[4f79997] | 1 | #!/usr/bin/env sh |
---|
| 2 | # |
---|
| 3 | # This demonstrates scalability of libabac. |
---|
| 4 | # 10 principal/attribute credentials with couple |
---|
| 5 | # of linked roles attributes are added, |
---|
| 6 | # 2 sets of #VAL# attribute credentials along |
---|
| 7 | # with #VAL# different principal ids are added. |
---|
| 8 | # number of credentials, 9 + 4 x #VAL# |
---|
| 9 | # |
---|
| 10 | |
---|
| 11 | rm -rf *.pem *.xml |
---|
| 12 | if [ -z "${TESTDIR}" ] ; then |
---|
| 13 | TESTDIR=../../../.. |
---|
| 14 | fi |
---|
| 15 | . ${TESTDIR}/test_util.sh |
---|
| 16 | |
---|
| 17 | $eloc/creddy --generate --cn District |
---|
| 18 | $eloc/creddy --generate --cn Huntington |
---|
| 19 | $eloc/creddy --generate --cn Alice |
---|
| 20 | $eloc/creddy --generate --cn Ralphs |
---|
| 21 | |
---|
| 22 | $eloc/creddy --generate --cn Apple |
---|
| 23 | $eloc/creddy --generate --cn Orange |
---|
| 24 | $eloc/creddy --generate --cn Banana |
---|
| 25 | $eloc/creddy --generate --cn Computer |
---|
| 26 | |
---|
| 27 | # [keyid:District].role:buys |
---|
| 28 | # <- [keyid:District].role:employee.role:buys |
---|
| 29 | $eloc/creddy --attribute \ |
---|
| 30 | --issuer District_ID.pem --key District_private.pem --role "buys" \ |
---|
| 31 | --subject-cert District_ID.pem --subject-role employee.buys \ |
---|
| 32 | --out district_buys__district_employee_buys_attr.xml |
---|
| 33 | |
---|
| 34 | # [keyid:District].role:employee |
---|
| 35 | # <- [keyid:District].role:school.role:admin |
---|
| 36 | $eloc/creddy --attribute \ |
---|
| 37 | --issuer District_ID.pem --key District_private.pem --role "employee" \ |
---|
| 38 | --subject-cert District_ID.pem --subject-role school.admin \ |
---|
| 39 | --out district_employee__district_school_admin_attr.xml |
---|
| 40 | |
---|
| 41 | # [keyid:District].role:school <- [keyid:Huntington] |
---|
| 42 | $eloc/creddy --attribute \ |
---|
| 43 | --issuer District_ID.pem --key District_private.pem --role "school" \ |
---|
| 44 | --subject-cert Huntington_ID.pem \ |
---|
| 45 | --out district_school__huntington_attr.xml |
---|
| 46 | |
---|
| 47 | # [keyid:Huntington].role:admin <- [keyid:Alice] |
---|
| 48 | $eloc/creddy --attribute \ |
---|
| 49 | --issuer Huntington_ID.pem --key Huntington_private.pem --role "admin" \ |
---|
| 50 | --subject-cert Alice_ID.pem \ |
---|
| 51 | --out huntington_admin__alice_attr.xml |
---|
| 52 | |
---|
| 53 | # [keyid:Alice].role:buys <- [keyid:Apple] |
---|
| 54 | $eloc/creddy --attribute \ |
---|
| 55 | --issuer Alice_ID.pem --key Alice_private.pem --role "buys" \ |
---|
| 56 | --subject-cert Apple_ID.pem \ |
---|
| 57 | --out alice_buys__apple_attr.xml |
---|
| 58 | |
---|
| 59 | # [keyid:Alice].role:buys <- [keyid:Orange] |
---|
| 60 | $eloc/creddy --attribute \ |
---|
| 61 | --issuer Alice_ID.pem --key Alice_private.pem --role "buys" \ |
---|
| 62 | --subject-cert Orange_ID.pem \ |
---|
| 63 | --out alice_buys__orange_attr.xml |
---|
| 64 | |
---|
| 65 | # [keyid:Alice].role:buys <- [keyid:Banana] |
---|
| 66 | $eloc/creddy --attribute \ |
---|
| 67 | --issuer Alice_ID.pem --key Alice_private.pem --role "buys" \ |
---|
| 68 | --subject-cert Banana_ID.pem \ |
---|
| 69 | --out alice_buys__banana_attr.xml |
---|
| 70 | |
---|
| 71 | |
---|
| 72 | # [keyid:Ralphs].role:order |
---|
| 73 | # <- [keyid:Ralphs].role:eduPartner.role:buys |
---|
| 74 | $eloc/creddy --attribute \ |
---|
| 75 | --issuer Ralphs_ID.pem --key Ralphs_private.pem --role "order" \ |
---|
| 76 | --subject-cert Ralphs_ID.pem --subject-role "eduPartner.buys" \ |
---|
| 77 | --out ralphs_order__ralphs_eduPartner_buys_attr.xml |
---|
| 78 | |
---|
| 79 | # [keyid:Ralphs].role:eduPartner <- [keyid:District] |
---|
| 80 | $eloc/creddy --attribute \ |
---|
| 81 | --issuer Ralphs_ID.pem --key Ralphs_private.pem --role "eduPartner" \ |
---|
| 82 | --subject-cert District_ID.pem \ |
---|
| 83 | --out ralphs_eduPartner__district_attr.xml |
---|
| 84 | |
---|
| 85 | |
---|
| 86 | ############### NOISE ####################################### |
---|
| 87 | # [keyid:Ralphs].role:eduPartner <- [keyid:DistrictX] |
---|
| 88 | for i in $(seq 1 #VAL#); |
---|
| 89 | do |
---|
| 90 | district="District$i" |
---|
| 91 | $eloc/creddy --generate --cn $district |
---|
| 92 | fstr="ralphs_eduPartner__${district}_attr.xml" |
---|
| 93 | $eloc/creddy --attribute \ |
---|
| 94 | --issuer Ralphs_ID.pem --key Ralphs_private.pem \ |
---|
| 95 | --role "eduPartner" \ |
---|
| 96 | --subject-cert ${district}_ID.pem \ |
---|
| 97 | --out $fstr |
---|
| 98 | done |
---|
| 99 | |
---|
| 100 | # [keyid:Huntington].role:admin <- [keyid:BobX] |
---|
| 101 | for i in $(seq 1 #VAL#); |
---|
| 102 | do |
---|
| 103 | bob="Bob$i" |
---|
| 104 | $eloc/creddy --generate --cn $bob |
---|
| 105 | fstr="huntington_admin__${bob}_attr.xml" |
---|
| 106 | $eloc/creddy --attribute \ |
---|
| 107 | --issuer Huntington_ID.pem --key Huntington_private.pem \ |
---|
| 108 | --role "admin" \ |
---|
| 109 | --subject-cert ${bob}_ID.pem \ |
---|
| 110 | --out $fstr |
---|
| 111 | done |
---|