--- /dev/null
+Installation
+============
+
+# This part describes the installation of cpabe and peks.
+# You will need to install some official packages that can be
+# retrieved online on official repositories.
+# You will need to install manually 3 libraries
+# Root privileges are required
+
+# Install official packages:
+# build-essebtial and autotools-dev for compilation and installation
+# libglib2.0-dev for the glib library
+# libgmp3-dev for the GMP library
+# flex and bison are necessary for the libbswabe library
+# libssl-dev is necessary for the crypto operations
+
+`sudo apt-get install build-essential autotools-dev libglib2.0-dev libgmp3-dev flex bison libssl-dev`
+
+# Three libraries have to be installed manually:
+# PBC: Pairing Based Cryptography (for pairing operations over elliptic curves)
+# More info: http://crypto.stanford.edu/pbc/
+#
+# libbswabe: Core operations for cpabe and peks
+# More info: http://acsc.cs.utexas.edu/cpabe/
+#
+# cpabe: Cyphertext-Policy Attribute Based Encryption library
+# Implements the 4 algorithms for CPABE: setup, keygen, enc and dec
+# Implements the 4 algorithms for PEKS: setup, enc, trap and test
+# More info: http://acsc.cs.utexas.edu/cpabe/
+
+
+# Replace <PATH-TO-REP> with the path to the POC repository
+
+
+Install pbc
+-----------
+
+* `cd <PATH-TO-REP>/pbc-0.5.14`
+
+* `./configure`
+
+* `make`
+
+* `sudo make install`
+
+Install libbswabe
+-----------------
+
+* `cd <PATH-TO-REP>/libbswabe-0.9/`
+
+* `./configure`
+
+* `make`
+
+* `sudo make install`
+
+
+Install cpabe
+-------------
+
+* `cd <PATH-TO-REP>/cpabe-0.11/`
+
+* `./configure`
+
+* `make`
+
+* sudo make install
+
+
+Manual
+======
+
+# Below we describe each functionality of the cpabe and peks:
+# For using with the python wrapper, just call ./[PROG-NAME].py [OPTIONS...] ...
+# The pythons scripts are in the folder <PATH-TO-REP>/python
+# Ex: ./cpabe-setup.py -h
+# Some examples are given at the end of this document.
+
+cpabe-setup:
+
+ Usage: cpabe-setup [OPTION ...]
+
+ Generate system parameters, a public key, and a master secret key
+ for use with cpabe-keygen, cpabe-enc, and cpabe-dec.
+
+ Output will be written to the files "pub_key" and "master_key"
+ unless the --output-public-key or --output-master-key options are
+ used.
+
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -p, --output-public-key FILE write public key to FILE
+
+ -m, --output-master-key FILE write master secret key to FILE
+
+ -d, --deterministic use deterministic "random" numbers
+ (only for debugging)
+
+
+cpabe-keygen:
+
+ Usage: cpabe-keygen [OPTION ...] PUB_KEY MASTER_KEY ATTR [ATTR ...]
+
+ Generate a key with the listed attributes using public key PUB_KEY and
+ master secret key MASTER_KEY. Output will be written to the file
+ "priv_key" unless the -o option is specified.
+
+ Attributes come in two forms: non-numerical and numerical. Non-numerical
+ attributes are simply any string of letters, digits, and underscores
+ beginning with a letter.
+
+ Numerical attributes are specified as `attr = N', where N is a non-negative
+ integer less than 2^64 and `attr' is another string. The whitespace around
+ the `=' is optional. One may specify an explicit length of k bits for the
+ integer by giving `attr = N#k'. Note that any comparisons in a policy given
+ to cpabe-enc(1) must then specify the same number of bits, e.g.,
+ `attr > 5#12'.
+
+ The keywords `and', `or', and `of', are reserved for the policy language
+ of cpabe-enc (1) and may not be used for either type of attribute.
+
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -o, --output FILE write resulting key to FILE
+
+ -d, --deterministic use deterministic "random" numbers
+ (only for debugging)
+
+
+cpabe-enc:
+
+ Usage: cpabe-enc [OPTION ...] PUB_KEY FILE [POLICY]
+
+ Encrypt FILE under the decryption policy POLICY using public key
+ PUB_KEY. The encrypted file will be written to FILE.cpabe unless
+ the -o option is used. The original file will be removed. If POLICY
+ is not specified, the policy will be read from stdin.
+
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -k, --keep-input-file don't delete original file
+
+ -o, --output FILE write resulting key to FILE
+
+ -d, --deterministic use deterministic "random" numbers
+ (only for debugging)
+
+
+
+cpabe-dec:
+
+ Usage: cpabe-dec [OPTION ...] PUB_KEY PRIV_KEY FILE
+
+ Decrypt FILE using private key PRIV_KEY and assuming public key
+ PUB_KEY. If the name of FILE is X.cpabe, the decrypted file will
+ be written as X and FILE will be removed. Otherwise the file will be
+ decrypted in place. Use of the -o option overrides this
+ behavior.
