[373bf68] | 1 | #!/usr/bin/env python |
---|
| 2 | |
---|
| 3 | """ |
---|
| 4 | Run the queries described in README |
---|
| 5 | |
---|
[08b8da7] | 6 | cmd: env ABAC_CN=1 keystore=`pwd` ./query.py |
---|
[373bf68] | 7 | |
---|
| 8 | """ |
---|
| 9 | |
---|
| 10 | import os |
---|
[08b8da7] | 11 | import sys |
---|
[373bf68] | 12 | import ABAC |
---|
[08b8da7] | 13 | import time |
---|
| 14 | import datetime |
---|
[671c065] | 15 | import math |
---|
[08b8da7] | 16 | |
---|
| 17 | debug=0 |
---|
[373bf68] | 18 | |
---|
| 19 | ctxt = ABAC.Context() |
---|
[646e57e] | 20 | ctxt.set_no_partial_proof() |
---|
[373bf68] | 21 | |
---|
[08b8da7] | 22 | cred_count = 2 + 2 * #VAL# |
---|
| 23 | |
---|
| 24 | def get_msec(e_time) : |
---|
| 25 | msec_delta=0 |
---|
| 26 | if( int(e_time.seconds) !=0 ) : |
---|
| 27 | msec_delta= int(e_time.seconds) *1000 |
---|
| 28 | if( int(e_time.microseconds) !=0) : |
---|
| 29 | msec_delta = msec_delta + int(e_time.microseconds)/1000 |
---|
| 30 | return msec_delta |
---|
| 31 | |
---|
| 32 | def get_micro(e_time) : |
---|
| 33 | micro_delta=0 |
---|
| 34 | if( int(e_time.seconds) !=0 ) : |
---|
| 35 | micro_delta= int(e_time.seconds) *1000000 |
---|
| 36 | if( int(e_time.microseconds) !=0) : |
---|
| 37 | micro_delta = micro_delta + int(e_time.microseconds) |
---|
| 38 | return micro_delta |
---|
| 39 | |
---|
| 40 | def extract_delta(starttime, endtime) : |
---|
| 41 | """ given a start time, and a endtime, extract delta """ |
---|
| 42 | elapsed_time = (endtime - starttime) |
---|
| 43 | # Only handle in seconds/microseconds |
---|
| 44 | if ( int(elapsed_time.days) != 0 ) : |
---|
| 45 | sys.stderr,write("%s is longer than a day !!!" % msg) |
---|
| 46 | exit(1) |
---|
| 47 | return elapsed_time |
---|
| 48 | |
---|
| 49 | |
---|
[373bf68] | 50 | # Keystore is the directory containing the principal credentials. |
---|
| 51 | # Load existing principals and/or policy credentials |
---|
| 52 | if (os.environ.has_key("keystore")) : |
---|
| 53 | keystore=os.environ["keystore"] |
---|
[08b8da7] | 54 | starttime = datetime.datetime.now() |
---|
[373bf68] | 55 | ctxt.load_directory(keystore) |
---|
[08b8da7] | 56 | endtime = datetime.datetime.now() |
---|
| 57 | elapsed_load=extract_delta(starttime, endtime) |
---|
| 58 | elapsed_msec=get_msec(elapsed_load) |
---|
| 59 | sys.stderr.write("%d %d LOAD(msec)\n" % (cred_count,elapsed_msec)) |
---|
[373bf68] | 60 | else: |
---|
| 61 | print("keystore is not set...") |
---|
| 62 | exit(1) |
---|
| 63 | |
---|
| 64 | ########################################################################## |
---|
| 65 | # dump the loaded principals/policies |
---|
| 66 | # |
---|
| 67 | |
---|
| 68 | fd=os.open("creds_dump",os.O_WRONLY|os.O_CREAT) |
---|
| 69 | out = ctxt.context_principals() |
---|
| 70 | for x in out[1]: |
---|
| 71 | os.write(fd, x.string()) |
---|
| 72 | os.write(fd,"\n") |
---|
| 73 | out = ctxt.context_credentials() |
---|
| 74 | for c in out[1]: |
---|
| 75 | string="%s <- %s" % (c.head_string(), c.tail_string()) |
---|
| 76 | os.write(fd,string) |
---|
| 77 | os.write(fd,"\n") |
---|
| 78 | os.close(fd) |
---|
| 79 | |
---|
| 80 | ########################################################################## |
---|
| 81 | # Does JohnX likes John0 ? |
---|
[671c065] | 82 | # role = [keyid:JohnX].role:after |
---|
[373bf68] | 83 | # p [Keyid:john0] |
---|
[08b8da7] | 84 | def goodQuery() : |
---|
| 85 | aid="John%s_ID.pem"% #VAL# |
---|
| 86 | aID=ABAC.ID(aid) |
---|
| 87 | a=aID.id_keyid() |
---|
[373bf68] | 88 | |
---|
[08b8da7] | 89 | bID=ABAC.ID("John0_ID.pem") |
---|
| 90 | b=bID.id_keyid() |
---|
[373bf68] | 91 | |
---|
[08b8da7] | 92 | role = ABAC.Role(a,"likes") |
---|
| 93 | p = ABAC.Role(b) |
---|
[373bf68] | 94 | |
---|
[08b8da7] | 95 | print "\n===good============ johnN.likes <- john0 " |
---|
| 96 | starttime = datetime.datetime.now() |
---|
| 97 | out = ctxt.query(role, p) |
---|
| 98 | endtime = datetime.datetime.now() |
---|
[2b4e740] | 99 | if(debug): |
---|
