def post_audited_ballot(request, election, poll):
voter = request.voter
raw_vote = request.POST['audited_ballot']
encrypted_vote = crypto_utils.from_json(raw_vote)
audit_request = crypto_utils.from_json(request.session['audit_request'])
audit_password = request.session['audit_password']
if not audit_password:
raise Exception("Auditing with no password")
# fill in the answers and randomness
audit_request['answers'][0]['randomness'] = \
encrypted_vote['answers'][0]['randomness']
audit_request['answers'][0]['answer'] = \
[encrypted_vote['answers'][0]['answer'][0]]
encrypted_vote = electionalgs.EncryptedVote.fromJSONDict(audit_request)
del request.session['audit_request']
del request.session['audit_password']
poll.cast_vote(voter, encrypted_vote, audit_password)
poll.logger.info("Poll audit ballot cast")
vote_pk = AuditedBallot.objects.filter(voter=voter).order_by('-pk')[0].pk
return HttpResponse(json.dumps({'audit_id': vote_pk}),
content_type="application/json")
def post_audited_ballot(request, election, poll):
voter = request.voter
raw_vote = request.POST['audited_ballot']
encrypted_vote = crypto_utils.from_json(raw_vote)
audit_request = crypto_utils.from_json(request.session['audit_request'])
audit_password = request.session['audit_password']
if not audit_password:
raise Exception("Auditing with no password")
# fill in the answers and randomness
audit_request['answers'][0]['randomness'] = \
encrypted_vote['answers'][0]['randomness']
audit_request['answers'][0]['answer'] = \
[encrypted_vote['answers'][0]['answer'][0]]
encrypted_vote = electionalgs.EncryptedVote.fromJSONDict(audit_request)
del request.session['audit_request']
del request.session['audit_password']
poll.cast_vote(voter, encrypted_vote, audit_password)
poll.logger.info("Poll audit ballot cast")
vote_pk = AuditedBallot.objects.filter(voter=voter).order_by('-pk')[0].pk
return HttpResponse(json.dumps({'audit_id': vote_pk }),
content_type="application/json")
def _audit_votes(self):
votes = {}
for audited in self.poll.audited_ballots.filter(is_request=False):
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
votes[audited.fingerprint] = zeus_vote
for audited in self.poll.audited_ballots.filter(is_request=True):
try:
self.poll.audited_ballots.get(fingerprint=audited.fingerprint,
is_request=False)
except helios_models.AuditedBallot.DoesNotExist:
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
votes[audited.fingerprint] = zeus_vote
return votes
def do_get_vote(self, fingerprint):
# try CastVote
try:
vote = self.poll.cast_votes.get(fingerprint=fingerprint)
zeus_vote = self._get_zeus_vote(vote.vote)
zeus_vote["fingerprint"] = vote.fingerprint
zeus_vote["signature"] = vote.signature["signature"]
zeus_vote["previous"] = vote.previous
zeus_vote["voter"] = vote.voter.uuid
zeus_vote["index"] = vote.index
zeus_vote["weight"] = vote.voter.voter_weight
return zeus_vote
except helios_models.CastVote.DoesNotExist:
pass
# then AuditedBallot
try:
audited = self.poll.audited_ballots.get(fingerprint=fingerprint, is_request=False)
helios_vote = electionalgs.EncryptedVote.fromJSONDict(utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(helios_vote, audit_password=audited.audit_code)
zeus_vote["fingerprint"] = audited.fingerprint
zeus_vote["signature"] = audited.signature["signature"]
return zeus_vote
except helios_models.AuditedBallot.DoesNotExist:
pass
# then AuditedBallot requests
try:
audited = self.poll.audited_ballots.get(fingerprint=fingerprint, is_request=True)
helios_vote = electionalgs.EncryptedVote.fromJSONDict(utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(helios_vote, audit_password=audited.audit_code)
zeus_vote["fingerprint"] = audited.fingerprint
zeus_vote["signature"] = audited.signature["signature"]
return zeus_vote
except helios_models.AuditedBallot.DoesNotExist:
return None
return None
def _audit_votes(self):
votes = {}
for audited in self.poll.audited_ballots.filter(is_request=False):
