source: examples/python_tests/experiment_multi_rt0/attr.py @ dfe6b61

mei_rt2mei_rt2_fix_1
Last change on this file since dfe6b61 was abf8d5d, checked in by Mei <mei@…>, 12 years ago

1) add backtrack/multiple solutions proof code changes and new

examples.
  • Property mode set to 100755
File size: 5.1 KB
Line 
1#!/usr/bin/env python
2
3"""
4See README in this directory for the semantics of the example.  This file
5constructs the credentials described and puts copies into this directory
6
7cmd1:env keystore=`pwd` ./attr.py
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14print "ABAC version %s" % ctxt.version()
15
16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
21
22out = ctxt.context_principals()
23print "...initial principal set..."
24for x in out[1]:
25    print "%s " % x.string()
26print "\n" 
27
28out = ctxt.context_credentials()
29print "...initial policy attribute set..."
30for c in out[1]:
31    print "%s <- %s" % (c.head_string(), c.tail_string())
32print "\n"
33
34# retrieve principals' keyid value from local credential files
35acmeID=ABAC.ID("Acme_ID.pem");
36acmeID.id_load_privkey_file("Acme_private.pem");
37acme=acmeID.id_keyid()
38
39bobID=ABAC.ID("Bob_ID.pem");
40bobID.id_load_privkey_file("Bob_private.pem");
41bob=bobID.id_keyid()
42
43aliceID=ABAC.ID("Alice_ID.pem");
44aliceID.id_load_privkey_file("Alice_private.pem");
45alice=aliceID.id_keyid()
46
47daveID=ABAC.ID("Dave_ID.pem");
48daveID.id_load_privkey_file("Dave_private.pem");
49dave=daveID.id_keyid()
50
51globotronID=ABAC.ID("Globotron_ID.pem");
52globotronID.id_load_privkey_file("Globotron_private.pem");
53globotron=globotronID.id_keyid()
54
55################################################
56# Credential 1, Anyone who is allowed to create experiment by Acme's
57#               partners can create experiment at Acme
58# [keyid:Acme].role:experiment_create
59#           <- [keyid:Acme].role:partner.role:experiment_create
60head=ABAC.Role(acme,"experiment_create")
61
62# creating a linking role
63tail = ABAC.Role(acme,"partner","experiment_create")
64
65# compose the policy attribute
66attr=ABAC.Attribute(head, 1800)
67attr.attribute_add_tail(tail)
68
69# finalize the policy
70attr.attribute_bake()
71
72# write out the policy to an external file
73attr.attribute_write_cert("Acme_experiment_create__Acme_partner_experiment_create_attr.der")
74
75# load the policy into the context by accessing that external file
76ctxt.load_attribute_file("Acme_experiment_create__Acme_partner_experiment_create_attr.der")
77print attr.string() 
78print attr.typed_string()
79print "\n"
80
81#################################################
82# Credential 2
83# [keyid:Acme].role:partner <- [keyid:Globotron]
84#
85head=ABAC.Role(acme,"partner")
86tail = ABAC.Role(globotron)
87attr=ABAC.Attribute(head, 1800)
88attr.attribute_add_tail(tail)
89attr.attribute_bake()
90attr.attribute_write_cert("Acme_partner__Globotron_attr.der")
91ctxt.load_attribute_file("Acme_partner__Globotron_attr.der")
92print attr.string() 
93print attr.typed_string()
94print "\n"
95
96#################################################
97# Credential 3
98# [keyid:Globotron].role:expriment_create
99#           <- [keyid:Globotron].role:admin.role:power_user
100head = ABAC.Role(acme,"experiment_create")
101
102# a linking role
103tail = ABAC.Role(globotron,"admin","power_user")
104attr=ABAC.Attribute(head, 1800)
105attr.attribute_add_tail(tail)
106attr.attribute_bake()
107attr.attribute_write_cert("Globotron_experiment_create__Globotron_admin_power_user_attr.der")
108ctxt.load_attribute_file("Globotron_experiment_create__Globotron_admin_power_user_attr.der")
109print attr.string() 
110print attr.typed_string()
111print "\n"
112
113#################################################
114# Credential 4, named term at the right
115# [keyid:Globotron].role:admin <- [keyid:Alice]
116head = ABAC.Role(globotron,"admin")
117
118# the named role is using keyid of alice
119tail = ABAC.Role(alice)
120attr=ABAC.Attribute(head, 1800)
121attr.attribute_add_tail(tail)
122attr.attribute_bake()
123attr.attribute_write_cert("Globotron_admin__Alice_attr.der")
124ctxt.load_attribute_file("Globotron_admin__Alice_attr.der")
125print attr.string() 
126print attr.typed_string()
127print "\n"
128
129#################################################
130# Credential 5,
131# [keyid:Alice].role:power_user <- [keyid:Bob]
132head = ABAC.Role(alice,"power_user")
133tail = ABAC.Role(bob)
134attr=ABAC.Attribute(head, 1800)
135attr.attribute_add_tail(tail)
136attr.attribute_bake()
137attr.attribute_write_cert("Alice_power_user__Bob_attr.der")
138ctxt.load_attribute_file("Alice_power_user__Bob_attr.der")
139print attr.string() 
140print attr.typed_string()
141print "\n"
142
143
144#################################################
145# Credential 6, named term at the right
146# [keyid:Globotron].role:admin <- [keyid:Dave]
147head = ABAC.Role(globotron,"admin")
148
149# the named role is using keyid of alice
150tail = ABAC.Role(dave)
151attr=ABAC.Attribute(head, 1800)
152attr.attribute_add_tail(tail)
153attr.attribute_bake()
154attr.attribute_write_cert("Globotron_admin__Dave_attr.der")
155ctxt.load_attribute_file("Globotron_admin__Dave_attr.der")
156print attr.string() 
157print attr.typed_string()
158print "\n"
159
160#################################################
161# Credential 7,
162# [keyid:Dave].role:power_user <- [keyid:Bob]
163head = ABAC.Role(dave,"power_user")
164tail = ABAC.Role(bob)
165attr=ABAC.Attribute(head, 1800)
166attr.attribute_add_tail(tail)
167attr.attribute_bake()
168attr.attribute_write_cert("Dave_power_user__Bob_attr.der")
169ctxt.load_attribute_file("Dave_power_user__Bob_attr.der")
170print attr.string() 
171print attr.typed_string()
172print "\n"
173
Note: See TracBrowser for help on using the repository browser.