source: examples/python_tests/alumni3_rt1/attr.py @ f2d67a5

mei_rt2mei_rt2_fix_1
Last change on this file since f2d67a5 was 646e57e, checked in by Mei <mei@…>, 12 years ago

1) add partial proof
  • Property mode set to 100755
File size: 6.2 KB
Line 
1#!/usr/bin/env python
2
3"""
4See README in this directory for the semantics of the example.  This file
5constructs the credentials described and puts copies into this directory
6
7cmd1:env keystore=`pwd` ./attr.py
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14print "ABAC version %s" % ctxt.version()
15
16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
21else:
22    print("keystore is not set...")
23    exit(1)
24
25out = ctxt.context_principals()
26print "...initial principal set..."
27for x in out[1]:
28    print "%s " % x.string()
29print "\n" 
30
31out = ctxt.context_credentials()
32print "...initial policy attribute set..."
33for c in out[1]:
34    print "%s <- %s" % (c.head_string(), c.tail_string())
35print "\n"
36
37# retrieve principals' keyid value from local credential files
38stateUID=ABAC.ID("StateU_ID.pem")
39stateUID.id_load_privkey_file("StateU_private.pem")
40stateU=stateUID.id_keyid()
41
42bobID=ABAC.ID("Bob_ID.pem")
43bobID.id_load_privkey_file("Bob_private.pem")
44bob=bobID.id_keyid()
45
46markID=ABAC.ID("Mark_ID.pem")
47markID.id_load_privkey_file("Mark_private.pem")
48mark=markID.id_keyid()
49
50joeID=ABAC.ID("Joe_ID.pem")
51joeID.id_load_privkey_file("Joe_private.pem")
52joe=joeID.id_keyid()
53
54maryannID=ABAC.ID("Maryann_ID.pem")
55maryannID.id_load_privkey_file("Maryann_private.pem")
56maryann=maryannID.id_keyid()
57
58janID=ABAC.ID("Jan_ID.pem")
59janID.id_load_privkey_file("Jan_private.pem")
60jan=janID.id_keyid()
61
62
63################################################
64# Credential 1, this policy has two range constraints on different parameters
65# [keyid:stateU].role:foundingAlumni
66#              <- [keyid:stateU].role:diploma([string:?D:['mathmatics','psychology']],
67#                                             [integer:?Year:[1960,1961,1963]])
68head = ABAC.Role(stateU,"foundingAlumni")
69
70# initialize a string range constraint
71cond=ABAC.Constraint("string")
72
73# add specific string values to the constraint
74cond.constraint_add_string_target("'mathmatics'")
75cond.constraint_add_string_target("'psychology'")
76
77# create the parameter with the string range constraint
78param1=ABAC.DataTerm("string", "D", cond)
79
80# initialize another constratnt that is of integer type
81cond=ABAC.Constraint("integer")
82
83# add specific integer values to the constraint
84cond.constraint_add_integer_target(1960)
85cond.constraint_add_integer_target(1961)
86cond.constraint_add_integer_target(1963)
87
88# create the parameter with the integer range constraint
89param2=ABAC.DataTerm("integer", "Year", cond)
90tail = ABAC.Role(stateU,"diploma")
91
92# add the parameter with conditions to a role
93tail.role_add_data_term(param1)
94tail.role_add_data_term(param2)
95
96# build up the policy rule
97attr=ABAC.Attribute(head, 1800)
98attr.attribute_add_tail(tail)
99
100# finalize the policy rule
101attr.attribute_bake()
102
103# save it to a credential file
104attr.attribute_write_cert("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
105ctxt.load_attribute_file("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
106print attr.string() 
107print attr.typed_string()
108print "\n"
109
110#################################################
111# Credential 2
112# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1961]) <- [keyid:bob]
113param1=ABAC.DataTerm("string", "'mathmatics'")
114param2=ABAC.DataTerm("integer", "1961")
115head = ABAC.Role(stateU,"diploma")
116head.role_add_data_term(param1)
117head.role_add_data_term(param2)
118tail = ABAC.Role(bob)
119attr=ABAC.Attribute(head, 1800)
120attr.attribute_add_tail(tail)
121attr.attribute_bake()
122attr.attribute_write_cert("StateU_diploma_m__Bob_attr.der")
123ctxt.load_attribute_file("StateU_diploma_m__Bob_attr.der")
124print attr.string() 
125print attr.typed_string()
126print "\n"
127
128#################################################
129# Credential 3
130# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1965]) <- [keyid:mark]
131param1=ABAC.DataTerm("string", "'mathmatics'")
132param2=ABAC.DataTerm("integer", "1965")
133head = ABAC.Role(stateU,"diploma")
134head.role_add_data_term(param1)
135head.role_add_data_term(param2)
136tail = ABAC.Role(mark)
137attr=ABAC.Attribute(head, 1800)
138attr.attribute_add_tail(tail)
139attr.attribute_bake()
140attr.attribute_write_cert("StateU_diploma_m__Mark_attr.der")
141ctxt.load_attribute_file("StateU_diploma_m__Mark_attr.der")
142print attr.string() 
143print attr.typed_string()
144print "\n"
145
146#################################################
147# Credential 4
148# [keyid:stateU].role:diploma([string:'zoology'],[integer:1961]) <- [keyid:joe]
149param1=ABAC.DataTerm("string", "'zoology'")
150param2=ABAC.DataTerm("integer", "1961")
151head = ABAC.Role(stateU,"diploma")
152head.role_add_data_term(param1)
153head.role_add_data_term(param2)
154tail = ABAC.Role(joe)
155attr=ABAC.Attribute(head, 1800)
156attr.attribute_add_tail(tail)
157attr.attribute_bake()
158attr.attribute_write_cert("StateU_diploma_z__Joe_attr.der")
159ctxt.load_attribute_file("StateU_diploma_z__Joe_attr.der")
160print attr.string() 
161print attr.typed_string()
162print "\n"
163
164#################################################
165# Credential 5
166# [keyid:stateU].role:diploma([string:'psychology'],[integer:1962])
167#                             <- [keyid:maryann]
168param1=ABAC.DataTerm("string", "'psychology'")
169param2=ABAC.DataTerm("integer", "1962")
170head = ABAC.Role(stateU,"diploma")
171head.role_add_data_term(param1)
172head.role_add_data_term(param2)
173tail = ABAC.Role(maryann)
174attr=ABAC.Attribute(head, 1800)
175attr.attribute_add_tail(tail)
176attr.attribute_bake()
177attr.attribute_write_cert("StateU_diploma_p__Maryann_attr.der")
178ctxt.load_attribute_file("StateU_diploma_p__Maryann_attr.der")
179print attr.string() 
180print attr.typed_string()
181print "\n"
182
183
184#################################################
185# Credential 6
186# [keyid:stateU].role:diploma([string:'psychology'],[integer:1960])
187#                              <- [keyid:jan]
188param1=ABAC.DataTerm("string", "'psychology'")
189param2=ABAC.DataTerm("integer", "1960")
190head = ABAC.Role(stateU,"diploma")
191head.role_add_data_term(param1)
192head.role_add_data_term(param2)
193tail = ABAC.Role(jan)
194attr=ABAC.Attribute(head, 1800)
195attr.attribute_add_tail(tail)
196attr.attribute_bake()
197attr.attribute_write_cert("StateU_diploma_p__Jan_attr.der")
198ctxt.load_attribute_file("StateU_diploma_p__Maryann_attr.der")
199print attr.string() 
200print attr.typed_string()
201print "\n"
202
Note: See TracBrowser for help on using the repository browser.