def __proxy(self, vote = None, votebox = None): try: evlog.log(LOGSIG[self.__task] + ': ALGUS') if ElectionState().election_on(): security = CertAnalyzer() if security.work(): if self.__task == TASK_CAND: return \ self.__get_candidate_list(security.valid_person()) elif self.__task == TASK_VOTE: return self.__hts_vote(\ security.valid_person(), vote, votebox) else: r1, r2 = protocol.msg_error_technical() return self.__return_error(r1, r2) else: evlog.log_error('Viga: "%s"' % security.logmsg) return \ self.__return_error(security.errcode, security.errmsg) else: r1, r2 = ElectionState().election_off_msg() return self.__return_error(r1, r2) except: return self.__return_exception() finally: evlog.log(LOGSIG[self.__task] + ': LõPP')
def mobid_vote_data(b64vote): import bdocpythonutils bdocdata = base64.b64decode(b64vote) bdocfile = None try: bdocfile = StringIO.StringIO(bdocdata) bdoc = bdocpythonutils.BDocContainer() bdoc.load(bdocfile) bdoc.validateflex() _doc_count = len(bdoc.documents) if _doc_count == 0: raise Exception, "BDoc ei sisalda ühtegi andmefaili" ret = {} for el in bdoc.documents: evlog.log(evlogdata.get_vote(el, bdoc.documents[el])) ret[el] = base64.b64encode(bdoc.documents[el]) return ret finally: if bdocfile != None: bdocfile.close()
def __proxy(self, vote=None, votebox=None): try: evlog.log(LOGSIG[self.__task] + ': ALGUS') if ElectionState().election_on(): security = CertAnalyzer() if security.work(): if self.__task == TASK_CAND: return \ self.__get_candidate_list(security.valid_person()) elif self.__task == TASK_VOTE: return self.__hts_vote(\ security.valid_person(), vote, votebox) else: r1, r2 = protocol.msg_error_technical() return self.__return_error(r1, r2) else: evlog.log_error('Viga: "%s"' % security.logmsg) return \ self.__return_error(security.errcode, security.errmsg) else: r1, r2 = ElectionState().election_off_msg() return self.__return_error(r1, r2) except: return self.__return_exception() finally: evlog.log(LOGSIG[self.__task] + ': LõPP')
def hts_vote(self, valid_person, vote): ik = valid_person[0] en = valid_person[1] pn = valid_person[2] evlog.AppLog().set_person(ik) import base64 decoded_vote = base64.decodestring(vote) evlog.log('Hääle talletamine: %s %s' % (en, pn)) if not Election().can_vote(ik): error = HESResult() error.pole_valija(ik) return self.__return_error(error) inspector = VoteChecker(decoded_vote, ik) mobid = 'MOBILE_ID_CONTEXT' in os.environ if not inspector.check_vote(mobid): return self.__return_error(inspector.error) params = {} params[evcommon.POST_EVOTE] = vote params[evcommon.POST_PERSONAL_CODE] = ik params[evcommon.POST_VOTERS_FILES_SHA256] = \ Election().get_voters_files_sha256() params[evcommon.POST_SESS_ID] = sessionid.voting() hts_connector = HTSConnector(params) if not hts_connector.work_strict(): return self.__return_error(hts_connector.error) return hts_connector.answer[1], hts_connector.answer[2]
def verify_id(self, vote_id): # check if valid vote ID if not formatutil.is_vote_verification_id(vote_id): # We don't know how large vote_id is, so don't write to disk evlog.log_error("Malformed vote ID") raise HTSVerifyException, evcommon.VERIFY_ERROR vote_id = vote_id.lower() otp_key = htscommon.get_verification_key(vote_id) # check if corresponding OTP exists if not self._rreg.check(otp_key): evlog.log_error("No such vote ID: %s" % vote_id) raise HTSVerifyException, evcommon.VERIFY_ERROR self._voter_code = self._rreg.read_string_value(\ otp_key, "voter").value.rstrip() # check if timestamp is OK current = int(time.time()) created = self._rreg.read_integer_value(otp_key, "timestamp").value timeout = Election().get_verification_time() * 60 if created + timeout < current: evlog.log("Vote ID %s has expired" % vote_id) self.__revoke_vote_id() raise HTSVerifyException, evcommon.VERIFY_ERROR # check if count is OK count = self._rreg.read_integer_value(otp_key, "count").value if count <= 0: evlog.log_error("Vote ID %s count is zero, but had not been revoked") self.__revoke_vote_id() raise HTSVerifyException, evcommon.VERIFY_ERROR self._vote_id = vote_id