+
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -k, --keep-input-file don't delete original file
+
+ -o, --output FILE write output to FILE
+
+ -d, --deterministic use deterministic "random" numbers
+ (only for debugging)
+
+
+
+cpabe-policyList:
+
+ Usage: cpabe-policyList [OPTION ...] PUB_KEY CIPHERTEXT
+
+ Print the access policy of a ciphertext CIPHERTEXT
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -d, --deterministic use deterministic "random" numbers
+ (only for debugging)
+
+
+cpabe-attrList:
+
+ Usage: cpabe-attrList [OPTION ...] PUB_KEY PRV_KEY
+
+ Print the attributes of a private key PRV_KEY
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -d, --deterministic use deterministic "random" numbers
+ (only for debugging)
+
+
+peks-ind:
+
+ Usage: peks-index [OPTION ...] PUB_KEY IND
+
+ Generate an encrypted index given a clear index IND.
+ The clear index should be of the form:
+ keyword_1
+ keyword_2
+ ...
+ It uses the public key PUB_KEY and a clear index IND.
+ The encrypted index will be written to the file "enc_ind"
+ unless the --output is used.
+
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -o, --output FILE write index to FILE
+
+ -d, --deterministic use deterministic "random" numbers
+
+
+
+peks-trap:
+
+ Usage: peks-trap [OPTION ...] PUB_KEY MSK_KEY KEYWORD
+
+ Generate an encrypted trapdoor given a clear keyword KEYWORD.
+ It uses the public key PUB_KEY and the master key MSK_KEY.
+ The encrypted trapdoor will be written to the file "enc_trap"
+ unless the --output is used.
+
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -o, --output FILE write index to FILE
+
+ -d, --deterministic use deterministic "random" numbers
+
+
+
+peks-test:
+
+ Usage: peks-index [OPTION ...] PUB_KEY IND TRAP
+
+ Test a trapdoor over an encrypted index IND.
+ It uses the public key PUB_KEY,
+ an encrypted index IND and an encrypted trapdoor TRAP.
+ returns 1 if there is a match, 0 if not
+
+ Mandatory arguments to long options are mandatory for short options too.
+
+ -h, --help print this message
+
+ -v, --version print version information
+
+ -d, --deterministic use deterministic "random" numbers
+
+
+
+# Examples (See also http://acsc.cs.utexas.edu/cpabe/tutorial.html)
+# For using with the python wrapper, just call ./[PROG-NAME].py [OPTIONS...] ...
+# The pythons scripts are in the folder <PATH-TO-REP>/python
+# Ex: ./cpabe-setup.py
+
+# Generate master key and public key
+ $ cpabe-setup
+
+ $ ls
+ master_key pub_key
+
+# Generate private key for Sara and Kevin with attributes
+# sysadmin, it_department for Sara
+# business_staff, strategy_team for Kevin
+
+ $ cpabe-keygen -o sara_priv_key pub_key master_key sysadmin it_department
+
+ $ cpabe-keygen -o kevin_priv_key pub_key master_key business_staff strategy_team
+
+ $ ls
+ master_key pub_key sara_priv_key kevin_priv_key
+
+# Encrypt a file security_report.pdf with a policy (business_staff and strategy_team) or (sysadmin and business_staff)
+
+ $ ls
+ pub_key security_report.pdf
+
+ $ cpabe-enc pub_key security_report.pdf "(sysadmin and business_staff) or (business_staff and strategy_team)"
+
+ $ ls
+ pub_key security_report.pdf.cpabe
+
+# Print the policy of the ciphertext
+ $ ls
+ pub_key security_report.pdf.cpabe
+
+ $ cpabe-policyList pub_key security_report.pdf.cpabe
+ business_staff sysadmin 2of2 business_staff strategy_team 2of2 1of2
+
+# Print the attributes of Kevin's private key
+ $ ls
+ pub_key kevin_priv_key
+
+ $ cpabe-attrList pub_key kevin_priv_key
+
+# Decryption with Kevin's private key
+
+ $ ls
+ pub_key kevin_priv_key security_report.pdf.cpabe
+
+ $ cpabe-dec pub_key kevin_priv_key security_report.pdf.cpabe
+
+ $ ls
+ pub_key kevin_priv_key security_report.pdf
+
+# Create an encrypted index
+
+ $ ls
+ pub_key testindex
+
+ $ peks-ind pub_key testindex
+
+ $ ls
+ enc_ind pub_key testindex
+
+# Create a trapdoor for the word my_keyword
+
+ $ ls
+ pub_key master_key
+
+ $ peks-trap pub_key master_key my_keyword
+
+ $ ls
+ enc_trap pub_key master_key
+
+# Test if an encrypted index matches with a trapdoor
+
+ $ ls
+ pub_key enc_ind enc_trap
+
+ $ peks-test pub_key enc_ind enc_trap
+
+ $ echo $?
