class SessionContext:
def __init__(self, sessid):
if not sessid:
raise ValueError("Missing sessid")
self.__key = [evcommon.IDSPOOL, sessid]
self.__reg = Election().get_root_reg()
def store_session(self, cert):
self.__reg.ensure_key(self.__key)
self.__reg.create_value(self.__key, "cert", cert)
self.__reg.create_integer_value(self.__key, "start", int(time.time()))
def check_session(self, cert):
if not self.__reg.check(self.__key):
return evcommon.EVOTE_ERROR, evmessage.EV_ERRORS.SEANSS_PUUDUB
start = self.__reg.read_integer_value(self.__key, "start").value
length = Election().get_session_length() * 60
if start + length < int(time.time()):
return evcommon.EVOTE_ERROR, evmessage.EV_ERRORS.SEANSS_PUUDUB
if self.__reg.read_value(self.__key, "cert").value != cert:
evlog.log_error('Sertifikaat muutus')
return evcommon.EVOTE_CERT_ERROR, evmessage.EV_ERRORS.TEHNILINE_VIGA
return evcommon.EVOTE_OK, None
def kill(self):
self.__reg.ensure_no_key(self.__key)
def add_hts_files_to_table(elid, table):
import os
reg = Election().get_root_reg()
if reg.check(['questions', elid, 'hts', 'output']):
o_files = os.listdir(reg.path(['questions', elid, 'hts', 'output']))
for of in o_files:
if of.find("tokend.") == 0 and of.find(".sha1") == -1:
table.add_file(EvFile(of, of, ['questions', elid, 'hts', 'output']))
def __create_vote_key(self):
reg = Election().get_root_reg()
while True:
vote_id = _generate_vote_id()
key = htscommon.get_verification_key(vote_id)
if not reg.check(key):
reg.create_key(key)
return vote_id
def add_hts_files_to_table(elid, table):
import os
reg = Election().get_root_reg()
if reg.check(['questions', elid, 'hts', 'output']):
o_files = os.listdir(reg.path(['questions', elid, 'hts', 'output']))
for of in o_files:
if of.find("tokend.") == 0 and of.find(".sha1") == -1:
table.add_file(
EvFile(of, of, ['questions', elid, 'hts', 'output']))
def do_set_hts_conf():
reg = Election().get_root_reg()
if reg.check(['common', 'htsip']):
try:
def_ip_port = reg.read_ipaddr_value(\
['common'], 'htsip').value.split(":")
def_ip = def_ip_port[0]
if len(def_ip_port) > 1:
try:
def_port = int(def_ip_port[-1])
except ValueError:
def_port = 80
else:
def_port = 80
except:
def_ip = None
def_port = 80
else:
def_ip = None
def_port = 80
hts_ip = uiutil.ask_string("Sisesta HTSi IP aadress", None, None, def_ip)
hts_port = uiutil.ask_int("Sisesta HTSi port", def_port, 0, 65535)
if reg.check(['common', 'htspath']):
try:
def_url = reg.read_string_value(['common'], 'htspath').value
except:
def_url = None
else:
def_url = None
hts_url = uiutil.ask_string("Sisesta HTSi URL", None, None, def_url)
try:
def_verify = Election().get_hts_verify_path()
except:
def_verify = None
hts_verify = uiutil.ask_string("Sisesta HTSi hääle kontrolli URL", \
None, None, def_verify)
cmd = "%s set %s:%d %s %s" % (SCRIPT_CONFIG_HTH, hts_ip, hts_port, \
hts_url, hts_verify)
os.system(cmd)
def do_set_hts_conf():
reg = Election().get_root_reg()
if reg.check(['common', 'htsip']):
try:
def_ip_port = reg.read_ipaddr_value(\
['common'], 'htsip').value.split(":")
def_ip = def_ip_port[0]
if len(def_ip_port) > 1:
try:
def_port = int(def_ip_port[-1])
except ValueError:
def_port = 80
else:
def_port = 80
except:
def_ip = None
def_port = 80
else:
def_ip = None
def_port = 80
hts_ip = uiutil.ask_string("Sisesta HTSi IP aadress", None, None, def_ip)
hts_port = uiutil.ask_int("Sisesta HTSi port", def_port, 0, 65535)
if reg.check(['common', 'htspath']):
try:
def_url = reg.read_string_value(['common'], 'htspath').value
except:
def_url = None
else:
def_url = None
hts_url = uiutil.ask_string("Sisesta HTSi URL", None, None, def_url)
try:
def_verify = Election().get_hts_verify_path()
except:
def_verify = None
hts_verify = uiutil.ask_string("Sisesta HTSi hääle kontrolli URL", \
None, None, def_verify)
cmd = "%s set %s:%d %s %s" % (SCRIPT_CONFIG_HTH, hts_ip, hts_port, \
hts_url, hts_verify)
os.system(cmd)
def do_set_hsm_conf():
reg = Election().get_root_reg()
if reg.check(['common', 'hsm', 'tokenname']):
try:
def_tokenname = \
reg.read_string_value(['common', 'hsm'], 'tokenname').value
except:
def_tokenname = "evote"
else:
def_tokenname = "evote"
token_name = uiutil.ask_string(\
"Sisesta HSM'i partitsiooni nimi", None, None, def_tokenname)
if reg.check(['common', 'hsm', 'privkeylabel']):
try:
def_privkeylabel = \
reg.read_string_value(['common', 'hsm'], 'privkeylabel').value
except:
def_privkeylabel = "evote_key"
else:
def_privkeylabel = "evote_key"
priv_key_label = uiutil.ask_string(\