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
votes[audited.fingerprint] = zeus_vote
for audited in self.poll.audited_ballots.filter(is_request=True):
try:
self.poll.audited_ballots.get(fingerprint=audited.fingerprint,
is_request=False)
except helios_models.AuditedBallot.DoesNotExist:
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
votes[audited.fingerprint] = zeus_vote
return votes
def do_get_vote(self, fingerprint):
# try CastVote
try:
vote = self.poll.cast_votes.get(fingerprint=fingerprint)
zeus_vote = self._get_zeus_vote(vote.vote)
zeus_vote['fingerprint'] = vote.fingerprint
zeus_vote['signature'] = vote.signature['signature']
zeus_vote['previous'] = vote.previous
zeus_vote['voter'] = vote.voter.uuid
zeus_vote['index'] = vote.index
zeus_vote['weight'] = vote.voter.voter_weight
return zeus_vote
except helios_models.CastVote.DoesNotExist:
pass
# then AuditedBallot
try:
audited = self.poll.audited_ballots.get(
fingerprint=fingerprint, is_request=False)
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
return zeus_vote
except helios_models.AuditedBallot.DoesNotExist:
pass
# then AuditedBallot requests
try:
audited = self.poll.audited_ballots.get(
fingerprint=fingerprint, is_request=True)
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
return zeus_vote
except helios_models.AuditedBallot.DoesNotExist:
return None
return None
def do_get_vote(self, fingerprint):
# try CastVote
try:
vote = self.model.election.castvote_set.get(fingerprint=fingerprint)
zeus_vote = self._get_zeus_vote(vote.vote)
zeus_vote['fingerprint'] = vote.fingerprint
zeus_vote['signature'] = vote.signature['signature']
zeus_vote['previous'] = vote.previous
zeus_vote['voter'] = vote.voter.uuid
zeus_vote['index'] = vote.index
return zeus_vote
except helios_models.CastVote.DoesNotExist:
pass
# then AuditedBallot
try:
audited = self.model.election.auditedballot_set.get(
fingerprint=fingerprint, is_request=False)
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
return zeus_vote
except helios_models.AuditedBallot.DoesNotExist:
pass
# then AuditedBallot requests
try:
audited = self.model.election.auditedballot_set.get(
fingerprint=fingerprint, is_request=True)
helios_vote = electionalgs.EncryptedVote.fromJSONDict(
utils.from_json(audited.raw_vote))
zeus_vote = self._get_zeus_vote(
helios_vote,
audit_password=audited.audit_code)
zeus_vote['fingerprint'] = audited.fingerprint
zeus_vote['signature'] = audited.signature['signature']
return zeus_vote
except helios_models.AuditedBallot.DoesNotExist:
return None
return None
def upload_decryption(request, election, poll, trustee):
factors_and_proofs = crypto_utils.from_json(
request.POST['factors_and_proofs'])
# verify the decryption factors
LD = datatypes.LDObject
factors_data = factors_and_proofs['decryption_factors']
factor = lambda fd: LD.fromDict(fd, type_hint='core/BigInteger').wrapped_obj
factors = [[factor(f) for f in factors_data[0]]]
proofs_data = factors_and_proofs['decryption_proofs']
poll.logger.info("Poll decryption uploaded")
tasks.poll_add_trustee_factors.delay(poll.pk, trustee.pk, factors, proofs_data)
return HttpResponse("SUCCESS")
def upload_decryption(request, election, poll, trustee):
factors_and_proofs = crypto_utils.from_json(request.POST["factors_and_proofs"])
# verify the decryption factors
LD = datatypes.LDObject
factors_data = factors_and_proofs["decryption_factors"]
factor = lambda fd: LD.fromDict(fd, type_hint="core/BigInteger").wrapped_obj
factors = [[factor(f) for f in factors_data[0]]]
proofs_data = factors_and_proofs["decryption_proofs"]
proof = lambda pd: LD.fromDict(pd, type_hint="legacy/EGZKProof").wrapped_obj
proofs = [[proof(p) for p in proofs_data[0]]]
poll.logger.info("Poll decryption uploaded")
tasks.poll_add_trustee_factors.delay(poll.pk, trustee.pk, factors, proofs)
return HttpResponse("SUCCESS")
def create_cast_vote(encrypted_vote, voter, request):
'''Create cast vote and verify and store.'''
