[a02c849] | 1 | #!/usr/bin/env python |
---|
| 2 | """ |
---|
[3c30b59] | 3 | ctxtQuery2.py |
---|
[a02c849] | 4 | """ |
---|
| 5 | import os |
---|
| 6 | import sys |
---|
| 7 | import ABAC |
---|
| 8 | |
---|
| 9 | ctxt = ABAC.Context() |
---|
| 10 | |
---|
| 11 | a = ABAC.ID("A", 24 * 3600 * 365 * 20) |
---|
| 12 | b = ABAC.ID("B", 24 * 3600 * 365 * 20) |
---|
| 13 | c = ABAC.ID("C", 24 * 3600 * 365 * 20) |
---|
| 14 | |
---|
| 15 | attr = ABAC.Attribute(a, "friendly_admin", 24 * 3600 * 365 * 20) |
---|
| 16 | attr.role(a.keyid(), "friendly") |
---|
| 17 | attr.role(a.keyid(), "admin") |
---|
| 18 | attr.bake() |
---|
| 19 | |
---|
| 20 | ctxt.load_id_chunk(a.cert_chunk()) |
---|
| 21 | ctxt.load_attribute_chunk(attr.cert_chunk()) |
---|
| 22 | |
---|
| 23 | attr = ABAC.Attribute(a, "friendly", 24 * 3600 * 365 * 20) |
---|
| 24 | attr.principal(b.keyid()) |
---|
| 25 | attr.bake() |
---|
| 26 | ctxt.load_attribute_chunk(attr.cert_chunk()) |
---|
| 27 | |
---|
| 28 | |
---|
| 29 | attr = ABAC.Attribute(a, "admin", 24 * 3600 * 365 * 20) |
---|
| 30 | attr.principal(b.keyid()) |
---|
| 31 | attr.bake() |
---|
| 32 | ctxt.load_attribute_chunk(attr.cert_chunk()) |
---|
| 33 | |
---|
| 34 | attr = ABAC.Attribute(a, "admin", 24 * 3600 * 365 * 20) |
---|
| 35 | attr.principal(c.keyid()) |
---|
| 36 | attr.bake() |
---|
| 37 | ctxt.load_attribute_chunk(attr.cert_chunk()) |
---|
| 38 | |
---|
| 39 | ok, proof = ctxt.query(a.keyid() + ".friendly_admin", b.keyid()) |
---|
| 40 | |
---|
| 41 | if not ok: |
---|
| 42 | sys.exit(1) |
---|
| 43 | |
---|
| 44 | for i, c in enumerate(proof): |
---|
| 45 | print "%s <- %s" % (c.head().string(), c.tail().string()) |
---|
| 46 | open("./id%d.pem" % i, "w").write(c.issuer_cert()) |
---|
| 47 | open("./attr%d.xml" % i, "w").write(c.attribute_cert()) |
---|
| 48 | |
---|
| 49 | print "ok? %d" %ok |
---|
| 50 | |
---|
| 51 | |
---|