"Sisesta privaatvõtme nimi", None, None, def_privkeylabel)
if reg.check(['common', 'hsm', 'pkcs11']):
try:
def_pkcs11 = \
reg.read_string_value(['common', 'hsm'], 'pkcs11').value
except:
def_pkcs11 = "/usr/lunasa/lib/libCryptoki2_64.so"
else:
def_pkcs11 = "/usr/lunasa/lib/libCryptoki2_64.so"
pkcs11_path = uiutil.ask_file_name(\
"Sisesta PKCS11 teegi asukoht", def_pkcs11)
cmd = "%s set %s %s %s" % \
(SCRIPT_CONFIG_HSM, token_name, priv_key_label, pkcs11_path)
os.system(cmd)
def do_set_hsm_conf():
reg = Election().get_root_reg()
if reg.check(['common', 'hsm', 'tokenname']):
try:
def_tokenname = \
reg.read_string_value(['common', 'hsm'], 'tokenname').value
except:
def_tokenname = "evote"
else:
def_tokenname = "evote"
token_name = uiutil.ask_string(\
"Sisesta HSM'i partitsiooni nimi", None, None, def_tokenname)
if reg.check(['common', 'hsm', 'privkeylabel']):
try:
def_privkeylabel = \
reg.read_string_value(['common', 'hsm'], 'privkeylabel').value
except:
def_privkeylabel = "evote_key"
else:
def_privkeylabel = "evote_key"
priv_key_label = uiutil.ask_string(\
"Sisesta privaatvõtme nimi", None, None, def_privkeylabel)
if reg.check(['common', 'hsm', 'pkcs11']):
try:
def_pkcs11 = \
reg.read_string_value(['common', 'hsm'], 'pkcs11').value
except:
def_pkcs11 = "/usr/lunasa/lib/libCryptoki2_64.so"
else:
def_pkcs11 = "/usr/lunasa/lib/libCryptoki2_64.so"
pkcs11_path = uiutil.ask_file_name(\
"Sisesta PKCS11 teegi asukoht", def_pkcs11)
cmd = "%s set %s %s %s" % \
(SCRIPT_CONFIG_HSM, token_name, priv_key_label, pkcs11_path)
os.system(cmd)
def purge_otp(reg, otp):
otp_key = htscommon.get_verification_key(otp)
voter = reg.read_string_value(otp_key, "voter").value.rstrip()
voter_key = htscommon.get_user_key(voter)
elids = reg.read_string_value(otp_key, "elids").value.rstrip().split("\t")
for elid in elids:
sreg = Election().get_sub_reg(elid)
if sreg.check(voter_key + [htscommon.VOTE_VERIFICATION_ID_FILENAME]):
sreg.delete_value(voter_key, htscommon.VOTE_VERIFICATION_ID_FILENAME)
reg.ensure_no_key(otp_key)
def purge_otp(reg, otp):
otp_key = htscommon.get_verification_key(otp)
voter = reg.read_string_value(otp_key, "voter").value.rstrip()
voter_key = htscommon.get_user_key(voter)
elids = reg.read_string_value(otp_key, "elids").value.rstrip().split("\t")
for elid in elids:
sreg = Election().get_sub_reg(elid)
if sreg.check(voter_key + [htscommon.VOTE_VERIFICATION_ID_FILENAME]):
sreg.delete_value(voter_key,
htscommon.VOTE_VERIFICATION_ID_FILENAME)
reg.ensure_no_key(otp_key)
class EvFile:
def __init__(self, filename, uiname, regprefix):
self.__filename = filename
self.__uiname = uiname
self.__regprefix = regprefix
self.__reg = Election().get_root_reg()
def exists(self):
return self.__reg.check(self.__regprefix + [self.__filename])
def path(self):
return self.__reg.path(self.__regprefix + [self.__filename])
def name(self):
return self.__uiname
class EvFile:
def __init__(self, filename, uiname, regprefix):
self.__filename = filename
self.__uiname = uiname
self.__regprefix = regprefix
self.__reg = Election().get_root_reg()
def exists(self):
return self.__reg.check(self.__regprefix + [self.__filename])
def path(self):
return self.__reg.path(self.__regprefix + [self.__filename])
def name(self):
return self.__uiname
def do_set_hts_conf():
reg = Election().get_root_reg()
if reg.check(['common', 'htsip']):
try:
def_ip_port = reg.read_ipaddr_value(['common'],
'htsip').value.split(":")
def_ip = def_ip_port[0]
if len(def_ip_port) > 1:
try:
def_port = int(def_ip_port[-1])
except ValueError:
def_port = 80
else:
def_port = 80
except:
def_ip = None
def_port = 80
else:
def_ip = None
def_port = 80
hts_ip = uiutil.ask_string("Sisesta HTSi IP aadress", None, None, def_ip)
hts_port = uiutil.ask_int("Sisesta HTSi port", def_port, 0, 65535)
try:
def_url = Election().get_hts_path()
except:
def_url = "/hts.cgi"
hts_url = uiutil.ask_string("Sisesta HTSi URL", None, None, def_url)
try:
def_verify = Election().get_hts_verify_path()
except:
def_verify = "/hts-verify-vote.cgi"
hts_verify = uiutil.ask_string("Sisesta HTSi hääle kontrolli URL", None,
None, def_verify)
subprocess.call(
[SCRIPT_CONFIG_HTH,
"%s:%d" % (hts_ip, hts_port), hts_url, hts_verify])
def work(self, check_fn, purge_fn):
reg = Election().get_root_reg()
runtime = int(time.time())
AppLog().log("Purging %ss as of %s: START" % (self._desc,
time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime(runtime))))
try:
if not reg.check(self._key):
return
for key in reg.list_keys(self._key):
try:
if check_fn(reg, key, runtime):
