1 | #!/usr/bin/env python |
---|
2 | |
---|
3 | from sys import argv, exit |
---|
4 | from ABAC import Context |
---|
5 | from ABAC import ID, Attribute, Role |
---|
6 | |
---|
7 | ## initial context |
---|
8 | ctxt = Context() |
---|
9 | |
---|
10 | if len(argv) != 4: |
---|
11 | print "Usage: abac_attr.py <cert.pem> <key.pem> <attr.der>" |
---|
12 | exit(1) |
---|
13 | |
---|
14 | # load the ID and its key |
---|
15 | id = None |
---|
16 | try: |
---|
17 | id = ID(argv[1]) |
---|
18 | id.id_load_privkey_file(argv[2]) |
---|
19 | except Exception, e: |
---|
20 | print "Problem loading cert: %s" % e |
---|
21 | exit(1) |
---|
22 | |
---|
23 | # load the id into the context |
---|
24 | ctxt.load_id_chunks(id.id_cert_chunk(), id.id_privkey_chunk()) |
---|
25 | # another way to load the id into the context |
---|
26 | # ctxt.load_id(id) |
---|
27 | |
---|
28 | # create an attribute cert |
---|
29 | head= Role(id.id_keyid(),"delicious") |
---|
30 | tail= Role(id.id_keyid()) |
---|
31 | |
---|
32 | attr = Attribute(head, 1800) |
---|
33 | print "making it..." |
---|
34 | attr.attribute_add_tail(tail) |
---|
35 | attr.attribute_bake() |
---|
36 | |
---|
37 | # load attribute cert into the context |
---|
38 | ctxt.load_attribute_chunk(attr.cert_chunk()) |
---|
39 | |
---|
40 | # another way to load the attribute cert into the context, |
---|
41 | # ctxt.load_attribute(attr) |
---|
42 | |
---|
43 | # yet another way to load the attribute cert into the context, |
---|
44 | attr.attribute_write_cert(argv[3]) |
---|
45 | # ctxt.load_attribute_file(argv[3]) |
---|
46 | |
---|
47 | # what is in prolog db |
---|
48 | # ctxt.dump_yap_db() |
---|
49 | |
---|
50 | # run a proof |
---|
51 | role = Role(id.id_keyid(),"delicious") |
---|
52 | p=Role(id.id_keyid()) |
---|
53 | |
---|
54 | out = ctxt.query(role, p) |
---|
55 | for c in out[1]: |
---|
56 | print "%s <- %s" % (c.head_string(), c.tail_string()) |
---|
57 | |
---|