def mobid_vote_data(b64vote): import bdocpythonutils bdocdata = base64.b64decode(b64vote) bdocfile = None try: bdocfile = StringIO.StringIO(bdocdata) bdoc = bdocpythonutils.BDocContainer() bdoc.load(bdocfile) bdoc.validateflex() _doc_count = len(bdoc.documents) if _doc_count == 0: raise Exception("BDoc ei sisalda ühtegi andmefaili") ret = {} for el in bdoc.documents: evlog.log(evlogdata.get_vote(el, bdoc.documents[el])) ret[el] = bdoc.documents[el] return ret finally: if bdocfile is not None: bdocfile.close()
def hts_vote(self, valid_person, vote): ik = valid_person[0] en = valid_person[1] pn = valid_person[2] evlog.AppLog().set_person(ik) import base64 decoded_vote = base64.decodestring(vote) evlog.log("Hääle talletamine: %s %s" % (en, pn)) if not Election().can_vote(ik): error = HESResult() error.pole_valija(ik) return self.__return_error(error) inspector = VoteChecker(decoded_vote, ik) mobid = "MOBILE_ID_CONTEXT" in os.environ if not inspector.check_vote(mobid): return self.__return_error(inspector.error) params = {} params[evcommon.POST_EVOTE] = vote params[evcommon.POST_PERSONAL_CODE] = ik params[evcommon.POST_VOTERS_FILES_SHA256] = Election().get_voters_files_sha256() params[evcommon.POST_SESS_ID] = sessionid.voting() hts_connector = HTSConnector(params) if not hts_connector.work_strict(): return self.__return_error(hts_connector.error) return hts_connector.answer[1], hts_connector.answer[2]
def hts_consistency_check(self): try: evlog.log('HES ja HTS kooskõlalisuse kontroll: ALGUS') return self.__hes.hts_consistency_check() except: return self.__return_exception(evcommon.EVOTE_CONSISTENCY_ERROR) finally: evlog.log('HTS kooskõlalisuse kontroll: LõPP')
def __tyhista_haaled(self, input_list, operaator): evlog.log("Tühistusavalduse import") good_list = [] bad_list = [] action_list = [] self.__kylm_tyhistamine(input_list, good_list, bad_list, action_list) self.__kuum_tyhistamine(operaator, action_list) return good_list, bad_list
def __ennista_haaled(self, input_list, operaator): evlog.log('Ennistusavalduse import') action_list = [] bad_list = [] good_list = [] self.__kylm_ennistamine(input_list, good_list, bad_list, action_list) self.__kuum_ennistamine(operaator, action_list) return good_list, bad_list
def check_vote(self, mobid): try: bdocpython.initialize() conf = bdocconfig.BDocConfig() conf.load(Election().get_bdoc_conf()) alines = [] elines = [] if mobid: alines, elines = regrights.analyze_signature_for_log(self._decoded_vote) else: alines, elines = regrights.analyze_vote_for_log(self._decoded_vote) for el in alines: evlog.log(el) for el in elines: evlog.log_error(el) res = None if mobid: res = regrights.check_vote_hes_mobid(self._decoded_vote, conf) else: res = regrights.check_vote_hes(self._decoded_vote, conf) if not res.result: self.error.log_msg = res.error if self.error.user_msg == "": self.error.user_msg = evmessage.EV_ERRORS.TEHNILINE_VIGA self.error.user_code = evcommon.EVOTE_ERROR if not res.cert_is_valid: self.error.user_msg = evmessage.EV_ERRORS.SERTIFIKAAT_ON_AEGUNUD self.error.user_code = evcommon.EVOTE_CERT_ERROR return False ik_ver = regrights.get_personal_code(res.subject) if self._ik != ik_ver: self.error.log_msg = "Autentija (%s) ja allkirjastaja (%s) erinevad" % (self._ik, ik_ver) self.error.user_msg = evmessage.EV_ERRORS.TEHNILINE_VIGA self.error.user_code = evcommon.EVOTE_ERROR return False return True except: self.error.user_msg = evmessage.EV_ERRORS.TEHNILINE_VIGA self.error.user_code = evcommon.EVOTE_ERROR self.error.log_msg = exception_msg.trace() finally: bdocpython.terminate() return False
def unschedule(cmd): sched = scheduled(cmd) if sched: job, timestr = sched _atrm(job) evlog.log(LOG_UNSCHEDULED % (cmd, job, timestr)) print UI_UNSCHEDULED % (cmd, job, timestr) _clean_reg(cmd) # Always.
