source: examples/python_tests/fruits_rt2/attr.py @ 20eaefe

mei_rt2mei_rt2_fix_1
Last change on this file since 20eaefe was 646e57e, checked in by Mei <mei@…>, 12 years ago

1) add partial proof

  • Property mode set to 100755
File size: 5.3 KB
Line 
1#!/usr/bin/env python
2
3"""
4See README in this directory for the semantics of the example.  This file
5constructs the credentials described and puts copies into this directory
6
7cmd1:env keystore=`pwd` ./attr.py
8"""
9
10import os
11import ABAC
12
13ctxt = ABAC.Context()
14print "ABAC version %s" % ctxt.version()
15
16# Keystore is the directory containing the principal credentials.
17# Load existing principals and/or policy credentials
18if (os.environ.has_key("keystore")) :
19    keystore=os.environ["keystore"]
20    ctxt.load_directory(keystore)
21else:
22    print("keystore is not set...")
23    exit(1)
24
25
26out = ctxt.context_principals()
27print "...initial principal set..."
28for x in out[1]:
29    print "%s " % x.string()
30print "\n" 
31
32out = ctxt.context_credentials()
33print "...initial policy attribute set..."
34for c in out[1]:
35    print "%s <- %s" % (c.head_string(), c.tail_string())
36print "\n"
37
38# retrieve principals' keyid value from local credential files
39ralphsID=ABAC.ID("Ralphs_ID.pem");
40ralphsID.id_load_privkey_file("Ralphs_private.pem");
41ralphs=ralphsID.id_keyid()
42
43bobID=ABAC.ID("Bob_ID.pem");
44bobID.id_load_privkey_file("Bob_private.pem");
45bob=bobID.id_keyid()
46
47maryID=ABAC.ID("Mary_ID.pem");
48maryID.id_load_privkey_file("Mary_private.pem");
49mary=maryID.id_keyid()
50
51################################################
52# Credential 1, what kind of fruit Mary would eat. Anything not costing more
53#               than 2 dollars
54# [keyid:mary].oset:what2eat
55#      <- [keyid:ralphs].oset:fruitprice([float:?P:[..2.00]])
56head = ABAC.Oset(mary,"what2eat")
57
58# initialize a float range constraint
59cond=ABAC.Constraint("float")
60
61# add the upper max to the range, and only the max
62cond.constraint_add_float_max(2.00)
63
64# create the data term with the constraint
65param=ABAC.DataTerm("float", "P", cond)
66tail = ABAC.Oset(ralphs,"fruitprice")
67tail.oset_add_data_term(param)
68
69# compose the attribute policy
70attr=ABAC.Attribute(head, 1800)
71attr.attribute_add_tail(tail)
72
73#finalize the policy
74attr.attribute_bake()
75
76#write out the policy to a credential file
77attr.attribute_write_cert("mary_what2eat__ralphs_fruitprice_qP_attr.der")
78
79# load the rule back into context via credential file
80ctxt.load_attribute_file("mary_what2eat__ralphs_fruitprice_qP_attr.der")
81print attr.string() 
82print attr.typed_string()
83print "\n"
84
85################################################
86# Credential 2,
87# [keyid:bob].oset:what2eat
88#      <- [keyid:ralphs].oset:fruitprice([float:?P:[1.00..5.00]])
89head = ABAC.Oset(bob,"what2eat")
90
91# initialze a float range constraint
92cond=ABAC.Constraint("float")
93
94# add the min and max value to the range
95cond.constraint_add_float_min(1.00)
96cond.constraint_add_float_max(5.00)
97param=ABAC.DataTerm("float", "P", cond)
98tail = ABAC.Oset(ralphs,"fruitprice")
99tail.oset_add_data_term(param)
100
101#create attribute policy
102attr=ABAC.Attribute(head, 1800)
103attr.attribute_add_tail(tail)
104
105#finalize the policy
106attr.attribute_bake()
107attr.attribute_write_cert("bob_what2eat__ralphs_fruitprice_qP_attr.der")
108ctxt.load_attribute_file("bob_what2eat__ralphs_fruitprice_qP_attr.der")
109print attr.string() 
110print attr.typed_string()
111print "\n"
112
113#################################################
114# Credential 3
115# [keyid:ralphs].oset:fruitprice([float:1.50]) <- [string:'apple']
116param=ABAC.DataTerm("float", "1.50")
117head = ABAC.Oset(ralphs,"fruitprice")
118head.oset_add_data_term(param)
119param=ABAC.DataTerm("string", "'apple'")
120tail = ABAC.Oset(param)
121attr=ABAC.Attribute(head, 1800)
122attr.attribute_add_tail(tail)
123attr.attribute_bake()
124attr.attribute_write_cert("Ralphs_fruitprice__apple_attr.der")
125ctxt.load_attribute_file("Ralphs_fruitprice__apple_attr.der")
126print attr.string() 
127print attr.typed_string()
128print "\n"
129
130#################################################
131# Credential 4
132# [keyid:ralphs].oset:fruitprice([float:1.50]) <- [string:'kiwi']
133param=ABAC.DataTerm("float", "1.50")
134head = ABAC.Oset(ralphs,"fruitprice")
135head.oset_add_data_term(param)
136param=ABAC.DataTerm("string", "'kiwi'")
137tail = ABAC.Oset(param)
138attr=ABAC.Attribute(head, 1800)
139attr.attribute_add_tail(tail)
140attr.attribute_bake()
141attr.attribute_write_cert("Ralphs_fruitprice__kiwi_attr.der")
142ctxt.load_attribute_file("Ralphs_fruitprice__kiwi_attr.der")
143print attr.string() 
144print attr.typed_string()
145print "\n"
146
147#################################################
148# Credential 5
149# [keyid:ralphs].oset:fruitprice([float:2.50]) <- [string:'black berry']
150param=ABAC.DataTerm("float", "2.50")
151head = ABAC.Oset(ralphs,"fruitprice")
152head.oset_add_data_term(param)
153param=ABAC.DataTerm("string", "'black berry'")
154tail = ABAC.Oset(param)
155attr=ABAC.Attribute(head, 1800)
156attr.attribute_add_tail(tail)
157attr.attribute_bake()
158attr.attribute_write_cert("Ralphs_fruitprice__blackberry_attr.der")
159ctxt.load_attribute_file("Ralphs_fruitprice__blackberry_attr.der")
160print attr.string() 
161print attr.typed_string()
162print "\n"
163
164#################################################
165# Credential 6
166# [keyid:ralphs].oset:fruitprice([float:0.50]) <- [string:'navel orange']
167param=ABAC.DataTerm("float", "0.50")
168head = ABAC.Oset(ralphs,"fruitprice")
169head.oset_add_data_term(param)
170param=ABAC.DataTerm("string", "'navel orange'")
171tail = ABAC.Oset(param)
172attr=ABAC.Attribute(head, 1800)
173attr.attribute_add_tail(tail)
174attr.attribute_bake()
175attr.attribute_write_cert("Ralphs_fruitprice__navelorange_attr.der")
176ctxt.load_attribute_file("Ralphs_fruitprice__navelorange_attr.der")
177print attr.string() 
178print attr.typed_string()
179print "\n"
180
Note: See TracBrowser for help on using the repository browser.