AppLog().log("Purging %s %s" % (self._desc, key))
purge_fn(reg, key)
except:
AppLog().log("Error processing %s %s" % (self._desc, key))
AppLog().log_exception()
except:
AppLog().log_exception()
finally:
AppLog().log("Purging %ss: DONE" % self._desc)
def do_set_hts_conf():
reg = Election().get_root_reg()
if reg.check(['common', 'htsip']):
try:
def_ip_port = reg.read_ipaddr_value(
['common'], 'htsip').value.split(":")
def_ip = def_ip_port[0]
if len(def_ip_port) > 1:
try:
def_port = int(def_ip_port[-1])
except ValueError:
def_port = 80
else:
def_port = 80
except:
def_ip = None
def_port = 80
else:
def_ip = None
def_port = 80
hts_ip = uiutil.ask_string("Sisesta HTSi IP aadress", None, None, def_ip)
hts_port = uiutil.ask_int("Sisesta HTSi port", def_port, 0, 65535)
try:
def_url = Election().get_hts_path()
except:
def_url = "/hts.cgi"
hts_url = uiutil.ask_string("Sisesta HTSi URL", None, None, def_url)
try:
def_verify = Election().get_hts_verify_path()
except:
def_verify = "/hts-verify-vote.cgi"
hts_verify = uiutil.ask_string(
"Sisesta HTSi hääle kontrolli URL", None, None, def_verify)
subprocess.call([SCRIPT_CONFIG_HTH, "%s:%d" %
(hts_ip, hts_port), hts_url, hts_verify])
def work(self, check_fn, purge_fn):
reg = Election().get_root_reg()
runtime = int(time.time())
AppLog().log(
"Purging %ss as of %s: START" %
(self._desc,
time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime(runtime))))
try:
if not reg.check(self._key):
return
for key in reg.list_keys(self._key):
try:
if check_fn(reg, key, runtime):
AppLog().log("Purging %s %s" % (self._desc, key))
purge_fn(reg, key)
except:
AppLog().log("Error processing %s %s" % (self._desc, key))
AppLog().log_exception()
except:
AppLog().log_exception()
finally:
AppLog().log("Purging %ss: DONE" % self._desc)
class HTSBase:
def __init__(self, elid):
self._elid = elid
self._errmsg = None
self._reg = Election().get_sub_reg(self._elid)
self._log1 = evlog.Logger()
self._log1.set_format(evlog.EvLogFormat())
self._log1.set_logs(self._reg.path(['common', 'log1']))
self._log2 = evlog.Logger()
self._log2.set_format(evlog.EvLogFormat())
self._log2.set_logs(self._reg.path(['common', 'log2']))
self._log3 = evlog.Logger()
self._log3.set_format(evlog.EvLogFormat())
self._log3.set_logs(self._reg.path(['common', 'log3']))
self._revlog = evlog.Logger()
self._revlog.set_format(evlog.RevLogFormat())
self._revlog.set_logs(self._reg.path(['common', evcommon.REVLOG_FILE]))
def _haaletanud_konf(self, isikukood):
user_key = htscommon.get_user_key(isikukood)
return self._reg.check(user_key) and \
len(self._reg.list_keys(user_key)) > 0
def haaletanud(self, isikukood):
logi = self._log1.contains(isikukood)
konf = self._haaletanud_konf(isikukood)
if logi and konf:
return True
if (not logi) and (not konf):
return False
self._errmsg = 'Logifail LOG1 ja serveri olek ei ole kooskõlalised'
raise Exception(self._errmsg)
class MobileIDContext:
phoneno = None
lang = None
challenge = None
midsess = None
origvote = None
votefiles = {}
__sessid = None
__reg = None
def __init__(self, sessid):
if sessid is None:
raise Exception('Puuduv sessiooniidentifikaator')
self.__sessid = sessid
self.__reg = Election().get_root_reg()
self.lang = 'EST'
def sessid(self):
return self.__sessid
def kill(self):
self.__reg.ensure_no_key([evcommon.MIDSPOOL, self.__sessid])
def set_phone(self, phone):
self.phoneno = phone
def set_origvote(self, hv):
self.origvote = hv
def get_origvote(self):
self.origvote = self.__reg.read_value(
[evcommon.MIDSPOOL, self.__sessid], 'origvote').value
return self.origvote
def add_votefile(self, filename, data):
self.votefiles[filename] = data
def get_votefiles(self):
for key in self.__reg.list_keys(
[evcommon.MIDSPOOL, self.__sessid, 'votefiles']):
self.votefiles[key] = self.__reg.read_value(
[evcommon.MIDSPOOL, self.__sessid, 'votefiles'], key).value
return self.votefiles
def generate_challenge(self):
self.challenge = binascii.b2a_hex(os.urandom(10))
def verify_challenge(self, signature):
return challenge_ok(self.certificate(), self.mychallenge(),
self.ourchallenge(), signature)
def mychallenge(self):
return self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid],
'mychallenge').value
def ourchallenge(self):
return self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid],
'ourchallenge').value
def certificate(self):
return self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid],
'cert').value
def set_auth_succ(self):
self.__reg.ensure_key([evcommon.MIDSPOOL, self.__sessid, 'authsucc'])
