source: examples/python_tests/evaluator_rt1/attr.py @ 20eaefe

mei_rt2mei_rt2_fix_1
Last change on this file since 20eaefe was 646e57e, checked in by Mei <mei@…>, 12 years ago

1) add partial proof
  • Property mode set to 100755
File size: 4.5 KB
RevLine 
[5f551d3]1#!/usr/bin/env python
2
3"""
[f824a9e]4See README in this directory for the semantics of the example.  This file
5constructs the credentials described and puts copies into this directory
[5f551d3]6
7cmd1:env keystore=`pwd` ./attr.py
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14print "ABAC version %s" % ctxt.version()
15
[f824a9e]16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
[646e57e]21else:
22    print("keystore is not set...")
23    exit(1)
24
[5f551d3]25
26out = ctxt.context_principals()
27print "...initial principal set..."
28for x in out[1]:
29    print "%s " % x.string()
30print "\n" 
31
32out = ctxt.context_credentials()
33print "...initial policy attribute set..."
34for c in out[1]:
35    print "%s <- %s" % (c.head_string(), c.tail_string())
36print "\n"
37
[f824a9e]38# retrieve principals' keyid value from local credential files
[5f551d3]39isiID=ABAC.ID("ISI_ID.pem")
40isiID.id_load_privkey_file("ISI_private.pem");
41isi=isiID.id_keyid()
42
43uscID=ABAC.ID("USC_ID.pem")
44uscID.id_load_privkey_file("USC_private.pem");
45usc=uscID.id_keyid()
46
47maryannID=ABAC.ID("Maryann_ID.pem")
48maryannID.id_load_privkey_file("Maryann_private.pem");
49maryann=maryannID.id_keyid()
50
51johnID=ABAC.ID("John_ID.pem")
52johnID.id_load_privkey_file("John_private.pem");
53john=johnID.id_keyid()
54
55################################################
56#[keyid:USC].role:evaluatorOf([principal:?K])
57#           <-[keyid:USC].role:managerOf([principal:?K])
58param=ABAC.DataTerm("principal", "K")
59head = ABAC.Role(usc,"evaluatorOf")
60head.role_add_data_term(param)
61param=ABAC.DataTerm("principal","K")
62tail = ABAC.Role(usc,"managerOf")
63tail.role_add_data_term(param)
64attr=ABAC.Attribute(head, 1800)
65attr.attribute_add_tail(tail)
66attr.attribute_bake()
67attr.attribute_write_cert("USC_evaluatorof_qK__USC_managerof_qK_attr.der")
68ctxt.load_attribute_file("USC_evaluatorof_qK__USC_managerof_qK_attr.der")
69print attr.string() 
70print attr.typed_string()
71print "\n"
72
73#################################################
[f824a9e]74# Credential 1, double uninstantiated parameters
[5f551d3]75# [keyid:USC].role:managerOf([principal:?K])
76#            <-[keyid:ISI].role:managerOf([principal:?K])
77#
78param=ABAC.DataTerm("principal", "K")
79head = ABAC.Role(usc,"managerOf")
80head.role_add_data_term(param)
[f824a9e]81
82# create variable princpal parameter
[5f551d3]83param=ABAC.DataTerm("principal", "K")
84tail = ABAC.Role(isi,"managerOf")
85tail.role_add_data_term(param)
86attr=ABAC.Attribute(head, 1800)
[f824a9e]87
88# compose the attribute for the policy
[5f551d3]89attr.attribute_add_tail(tail)
[f824a9e]90
91# finalize the policy
[5f551d3]92attr.attribute_bake()
[f824a9e]93
94# write the policy to a file
[5f551d3]95attr.attribute_write_cert("USC_managerof_qK__USC_employee_attr.der")
96ctxt.load_attribute_file("USC_managerof_qK__USC_employee_attr.der")
97print attr.string() 
98print attr.typed_string()
99print "\n"
100
101#################################################
[f824a9e]102# Credential 2
[5f551d3]103# [keyid:ISI].role:managerOf([keyid:Maryann])
104#                        <- [keyid:John]
105param=ABAC.DataTerm(maryannID)
106head = ABAC.Role(isi,"managerOf")
107head.role_add_data_term(param)
108tail = ABAC.Role(john)
109attr=ABAC.Attribute(head, 1800)
110attr.attribute_add_tail(tail)
111attr.attribute_bake()
112attr.attribute_write_cert("ISI_manageof_Maryann__John_attr.der")
113ctxt.load_attribute_file("ISI_manageof_Maryann__John_attr.der")
114print attr.string() 
115print attr.typed_string()
116print "\n"
117
118################################################
[f824a9e]119# Credential 3
[5f551d3]120# [keyid:USC].role:employee <- [keyid:ISI].role:employee
121head=ABAC.Role(usc,"employee")
122tail = ABAC.Role(isi,"employee")
123attr=ABAC.Attribute(head, 1800)
124attr.attribute_add_tail(tail)
125attr.attribute_bake()
126attr.attribute_write_cert("USC_employee__ISI_employee_attr.der")
127ctxt.load_attribute(attr)
[f824a9e]128print attr.string() 
129print attr.typed_string()
130print "\n"
[5f551d3]131
132
133#################################################
[f824a9e]134# Credential 4
[5f551d3]135# [keyid:ISI].role:employee  <- [keyid:Maryann]
136head = ABAC.Role(isi,"employee")
137tail= ABAC.Role(maryann)
138attr=ABAC.Attribute(head, 1800)
139attr.attribute_add_tail(tail)
140attr.attribute_bake()
141attr.attribute_write_cert("ISI_employee__Maryann_attr.der")
142ctxt.load_attribute(attr)
143print attr.string() 
144print attr.typed_string()
145print "\n"
146
147#################################################
[f824a9e]148# Credential 4
[5f551d3]149# [keyid:ISI].role:employee  <- [keyid:John]
150head = ABAC.Role(isi,"employee")
151tail= ABAC.Role(john)
152attr=ABAC.Attribute(head, 1800)
153attr.attribute_add_tail(tail)
154attr.attribute_bake()
155attr.attribute_write_cert("ISI_employee__John_attr.der")
156ctxt.load_attribute(attr)
157print attr.string() 
158print attr.typed_string()
159print "\n"
160
Note: See TracBrowser for help on using the repository browser.