+ 0
--- /dev/null
+[console_scripts]
+moon = moonclient.shell:main
+
+[moon.client]
+action_add = moonclient.actions:ActionsAdd
+action_assignment_add = moonclient.action_assignments:ActionAssignmentsAdd
+action_assignment_delete = moonclient.action_assignments:ActionAssignmentsDelete
+action_assignment_list = moonclient.action_assignments:ActionAssignmentsList
+action_category_add = moonclient.action_categories:ActionCategoriesAdd
+action_category_delete = moonclient.action_categories:ActionCategoriesDelete
+action_category_list = moonclient.action_categories:ActionCategoriesList
+action_category_scope_add = moonclient.action_category_scope:ActionCategoryScopeAdd
+action_category_scope_delete = moonclient.action_category_scope:ActionCategoryScopeDelete
+action_category_scope_list = moonclient.action_category_scope:ActionCategoryScopeList
+action_delete = moonclient.actions:ActionsDelete
+action_list = moonclient.actions:ActionsList
+aggregation_algorithm_list = moonclient.metarules:AggregationAlgorithmsList
+aggregation_algorithm_set = moonclient.metarules:AggregationAlgorithmSet
+aggregation_algorithm_show = moonclient.metarules:AggregationAlgorithmShow
+aggregation_algorithms_list = moonclient.configuration:AggregationAlgorithmsList
+intraextension_create = moonclient.intraextension:IntraExtensionCreate
+intraextension_delete = moonclient.intraextension:IntraExtensionDelete
+intraextension_list = moonclient.intraextension:IntraExtensionList
+intraextension_show = moonclient.intraextension:IntraExtensionShow
+intraextension_tenant_set = moonclient.intraextension:TenantSet
+log = moonclient.logs:LogsList
+object_add = moonclient.objects:ObjectsAdd
+object_assignment_add = moonclient.object_assignments:ObjectAssignmentsAdd
+object_assignment_delete = moonclient.object_assignments:ObjectAssignmentsDelete
+object_assignment_list = moonclient.object_assignments:ObjectAssignmentsList
+object_category_add = moonclient.object_categories:ObjectCategoriesAdd
+object_category_delete = moonclient.object_categories:ObjectCategoriesDelete
+object_category_list = moonclient.object_categories:ObjectCategoriesList
+object_category_scope_add = moonclient.object_category_scope:ObjectCategoryScopeAdd
+object_category_scope_delete = moonclient.object_category_scope:ObjectCategoryScopeDelete
+object_category_scope_list = moonclient.object_category_scope:ObjectCategoryScopeList
+object_delete = moonclient.objects:ObjectsDelete
+object_list = moonclient.objects:ObjectsList
+rule_add = moonclient.rules:RuleAdd
+rule_delete = moonclient.rules:RuleDelete
+rule_list = moonclient.rules:RulesList
+subject_add = moonclient.subjects:SubjectsAdd
+subject_assignment_add = moonclient.subject_assignments:SubjectAssignmentsAdd
+subject_assignment_delete = moonclient.subject_assignments:SubjectAssignmentsDelete
+subject_assignment_list = moonclient.subject_assignments:SubjectAssignmentsList
+subject_category_add = moonclient.subject_categories:SubjectCategoriesAdd
+subject_category_delete = moonclient.subject_categories:SubjectCategoriesDelete
+subject_category_list = moonclient.subject_categories:SubjectCategoriesList
+subject_category_scope_add = moonclient.subject_category_scope:SubjectCategoryScopeAdd
+subject_category_scope_delete = moonclient.subject_category_scope:SubjectCategoryScopeDelete
+subject_category_scope_list = moonclient.subject_category_scope:SubjectCategoryScopeList
+subject_delete = moonclient.subjects:SubjectsDelete
+subject_list = moonclient.subjects:SubjectsList
+submetarule_algorithms_list = moonclient.configuration:SubMetaRuleAlgorithmsList
+submetarule_relation_list = moonclient.metarules:SubMetaRuleRelationList
+submetarule_set = moonclient.metarules:SubMetaRuleSet
+submetarule_show = moonclient.metarules:SubMetaRuleShow
+templates_list = moonclient.configuration:TemplatesList
+tenant_add = moonclient.tenants:TenantAdd
+tenant_delete = moonclient.tenants:TenantDelete
+tenant_list = moonclient.tenants:TenantList
+tenant_set = moonclient.tenants:TenantSet
+tenant_show = moonclient.tenants:TenantShow
+tests = moonclient.tests:TestsLaunch
+
Code Review / moon.git / commitdiff