def auth_succ(self):
return self.__reg.check([evcommon.MIDSPOOL, self.__sessid, 'authsucc'])
def check_session(self):
if not self.__reg.check([evcommon.MIDSPOOL, self.__sessid]):
return False
start = self.__reg.read_integer_value(
[evcommon.MIDSPOOL, self.__sessid], 'start').value
length = Election().get_session_length() * 60
return start + length >= int(time.time()) and self.auth_succ()
def save_post_auth(self, rsp):
self.__reg.reset_key([evcommon.MIDSPOOL, self.__sessid])
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], 'cert',
rsp._CertificateData)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], 'phone',
self.phoneno)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], 'midsess',
rsp._Sesscode)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid],
'mychallenge', self.challenge)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid],
'ourchallenge', rsp._Challenge)
self.__reg.create_integer_value([evcommon.MIDSPOOL, self.__sessid],
'start', int(time.time()))
def load_pre_sign(self):
self.phoneno = self.__reg.read_value(
[evcommon.MIDSPOOL, self.__sessid], 'phone').value
def save_post_sign(self, midsess):
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], 'midsess',
midsess)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], 'origvote',
self.origvote)
self.__reg.ensure_key([evcommon.MIDSPOOL, self.__sessid, 'votefiles'])
for el in self.votefiles:
self.__reg.create_value(
[evcommon.MIDSPOOL, self.__sessid, 'votefiles'], el,
self.votefiles[el])
def load_pre_poll(self):
self.midsess = int(
self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid],
'midsess').value)
def main_function():
try:
if Election().is_hes():
server = 'hes'
elif Election().is_hts():
server = 'hts'
else:
raise Exception('Vigane serveri tüüp')
election_ids = Election().get_questions()
if len(election_ids) == 0:
print "Valijanimekirju pole laaditud"
else:
election_ids.sort()
for el_i in election_ids:
print "%s" % el_i
reg_i = Election().get_sub_reg(el_i, [server])
if not reg_i.check(['voters_files']):
print "\tValijanimekirju pole laaditud"
continue
file_list = reg_i.list_keys(['voters_files'])
file_list.sort()
if len(file_list) == 0:
print "\tValijanimekirju pole laaditud"
else:
prefix_len = 8 + 1 + 14 + 1
j = 1
added_total = 0
for vf_i in file_list:
file_date = vf_i[0:4] + "." + vf_i[4:6] + \
"." + vf_i[6:8] + " " + vf_i[8:10] + \
":" + vf_i[10:12] + ":" + vf_i[12:14]
file_name = vf_i[15:]
if len(file_name) > prefix_len:
file_name = file_name[prefix_len:]
print "\t%02d. %s - %s" % (j, file_date, file_name)
j += 1
# nimekirja kokkulugemine
_rf = file(reg_i.path(['voters_files', vf_i]), "r")
line = _rf.readline() # päise 1. rida
line = _rf.readline() # päise 2. rida
filetype = _rf.readline() # päise 3. rida
added = 0
removed = 0
while 1:
line = _rf.readline()
if len(line) == 0:
break
fields = line.split("\t")
if fields[2] == "lisamine":
added += 1
added_total += 1
else:
removed += 1
added_total -= 1
print \
"\t Faili tüüp: %s\n" % filetype.strip() + \
"\t Lisamisi %d, " % added + \
"eemaldamisi %d\n" % removed + \
"\t Kokku peale laadimist: %d" % added_total
except Exception, ex:
print 'Viga valijanimekirjade uuenduste ajaloo kuvamisel: ' + str(ex)
sys.exit(1)
class MobileIDContext:
phoneno = None
lang = None
challenge = None
midsess = None
origvote = None
votefiles = {}
__sessid = None
__reg = None
def __init__(self, sessid):
if sessid is None:
raise Exception("Puuduv sessiooniidentifikaator")
self.__sessid = sessid
self.__reg = Election().get_root_reg()
self.lang = "EST"
def sessid(self):
return self.__sessid
def kill(self):
self.__reg.ensure_no_key([evcommon.MIDSPOOL, self.__sessid])
def set_phone(self, phone):
self.phoneno = phone
def set_origvote(self, hv):
self.origvote = hv
def get_origvote(self):
self.origvote = self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid], "origvote").value
return self.origvote
def add_votefile(self, filename, data):
self.votefiles[filename] = data
def get_votefiles(self):
for key in self.__reg.list_keys([evcommon.MIDSPOOL, self.__sessid, "votefiles"]):
self.votefiles[key] = self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid, "votefiles"], key).value
return self.votefiles
def generate_challenge(self):
self.challenge = binascii.b2a_hex(os.urandom(10))
def verify_challenge(self, signature):
return challenge_ok(self.certificate(), self.mychallenge(), self.ourchallenge(), signature)
def mychallenge(self):
return self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid], "mychallenge").value