vote_fingerprint = cryptoutils.hash_b64(encrypted_vote)
vote = datatypes.LDObject.fromDict(
cryptoutils.from_json(encrypted_vote),
type_hint='legacy/EncryptedVote').wrapped_obj
cast_ip = request.META.get('REMOTE_ADDR', None)
cast_vote_params = {
'vote': vote,
'voter': voter,
'vote_hash': vote_fingerprint,
'cast_at': timezone.now(),
'cast_ip': cast_ip
}
cast_vote = CastVote(**cast_vote_params)
cast_vote.save()
# launch the verification task
cast_vote_verify_and_store(cast_vote.id)
def cast(request, election, poll):
voter = request.voter
encrypted_vote = request.POST['encrypted_vote']
vote = datatypes.LDObject.fromDict(
crypto_utils.from_json(encrypted_vote),
type_hint='phoebus/EncryptedVote').wrapped_obj
audit_password = request.POST.get('audit_password', None)
cursor = connection.cursor()
try:
cursor.execute("SELECT pg_advisory_lock(1)")
with transaction.atomic():
cast_result = poll.cast_vote(voter, vote, audit_password)
poll.logger.info("Poll cast")
finally:
cursor.execute("SELECT pg_advisory_unlock(1)")
signature = {'signature': cast_result}
if 'audit_request' in request.session:
poll.logger.info("Poll cast audit request")
del request.session['audit_request']
else:
poll.logger.info("Poll cast")
if signature['signature'].startswith("AUDIT REQUEST"):
request.session['audit_request'] = encrypted_vote
request.session['audit_password'] = audit_password
token = request.session.get('csrf_token')
return HttpResponse('{"audit": 1, "token":"%s"}' % token,
content_type="application/json")
else:
# notify user
fingerprint = voter.cast_votes.filter()[0].fingerprint
tasks.send_cast_vote_email.delay(poll.pk, voter.pk, signature,
fingerprint)
url = "%s%s?f=%s" % (settings.SECURE_URL_HOST,
poll_reverse(poll, 'cast_done'), fingerprint)
return HttpResponse('{"cast_url": "%s"}' % url,
content_type="application/json")
def cast(request, election, poll):
voter = request.voter
encrypted_vote = request.POST['encrypted_vote']
vote = datatypes.LDObject.fromDict(crypto_utils.from_json(encrypted_vote),
type_hint='phoebus/EncryptedVote').wrapped_obj
audit_password = request.POST.get('audit_password', None)
cursor = connection.cursor()
try:
cursor.execute("SELECT pg_advisory_lock(1)")
with transaction.commit_on_success():
cast_result = poll.cast_vote(voter, vote, audit_password)
poll.logger.info("Poll cast")
finally:
cursor.execute("SELECT pg_advisory_unlock(1)")
signature = {'signature': cast_result}
if 'audit_request' in request.session:
poll.logger.info("Poll cast audit request")
del request.session['audit_request']
else:
poll.logger.info("Poll cast")
if signature['signature'].startswith("AUDIT REQUEST"):
request.session['audit_request'] = encrypted_vote
request.session['audit_password'] = audit_password
token = request.session.get('csrf_token')
return HttpResponse('{"audit": 1, "token":"%s"}' % token,
mimetype="application/json")
else:
# notify user
tasks.send_cast_vote_email.delay(poll.pk, voter.pk, signature)
fingerprint = voter.cast_votes.filter()[0].fingerprint
url = "%s%s?f=%s" % (settings.SECURE_URL_HOST, poll_reverse(poll,
'cast_done'),
fingerprint)
return HttpResponse('{"cast_url": "%s"}' % url,
mimetype="application/json")
def upload_decryption(request, election, poll, trustee):
factors_and_proofs = crypto_utils.from_json(
request.POST.get('factors_and_proofs', "{}"))
# verify the decryption factors
try:
LD = datatypes.LDObject
factors_data = factors_and_proofs['decryption_factors']
factor = lambda fd: LD.fromDict(fd, type_hint='core/BigInteger').wrapped_obj
factors = [[factor(f) for f in factors_data[0]]]
proofs_data = factors_and_proofs['decryption_proofs']
proof = lambda pd: LD.fromDict(pd, type_hint='legacy/EGZKProof').wrapped_obj
proofs = [[proof(p) for p in proofs_data[0]]]
poll.logger.info("Poll decryption uploaded")
except KeyError:
data_sample = str(request.POST.items())[:50]
poll.logger.error("upload decryption failed (POST DATA: %s)" % data_sample)
return HttpResponseBadRequest(400)
tasks.poll_add_trustee_factors.delay(poll.pk, trustee.pk, factors, proofs)
return HttpResponse("SUCCESS")
def upload_decryption(request, election, poll, trustee):
factors_and_proofs = crypto_utils.from_json(
request.POST.get('factors_and_proofs', "{}"))
# verify the decryption factors
try:
LD = datatypes.LDObject
factors_data = factors_and_proofs['decryption_factors']
factor = lambda fd: LD.fromDict(fd, type_hint='core/BigInteger').wrapped_obj
factors = [[factor(f) for f in factors_data[0]]]
proofs_data = factors_and_proofs['decryption_proofs']
proof = lambda pd: LD.fromDict(pd, type_hint='legacy/EGZKProof').wrapped_obj
proofs = [[proof(p) for p in proofs_data[0]]]
poll.logger.info("Poll decryption uploaded")
except KeyError:
data_sample = str(request.POST.items())[:50]
poll.logger.error("upload decryption failed (POST DATA: %s)" % data_sample)
return HttpResponseBadRequest(400)
tasks.poll_add_trustee_factors.delay(poll.pk, trustee.pk, factors, proofs)
return HttpResponse("SUCCESS")