#!/bin/sh

#attribute_rule.sh

pwd=`pwd`
eloc=`which creddy | sed 's/\/creddy//'`
if [ "$eloc" = "" ]; then
  echo "ERROR: creddy is not in the search path!!!"
  exit 1
fi

$eloc/creddy --generate --cn Bigbird 1>/dev/null 2>& 1
$eloc/creddy --generate --cn Coyote 1>/dev/null 2>& 1

bigbird=`creddy --keyid --cert Bigbird_ID.pem`
coyote=`creddy --keyid --cert Coyote_ID.pem`

rule="$coyote.sneaky_friend<-$bigbird"

$eloc/creddy --attribute \
       --issuer Coyote_ID.pem --key Coyote_private.pem \
       --attrrule "$rule" \
       --out Coyote_sneakyFriend__Bigbird_attr.xml

$eloc/creddy --roles --cert Coyote_sneakyFriend__Bigbird_attr.xml