def ourchallenge(self):
return self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid], "ourchallenge").value
def certificate(self):
return self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid], "cert").value
def set_auth_succ(self):
self.__reg.ensure_key([evcommon.MIDSPOOL, self.__sessid, "authsucc"])
def auth_succ(self):
return self.__reg.check([evcommon.MIDSPOOL, self.__sessid, "authsucc"])
def check_session(self):
if not self.__reg.check([evcommon.MIDSPOOL, self.__sessid]):
return False
start = self.__reg.read_integer_value([evcommon.MIDSPOOL, self.__sessid], "start").value
length = Election().get_session_length() * 60
return start + length >= int(time.time()) and self.auth_succ()
def save_post_auth(self, rsp):
self.__reg.reset_key([evcommon.MIDSPOOL, self.__sessid])
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], "cert", rsp._CertificateData)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], "phone", self.phoneno)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], "midsess", rsp._Sesscode)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], "mychallenge", self.challenge)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], "ourchallenge", rsp._Challenge)
self.__reg.create_integer_value([evcommon.MIDSPOOL, self.__sessid], "start", int(time.time()))
def load_pre_sign(self):
self.phoneno = self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid], "phone").value
def save_post_sign(self, midsess):
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], "midsess", midsess)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], "origvote", self.origvote)
self.__reg.ensure_key([evcommon.MIDSPOOL, self.__sessid, "votefiles"])
for el in self.votefiles:
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid, "votefiles"], el, self.votefiles[el])
def load_pre_poll(self):
self.midsess = int(self.__reg.read_value([evcommon.MIDSPOOL, self.__sessid], "midsess").value)
class HTSVerify:
def __init__(self):
self._rreg = Election().get_root_reg()
self._vote_id = None
self._voter_code = None
self._voter = None
def __revoke_vote_id(self):
_revoke_vote_id(self._voter_code)
def verify_id(self, vote_id):
# check if valid vote ID
if not formatutil.is_vote_verification_id(vote_id):
# We don't know how large vote_id is, so don't write to disk
evlog.log_error("Malformed vote ID")
raise HTSVerifyException, evcommon.VERIFY_ERROR
vote_id = vote_id.lower()
otp_key = htscommon.get_verification_key(vote_id)
# check if corresponding OTP exists
if not self._rreg.check(otp_key):
evlog.log_error("No such vote ID: %s" % vote_id)
raise HTSVerifyException, evcommon.VERIFY_ERROR
self._voter_code = self._rreg.read_string_value(\
otp_key, "voter").value.rstrip()
# check if timestamp is OK
current = int(time.time())
created = self._rreg.read_integer_value(otp_key, "timestamp").value
timeout = Election().get_verification_time() * 60
if created + timeout < current:
evlog.log("Vote ID %s has expired" % vote_id)
self.__revoke_vote_id()
raise HTSVerifyException, evcommon.VERIFY_ERROR
# check if count is OK
count = self._rreg.read_integer_value(otp_key, "count").value
if count <= 0:
evlog.log_error("Vote ID %s count is zero, but had not been revoked")
self.__revoke_vote_id()
raise HTSVerifyException, evcommon.VERIFY_ERROR
self._vote_id = vote_id
def __load_bdoc(self, elid):
voter_key = htscommon.get_user_key(self._voter_code)
sreg = Election().get_sub_reg(elid)
for votefile in sreg.list_keys(voter_key):
if htscommon.VALID_VOTE_PATTERN.match(votefile):
bdoc = bdocpythonutils.BDocContainer()
bdoc.load(sreg.path(voter_key + [votefile]))
bdoc.validate(bdocpythonutils.ManifestProfile("TM"))
self._voter = htscommon.get_votefile_voter(votefile)
break
if not bdoc:
evlog.log_error("No valid BDOC found for voter %s using vote ID %s" % \
(self._voter, self._vote_id))
raise HTSVerifyException, evcommon.VERIFY_ERROR
return bdoc
def __decrease_count(self):
otp_key = htscommon.get_verification_key(self._vote_id)
count = self._rreg.read_integer_value(otp_key, "count").value - 1
if count > 0:
self._rreg.create_integer_value(otp_key, "count", count)
else:
self.__revoke_vote_id()
def get_response(self):
import binascii
# load a random BDOC from the ones available
otp_key = htscommon.get_verification_key(self._vote_id)
elids = self._rreg.read_string_value(otp_key, "elids")\
.value.rstrip().split("\t")
bdoc = self.__load_bdoc(random.choice(elids))
evlog.log("Sending BDOC %s with vote ID %s for verification" %\
(ksum.votehash(bdoc.get_bytes()), self._vote_id))
# check consistency
bdoc_set = set([doc.split(".")[0] for doc in bdoc.documents])
elids_set = set(elids)
if bdoc_set != elids_set:
evlog.log_error("Votes in BDOC for vote ID %s are inconsistent " \
"with registry: %s, %s" % (self._vote_id, bdoc_set, elids_set))
raise HTSVerifyException, evcommon.VERIFY_ERROR
# create question objects
questions = []
for elid in elids:
questions.append(question.Question(\
elid, "hts", Election().get_sub_reg(elid)))
# start assembling the response
ret = ""
# append questions
for quest in questions:
ret += quest.qname() + ":" + str(quest.get_type()) + "\t"
ret += "\n"
# append election IDs and votes
for votefile in bdoc.documents:
elid = votefile.split(".")[0]
ret += elid + "\t" + binascii.b2a_hex(bdoc.documents[votefile]) + "\n"
ret += "\n"
# append voter
ret += self._voter["nimi"] + "\t" + self._voter_code + "\n"
# append choices list
for quest in questions:
ret += quest.choices_to_voter(self._voter)
self.__decrease_count()
return ret
class Rights:
def __init__(self, elid):
self.reg = Election().get_sub_reg(elid, ['common', 'rights'])
def descr(self, code):
"""
Tagastab tegelase kohta käiva kirjelduse
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
if self.reg.check([code, 'description']):
return self.reg.read_string_value([code], 'description').value
return 'Andmed puuduvad'
def listall(self):
"""
Tagastab kõik volitused
"""
lst = self.reg.list_keys()
ret = ''
for ele in lst:
ret += '\n' + self.listuser(ele)
return ret.strip()
def _create_user(self, code):
""" Loome kasutaja, kui teda veel pole
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
self.reg.ensure_key([code, 'rights'])
def add(self, code, right):
"""
Lisab uue volituse
"""
new_right = right.upper()
if not _proper_right(new_right):
raise Exception('Vigane volitus')
self._create_user(code)
if not self.has(code, new_right):
self.reg.create_value([code, 'rights'], new_right, '')
return True
return False
def adddesc(self, code, desc):
"""
Lisab kasutajale kirjelduse
"""
self._create_user(code)
self.reg.create_value([code], 'description', desc)
return True
def remove(self, code, right):
"""
Võtab kasutajalt volituse
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
new_right = right.upper()
if not _proper_right(new_right):
raise Exception('Vigane volitus')
if self.has(code, new_right):
self.reg.delete_value([code, 'rights'], new_right)
return True
return False
def remuser(self, code):
"""
Eemaldab ühe kasutaja volituste failist
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
return self.reg.ensure_no_key([code])
def remall(self):
"""
Eemaldab kõik volitused
"""
self.reg.reset_key([''])
return True
def has(self, code, right):
"""
Kas koodil on vastav volitus
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
new_right = right.upper()
if not _proper_right(new_right):
raise Exception('Vigane volitus')
if not self.reg.check([code, 'rights', new_right]):
return False
return True
def listuser(self, code):
"""
Ainult konkreetse kasutaja õigused
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
ret = ''
if self.reg.check([code]):
ret += code + ' (%s)' % self.descr(code)
sub_list = self.reg.list_keys([code, 'rights'])
if len(sub_list) > 0:
for _s in sub_list:
ret += '\n\t' + G_DESCS[_s]
else:
ret += '\n\tVolitused puuduvad'
return ret.strip()
class MobileIDContext:
phoneno = None
lang = None
challenge = None
midsess = None
origvote = None
votefiles = {}
__sessid = None
__reg = None
def __init__(self, sessid):
if sessid == None:
raise Exception('Puuduv sessiooniidentifikaator')
self.__sessid = sessid
self.__reg = Election().get_root_reg()
self.lang = 'EST'
def sessid(self):
return self.__sessid
def kill(self):
self.__reg.ensure_no_key([evcommon.MIDSPOOL, self.__sessid])
def set_phone(self, phone):
self.phoneno = phone
def set_origvote(self, hv):
self.origvote = hv
def get_origvote(self):
self.origvote = self.__reg.read_value(\
[evcommon.MIDSPOOL, self.__sessid], \
'origvote').value
return self.origvote
def add_votefile(self, filename, data):
self.votefiles[filename] = data
def get_votefiles(self):
for key in self.__reg.list_keys([evcommon.MIDSPOOL, self.__sessid, \
'votefiles']):
self.votefiles[key] = self.__reg.read_value(\
[evcommon.MIDSPOOL, self.__sessid, 'votefiles'], key).value
return self.votefiles
def generate_challenge(self):
self.challenge = binascii.b2a_hex(os.urandom(10))
def verify_challenge(self, signature):
return challenge_ok(self.certificate(), self.mychallenge(), \
