Context Navigation

source: examples/python_tests/alumni_rt1/attr.py @ 7751094

mei_rt2

Last change on this file since 7751094 was 646e57e, checked in by Mei <mei@…>, 12 years ago
1) add partial proof
Property mode set to `100755`
File size: 4.6 KB

Rev	Line
[669b481]	1	#!/usr/bin/env python
	2
	3	"""
[f824a9e]	4	See README in this directory for the semantics of the example. This file
	5	constructs the credentials described and puts copies into this directory
[669b481]	6
	7	cmd1:env keystore=`pwd` ./attr.py
	8	"""
	9
	10	import os
	11	import ABAC
	12
	13	ctxt = ABAC.Context()
	14	print "ABAC version %s" % ctxt.version()
	15
[f824a9e]	16	# Keystore is the directory containing the principal credentials.
	17	# Load existing principals and/or policy credentials
	18	if (os.environ.has_key("keystore")) :
	19	keystore=os.environ["keystore"]
	20	ctxt.load_directory(keystore)
[646e57e]	21	else:
	22	print("keystore is not set...")
	23	exit(1)
[669b481]	24
	25	out = ctxt.context_principals()
	26	print "...initial principal set..."
	27	for x in out[1]:
	28	print "%s " % x.string()
	29	print "\n"
	30
	31	out = ctxt.context_credentials()
	32	print "...initial policy attribute set..."
	33	for c in out[1]:
	34	print "%s <- %s" % (c.head_string(), c.tail_string())
	35	print "\n"
	36
[f824a9e]	37	# retrieve principals' keyid value from local credential files
[669b481]	38	stateUID=ABAC.ID("StateU_ID.pem")
	39	stateUID.id_load_privkey_file("StateU_private.pem")
	40	stateU=stateUID.id_keyid()
	41
	42	bobID=ABAC.ID("Bob_ID.pem")
	43	bobID.id_load_privkey_file("Bob_private.pem")
	44	bob=bobID.id_keyid()
	45
	46	joeID=ABAC.ID("Joe_ID.pem")
	47	joeID.id_load_privkey_file("Joe_private.pem")
	48	joe=joeID.id_keyid()
	49
	50	maryannID=ABAC.ID("Maryann_ID.pem")
	51	maryannID.id_load_privkey_file("Maryann_private.pem")
	52	maryann=maryannID.id_keyid()
	53
	54
	55	################################################
[f824a9e]	56	# Credential 1, the year is constrainted by a range constraint with min and max
	57	# values
[669b481]	58	# [keyid:stateU].role:foundingAlumni
[f824a9e]	59	# <- [keyid:stateU].role:diploma([?], [integer:?Year:[1955 .. 1958]])
[669b481]	60	head = ABAC.Role(stateU,"foundingAlumni")
[f824a9e]	61
	62	# create an anonymous parameter that will take any type of major
[669b481]	63	param1=ABAC.DataTerm("anonymous", "_")
[f824a9e]	64
	65	# initialize a constraint with integer type
[669b481]	66	cond=ABAC.Constraint("integer")
[f824a9e]	67
	68	# set the bounding min and max value for this constraint
[669b481]	69	cond.constraint_add_integer_min(1955)
	70	cond.constraint_add_integer_max(1958)
[f824a9e]	71
	72	# make the parameter with this integer constraint
[669b481]	73	param2=ABAC.DataTerm("integer", "Year", cond)
	74	tail = ABAC.Role(stateU,"diploma")
	75	tail.role_add_data_term(param1)
	76	tail.role_add_data_term(param2)
	77	attr=ABAC.Attribute(head, 1800)
[f824a9e]	78
	79	# build up the policy
[669b481]	80	attr.attribute_add_tail(tail)
[f824a9e]	81
	82	# finalize the policy
[669b481]	83	attr.attribute_bake()
[f824a9e]	84
	85	# write the policy out into the file system
[669b481]	86	attr.attribute_write_cert("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
[f824a9e]	87
	88	# load this policy into the context using this external credential file
[669b481]	89	ctxt.load_attribute_file("StateU_foundingAlumni__stateU_diploma_q_qY_attr.der")
	90	print attr.string()
	91	print attr.typed_string()
	92	print "\n"
	93
	94	#################################################
[f824a9e]	95	# Credential 2
	96	# [keyid:stateU].role:diploma([string:'mathmatics'],[integer:1960])
	97	# <- [keyid:bob]
[669b481]	98	param1=ABAC.DataTerm("string", "'mathmatics'")
	99	param2=ABAC.DataTerm("integer", "1960")
	100	head = ABAC.Role(stateU,"diploma")
	101	head.role_add_data_term(param1)
	102	head.role_add_data_term(param2)
	103	tail = ABAC.Role(bob)
	104	attr=ABAC.Attribute(head, 1800)
	105	attr.attribute_add_tail(tail)
	106	attr.attribute_bake()
	107	attr.attribute_write_cert("StateU_diploma_m__Bob_attr.der")
	108	ctxt.load_attribute_file("StateU_diploma_m__Bob_attr.der")
	109	print attr.string()
	110	print attr.typed_string()
	111	print "\n"
	112
	113	#################################################
[f824a9e]	114	# Credential 3
	115	# [keyid:stateU].role:diploma([string:'zoology'],[integer:1955])
	116	# <- [keyid:joe]
[669b481]	117	param1=ABAC.DataTerm("string", "'zoology'")
	118	param2=ABAC.DataTerm("integer", "1955")
	119	head = ABAC.Role(stateU,"diploma")
	120	head.role_add_data_term(param1)
	121	head.role_add_data_term(param2)
	122	tail = ABAC.Role(joe)
	123	attr=ABAC.Attribute(head, 1800)
	124	attr.attribute_add_tail(tail)
	125	attr.attribute_bake()
	126	attr.attribute_write_cert("StateU_diploma_z__Joe_attr.der")
	127	ctxt.load_attribute_file("StateU_diploma_z__Joe_attr.der")
	128	print attr.string()
	129	print attr.typed_string()
	130	print "\n"
	131
	132	#################################################
[f824a9e]	133	# Credential 4
	134	# [keyid:stateU].role:diploma([string:'psychology'],[integer:1956])
	135	# <- [keyid:maryann]
[669b481]	136	param1=ABAC.DataTerm("string", "'psychology'")
	137	param2=ABAC.DataTerm("integer", "1956")
	138	head = ABAC.Role(stateU,"diploma")
	139	head.role_add_data_term(param1)
	140	head.role_add_data_term(param2)
	141	tail = ABAC.Role(maryann)
	142	attr=ABAC.Attribute(head, 1800)
	143	attr.attribute_add_tail(tail)
	144	attr.attribute_bake()
	145	attr.attribute_write_cert("StateU_diploma_p__Maryann_attr.der")
	146	ctxt.load_attribute_file("StateU_diploma_p__Maryann_attr.der")
	147	print attr.string()
	148	print attr.typed_string()
	149	print "\n"
	150

Note: See TracBrowser for help on using the repository browser.

Download in other formats: