 | abac_credential_t **credentials=NULL; |
---|
64 | int i, success=0; |
---|
65 | |
---|
66 | abac_aspect_t *query=abac_role_create(who,"foundingAlumni"); |
---|
67 | abac_aspect_t *with=abac_role_principal_create(what); |
---|
68 | |
---|
69 | credentials = abac_context_query_with_structure(ctxt, query, with, &success); |
---|
70 | if (success) |
---|
71 | puts("prover success!!"); |
---|
72 | else puts("prover failed!!"); |
---|
73 | |
---|
74 | if (credentials != NULL && success) { |
---|
75 | puts("credentials needed :"); |
---|
76 | for (i = 0; credentials[i] != NULL; ++i) { |
---|
77 | cred = credentials[i]; |
---|
78 | abac_print_cred_info(cred,NULL); |
---|
79 | } |
---|
80 | } |
---|
81 | if(credentials) |
---|
82 | abac_free_credentials(credentials); |
---|
83 | } |
---|
84 | |
---|
85 | |
---|
86 | int main(int argc, char **argv) |
---|
87 | { |
---|
88 | abac_context_t *ctxtA = abac_context_new(); |
---|
89 | /* abac_context_load_id_files(ctxtA,"StateU_ID.pem","StateU_private.pem"); */ |
---|
90 | abac_id_t *id; |
---|
91 | abac_id_t *stateid=abac_id_from_file("StateU_ID.pem"); |
---|
92 | abac_id_load_privkey_file(stateid,"StateU_private.pem"); |
---|
93 | char* stateU=abac_id_keyid(stateid); |
---|
94 | abac_context_load_id(ctxtA, stateid); |
---|
95 | |
---|
96 | /* abac_context_load_id_file(ctxtA,"Bob_ID.pem"); */ |
---|
97 | abac_id_t *bobid=abac_id_from_file("Bob_ID.pem"); |
---|
98 | char* bob=abac_id_keyid(bobid); |
---|
99 | abac_context_load_id(ctxtA, bobid); |
---|
100 | |
---|
101 | /* abac_context_load_id_file(ctxtA,"Mark_ID.pem"); */ |
---|
102 | abac_id_t *markid=abac_id_from_file("Mark_ID.pem"); |
---|
103 | char* mark=abac_id_keyid(markid); |
---|
104 | abac_context_load_id(ctxtA, markid); |
---|
105 | |
---|
106 | abac_context_load_attribute_file(ctxtA,"StateU_foundingAlumni__stateU_diploma_q_qY_attr.der"); |
---|
107 | |
---|
108 | abac_context_t *ctxtB = abac_context_dup(ctxtA); |
---|
109 | |
---|
110 | /* abac_context_load_id_file(ctxtB,"Joe_ID.pem"); */ |
---|
111 | abac_id_t *joeid=abac_id_from_file("Joe_ID.pem"); |
---|
112 | abac_context_load_id(ctxtA, joeid); |
---|
113 | |
---|
114 | /* abac_context_load_id_file(ctxtB,"Maryann_ID.pem"); */ |
---|
115 | abac_id_t *maryannid=abac_id_from_file("Maryann_ID.pem"); |
---|
116 | abac_context_load_id(ctxtA, maryannid); |
---|
117 | |
---|
118 | /* abac_context_load_id_file(ctxtB,"Jan_ID.pem"); */ |
---|
119 | abac_id_t *janid=abac_id_from_file("Jan_ID.pem"); |
---|
120 | abac_context_load_id(ctxtA, janid); |
---|
121 | |
---|
122 | abac_verifier_session_dump(); |
---|
123 | |
---|
124 | query(ctxtA, stateU, bob); |
---|
125 | query(ctxtB, stateU, bob); |
---|
126 | |
---|
127 | |
---|
128 | return 0; |
---|
129 | } |
---|