self.ourchallenge(), signature)
def mychallenge(self):
return self.__reg.read_value(\
[evcommon.MIDSPOOL, self.__sessid], \
'mychallenge').value
def ourchallenge(self):
return self.__reg.read_value(\
[evcommon.MIDSPOOL, self.__sessid], \
'ourchallenge').value
def certificate(self):
return self.__reg.read_value(\
[evcommon.MIDSPOOL, self.__sessid], \
'cert').value
def set_auth_succ(self):
self.__reg.ensure_key([evcommon.MIDSPOOL, self.__sessid, 'authsucc'])
def auth_succ(self):
return self.__reg.check(\
[evcommon.MIDSPOOL, self.__sessid, 'authsucc'])
def save_post_auth(self, rsp):
self.__reg.reset_key([evcommon.MIDSPOOL, self.__sessid])
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], \
'cert', rsp._CertificateData)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], \
'phone', self.phoneno)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], \
'midsess', rsp._Sesscode)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], \
'mychallenge', self.challenge)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], \
'ourchallenge', rsp._Challenge)
def load_pre_sign(self):
self.phoneno = self.__reg.read_value(\
[evcommon.MIDSPOOL, self.__sessid], 'phone').value
def save_post_sign(self, midsess):
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], \
'midsess', midsess)
self.__reg.create_value([evcommon.MIDSPOOL, self.__sessid], \
'origvote', self.origvote)
self.__reg.ensure_key([evcommon.MIDSPOOL, self.__sessid, 'votefiles'])
for el in self.votefiles:
self.__reg.create_value(\
[evcommon.MIDSPOOL, self.__sessid, 'votefiles'],\
el, self.votefiles[el])
def load_pre_poll(self):
self.midsess = int(self.__reg.read_value(\
[evcommon.MIDSPOOL, self.__sessid], 'midsess').value)
class HTSBase:
def __init__(self, elid):
self._elid = elid
self._errmsg = None
self._reg = Election().get_sub_reg(self._elid)
self._revlog = evlog.Logger()
self._revlog.set_format(evlog.RevLogFormat())
self._revlog.set_logs(self._reg.path(['common', evcommon.REVLOG_FILE]))
def haaletanud(self, isikukood):
latest = self.get_latest_vote(isikukood)
return latest <> None
def get_revoked_path(self, pc):
user_key = htscommon.get_user_key(pc)
return self._reg.path(user_key + ['reason'])
def get_latest_vote(self, pc):
user_key = htscommon.get_user_key(pc)
if self._reg.check(user_key):
files = self._reg.list_keys(user_key)
votes = []
for el in files:
if htscommon.VALID_VOTE_PATTERN.match(el):
votes.append(el)
votes.sort()
latest = votes.pop()
if latest:
return htscommon.get_votefile_time(latest)
return None
def restore_vote(self, revline, operator):
timest = self.get_latest_vote(revline[0])
os.unlink(self.get_revoked_path(revline[0]))
self._revlog.log_info(tegevus='ennistamine',
isikukood=revline[0],
nimi=revline[1],
timestamp=timest,
operaator=operator,
pohjus=revline[2])
def revoke_vote(self, revline, operator):
timest = self.get_latest_vote(revline[0])
nowstr = time.strftime("%Y%m%d%H%M%S", time.localtime())
self._reg.create_string_value(\
htscommon.get_user_key(revline[0]), 'reason', \
"%s\t%s" % (nowstr, revline[2]))
self._revlog.log_info(tegevus='tühistamine',
testtime=nowstr,
isikukood=revline[0],
nimi=revline[1],
timestamp=timest,
operaator=operator,
pohjus=revline[2])
def is_user_revoked(self, pc):
user_key = htscommon.get_user_key(pc)
if self._reg.check(user_key + ['reason']):
line = self._reg.read_string_value(user_key, 'reason').value
data = line.split('\t')
return True, data[1], data[0]
return False, '', ''
def save_log(self, lines, log):
fn = self._reg.path(['common', 'log%s' % log])
lf = htscommon.LoggedFile(fn)
lf.open('w')
lf.write(evcommon.VERSION + "\n")
lf.write(self._elid + "\n")
lf.write("%s\n" % log)
for el in lines:
lf.write(el + '\n')
lf.close()
def save_revocation_report(self, report):
fn = self._reg.path(['hts', 'output', evcommon.REVREPORT_FILE])
outfile = htscommon.LoggedFile(fn)
outfile.open('a')
for el in report:
outfile.write("\t".join(el) + "\n")
outfile.close()
def talletaja(self, ik):
vl = None
try:
vl = inputlists.VotersList('hts', self._reg)
if not vl.has_voter(ik):
return None
ret = vl.get_voter(ik)
return ret
finally:
if vl != None:
vl.close()
vl = None
class HTSBase:
def __init__(self, elid):
self._elid = elid
self._errmsg = None
self._reg = Election().get_sub_reg(self._elid)
self._revlog = evlog.Logger()
self._revlog.set_format(evlog.RevLogFormat())
self._revlog.set_logs(self._reg.path(['common', evcommon.REVLOG_FILE]))
def haaletanud(self, isikukood):
latest = self.get_latest_vote(isikukood)
