cpabe-keygen − manual page for cpabe-keygen 0.9
cpabe-keygen [OPTION ...] PUB_KEY MASTER_KEY ATTR [ATTR ...]
Generate a key with the listed attributes using public key PUB_KEY and master secret key MASTER_KEY. Output will be written to the file "priv_key" unless the −o option is specified.
Attributes come in two forms: non−numerical and numerical. Non−numerical attributes are simply any string of letters, digits, and underscores beginning with a letter.
Numerical attributes are specified as ‘attr = N’, where N is a non−negative integer less than 2^64 and ‘attr’ is another string. The whitespace around the ‘=’ is optional. One may specify an explicit length of k bits for the integer by giving ‘attr = N#k’. Note that any comparisons in a policy given to cpabe−enc(1) must then specify the same number of bits, e.g., ‘attr > 5#12’.
The keywords ‘and’, ‘or’, and ‘of’, are reserved for the policy language of cpabe−enc (1) and may not be used for either type of attribute.
Mandatory
arguments to long options are mandatory for short options
too.
−h, −−help
print this message
−v, −−version
print version information
−o, −−output FILE
write resulting key to FILE
−d, −−deterministic
use deterministic "random" numbers (only for debugging)
Parts Copyright (C) 2006, 2007 John Bethencourt and SRI International. This is free software released under the GPL, see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Generating a key for a new employee Sara:
$ cpabe-keygen
-o sara_priv_key pub_key master_key \
sysadmin it_department
Generating a key with more complicated attributes:
$ cpabe-keygen
-o kevin_priv_key pub_key master_key \
business_staff strategy_team ’executive_level =
7#4’ \
office=2362 ’hire_date = ’‘date
+%s‘
Note the usage of date (1) as a convenient way of storing a time in a numerical attribute.
Report bugs to John Bethencourt <bethenco@cs.berkeley.edu>.
cpabe-setup(1), cpabe-enc(1), cpabe-dec(1)