| 100 | print "good query start-> %s\n" % starttime |
---|
| 101 | print "good query end -> %s\n" % endtime |
---|
[08b8da7] | 102 | for c in out[1]: |
---|
| 103 | print "%s <- %s" % (c.head_string(), c.tail_string()) |
---|
| 104 | return extract_delta(starttime, endtime) |
---|
| 105 | |
---|
| 106 | |
---|
| 107 | ########################################################################## |
---|
| 108 | # Does John0 likes JohnX ? |
---|
[671c065] | 109 | # role = [keyid:JohnX].role:after |
---|
[08b8da7] | 110 | # p [Keyid:john0] |
---|
| 111 | def badQuery() : |
---|
| 112 | bid="John%s_ID.pem"% #VAL# |
---|
| 113 | bID=ABAC.ID(bid) |
---|
| 114 | b=bID.id_keyid() |
---|
| 115 | |
---|
| 116 | aID=ABAC.ID("John0_ID.pem") |
---|
| 117 | a=aID.id_keyid() |
---|
| 118 | |
---|
| 119 | role = ABAC.Role(a,"likes") |
---|
| 120 | p = ABAC.Role(b) |
---|
| 121 | |
---|
| 122 | print "\n===bad============ john0.likes <- johnX " |
---|
| 123 | starttime = datetime.datetime.now() |
---|
| 124 | out = ctxt.query(role, p) |
---|
| 125 | endtime = datetime.datetime.now() |
---|
| 126 | for c in out[1]: |
---|
| 127 | print "%s <- %s" % (c.head_string(), c.tail_string()) |
---|
| 128 | return extract_delta(starttime, endtime) |
---|
| 129 | |
---|
| 130 | ############################################################## |
---|
| 131 | |
---|
| 132 | #skip the first one |
---|
| 133 | e_time=goodQuery() |
---|
| 134 | elapsed_micro=get_micro(e_time) |
---|
[bf68132] | 135 | sys.stderr.write("%d %d GOOD_f(micro)\n" % (cred_count,elapsed_micro)) |
---|
[08b8da7] | 136 | |
---|
[671c065] | 137 | tlist=[] |
---|
[bf68132] | 138 | k=100 |
---|
[08b8da7] | 139 | while(k): |
---|
| 140 | e_time=goodQuery() |
---|
[671c065] | 141 | elapsed_micro=get_micro(e_time) |
---|
[08b8da7] | 142 | k=k-1 |
---|
[671c065] | 143 | tlist.append(elapsed_micro) |
---|
[bf68132] | 144 | if(k==99): |
---|
| 145 | sys.stderr.write("%d %d GOOD_s(micro)\n" % (cred_count,elapsed_micro)) |
---|
[08b8da7] | 146 | |
---|
| 147 | if(debug): |
---|
| 148 | sys.stderr.write("%d %d GOOD_%d(micro)\n" % (cred_count,elapsed_micro,k)) |
---|
[671c065] | 149 | |
---|
| 150 | sum=0 |
---|
| 151 | for i in tlist: |
---|
| 152 | sum=sum+i |
---|
| 153 | ave=sum/100 |
---|
| 154 | dlist = [(x-ave) for x in tlist ] |
---|
| 155 | slist = [ (x-ave)*(x-ave) for x in tlist] |
---|
| 156 | sum=0 |
---|
| 157 | for i in slist: |
---|
| 158 | sum=sum+i |
---|
| 159 | sd=math.sqrt(sum/99) |
---|
| 160 | sys.stderr.write("%d %d %d GOOD_t(micro)\n" % (cred_count,ave,sd)) |
---|
[1e51e1b] | 161 | sys.stderr.write("%d 100 %s GOOD_list(micro)\n" % (cred_count,tlist)) |
---|
[08b8da7] | 162 | |
---|
| 163 | |
---|
| 164 | ############################################################### |
---|
| 165 | |
---|
| 166 | e_time=badQuery() |
---|
| 167 | elapsed_micro=get_micro(e_time) |
---|
[bf68132] | 168 | sys.stderr.write("%d %d BAD_f(micro)\n" % (cred_count,elapsed_micro)) |
---|
[08b8da7] | 169 | |
---|
[671c065] | 170 | tlist=[] |
---|
[bf68132] | 171 | k=100 |
---|
[08b8da7] | 172 | while(k): |
---|
| 173 | e_time=badQuery() |
---|
[671c065] | 174 | elapsed_micro=get_micro(e_time) |
---|
| 175 | tlist.append(elapsed_micro) |
---|
[08b8da7] | 176 | k=k-1 |
---|
[bf68132] | 177 | if(k==99): |
---|
| 178 | sys.stderr.write("%d %d BAD_s(micro)\n" % (cred_count,elapsed_micro)) |
---|
[08b8da7] | 179 | |
---|
| 180 | if(debug): |
---|
| 181 | sys.stderr.write("%d %d BAD_%d(micro)\n" % (cred_count,elapsed_micro,k)) |
---|
[373bf68] | 182 | |
---|
[671c065] | 183 | sum=0 |
---|
| 184 | for i in tlist: |
---|
| 185 | sum=sum+i |
---|
| 186 | ave=sum/100 |
---|
| 187 | dlist = [(x-ave) for x in tlist ] |
---|
| 188 | slist = [ (x-ave)*(x-ave) for x in tlist] |
---|
| 189 | sum=0 |
---|
| 190 | for i in slist: |
---|
| 191 | sum=sum+i |
---|
| 192 | sd=math.sqrt(sum/99) |
---|
| 193 | sys.stderr.write("%d %d %d BAD_t(micro)\n" % (cred_count,ave, sd)) |
---|
[1e51e1b] | 194 | sys.stderr.write("%d 100 %s BAD_list(micro)\n" % (cred_count,tlist)) |
---|