return latest is not None
def get_revoked_path(self, pc):
user_key = htscommon.get_user_key(pc)
return self._reg.path(user_key + ['reason'])
def get_latest_vote(self, pc):
user_key = htscommon.get_user_key(pc)
if self._reg.check(user_key):
files = self._reg.list_keys(user_key)
votes = []
for el in files:
if htscommon.VALID_VOTE_PATTERN.match(el):
votes.append(el)
votes.sort()
latest = votes.pop()
if latest:
return htscommon.get_votefile_time(latest)
return None
def restore_vote(self, revline, operator):
timest = self.get_latest_vote(revline[0])
os.unlink(self.get_revoked_path(revline[0]))
self._revlog.log_info(
tegevus='ennistamine',
isikukood=revline[0],
nimi=revline[1],
timestamp=timest,
operaator=operator,
pohjus=revline[2])
def revoke_vote(self, revline, operator):
timest = self.get_latest_vote(revline[0])
nowstr = time.strftime("%Y%m%d%H%M%S", time.localtime())
self._reg.create_string_value(
htscommon.get_user_key(revline[0]), 'reason',
"%s\t%s" % (nowstr, revline[2]))
self._revlog.log_info(
tegevus='tühistamine',
testtime=nowstr,
isikukood=revline[0],
nimi=revline[1],
timestamp=timest,
operaator=operator,
pohjus=revline[2])
def is_user_revoked(self, pc):
user_key = htscommon.get_user_key(pc)
if self._reg.check(user_key + ['reason']):
line = self._reg.read_string_value(user_key, 'reason').value
data = line.split('\t')
return True, data[1], data[0]
return False, '', ''
def save_log(self, lines, log):
fn = self._reg.path(['common', 'log%s' % log])
lf = htscommon.LoggedFile(fn)
lf.open('w')
lf.write(evcommon.VERSION + "\n")
lf.write(self._elid + "\n")
lf.write("%s\n" % log)
for el in lines:
lf.write(el + '\n')
lf.close()
def save_revocation_report(self, report):
fn = self._reg.path(['hts', 'output', evcommon.REVREPORT_FILE])
outfile = htscommon.LoggedFile(fn)
outfile.open('a')
for el in report:
outfile.write("\t".join(el) + "\n")
outfile.close()
def talletaja(self, ik):
vl = None
try:
vl = inputlists.VotersList('hts', self._reg)
if not vl.has_voter(ik):
return None
ret = vl.get_voter(ik)
return ret
finally:
if vl is not None:
vl.close()
vl = None
class Rights:
def __init__(self, elid):
self.reg = Election().get_sub_reg(elid, ['common', 'rights'])
def descr(self, code):
"""
Tagastab tegelase kohta käiva kirjelduse
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
if self.reg.check([code, 'description']):
return self.reg.read_string_value([code], 'description').value
else:
return 'Andmed puuduvad'
def listall(self):
"""
Tagastab kõik volitused
"""
lst = self.reg.list_keys()
ret = ''
for ele in lst:
ret = ret + '\n' + self.listuser(ele)
return ret.strip()
def _create_user(self, code):
""" Loome kasutaja, kui teda veel pole
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
self.reg.ensure_key([code, 'rights'])
def add(self, code, right):
"""
Lisab uue volituse
"""
new_right = right.upper()
if not _proper_right(new_right):
raise Exception('Vigane volitus')
self._create_user(code)
if not self.has(code, new_right):
self.reg.create_value([code, 'rights'], new_right, '')
return True
return False
def adddesc(self, code, desc):
"""
Lisab kasutajale kirjelduse
"""
self._create_user(code)
self.reg.create_value([code], 'description', desc)
return True
def remove(self, code, right):
"""
Võtab kasutajalt volituse
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
new_right = right.upper()
if not _proper_right(new_right):
raise Exception('Vigane volitus')
if self.has(code, new_right):
self.reg.delete_value([code, 'rights'], new_right)
return True
return False
def remuser(self, code):
"""
Eemaldab ühe kasutaja volituste failist
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
return self.reg.ensure_no_key([code])
def remall(self):
"""
Eemaldab kõik volitused
"""
self.reg.reset_key([''])
return True
def has(self, code, right):
"""
Kas koodil on vastav volitus
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
new_right = right.upper()
if not _proper_right(new_right):
raise Exception('Vigane volitus')
if not self.reg.check([code, 'rights', new_right]):
return False
return True
def listuser(self, code):
"""
Ainult konkreetse kasutaja õigused
"""
if not formatutil.is_isikukood(code):
raise Exception('Vigane isikukood')
ret = ''
if self.reg.check([code]):
ret = ret + code
ret = ret + ' (' + self.descr(code) + ')'
sub_list = self.reg.list_keys([code, 'rights'])
if len(sub_list) > 0:
for _s in sub_list:
ret = ret + '\n\t' + G_DESCS[_s]
else:
ret = ret + '\n\tVolitused puuduvad'
return ret.strip()