def restore_revoke(elid, rfile, operator): the_hts = hts.HTS(elid) rl = revocationlists.RevocationList() rl.attach_elid(elid) rl.attach_logger(evlog.AppLog()) if not rl.check_format(rfile, 'Kontrollin tühistus-/ennistusnimekirja: '): errmsg = 'Vigase formaadiga tühistus-/ennistusnimekiri' raise Exception(errmsg) g_l = None b_l = None act = '' report = [] newtime = time.localtime() if rl.revoke: act = 'tühistamine' evlog.log('Tühistusavalduse import') g_l, b_l = the_hts.load_revoke(rl.rev_list, operator) report.append(['------------------------------']) report.append(['TÜHISTAMINE (%s)' % \ time.strftime("%Y%m%d%H%M%S", newtime)]) report.append(['%d õnnestumist, %d ebaõnnestumist' % \ (len(g_l), len(b_l))]) report.append(['Operaator %s, fail %s ' % (operator, rfile)]) else: act = 'ennistamine' evlog.log('Ennistusavalduse import') g_l, b_l = the_hts.load_restore(rl.rev_list, operator) report.append(['------------------------------']) report.append(['ENNISTAMINE (%s)' % \ time.strftime("%Y%m%d%H%M%S", newtime)]) report.append(['%d õnnestumist, %d ebaõnnestumist' % \ (len(g_l), len(b_l))]) report.append(['Operaator %s, fail %s ' % (operator, rfile)]) for el in b_l: el.append(act + ' nurjus') report.append(el) for el in g_l: el.append(act + ' õnnestus') report.append(el) report.append(['------------------------------']) the_hts.save_revocation_report(report) return len(rl.rev_list), len(g_l), len(b_l)
def poll(self): try: evlog.log('Poll: ALGUS') self.ctx().load_pre_poll() if self.ctx().auth_succ(): return self.__poll_sign() return self.__poll_auth() except httplib.BadStatusLine, exc: return self.__return_badstatusline_error(exc)
def __poll_sign(self): service = MobileIDService() r1, r2 = service.poll_sign(self.ctx()) if r1 == 'OUTSTANDING_TRANSACTION': return protocol.msg_mobid_poll() if r1 == 'SIGNATURE': evlog.log('Received SIGNATURE from DDS') return self.__hts_vote(r2) return self.__return_mid_error(r1)
def restore_revoke(elid, rfile, operator): the_hts = hts.HTS(elid) rl = revocationlists.RevocationList() rl.attach_elid(elid) rl.attach_logger(evlog.AppLog()) if not rl.check_format(rfile, 'Kontrollin tühistus-/ennistusnimekirja: '): errmsg = 'Vigase formaadiga tühistus-/ennistusnimekiri' raise Exception(errmsg) g_l = None b_l = None act = '' report = [] newtime = time.localtime() if rl.revoke: act = 'tühistamine' evlog.log('Tühistusavalduse import') g_l, b_l = the_hts.load_revoke(rl.rev_list, operator) report.append(['------------------------------']) report.append(['TÜHISTAMINE (%s)' % time.strftime("%Y%m%d%H%M%S", newtime)]) report.append(['%d õnnestumist, %d ebaõnnestumist' % (len(g_l), len(b_l))]) report.append(['Operaator %s, fail %s ' % (operator, rfile)]) else: act = 'ennistamine' evlog.log('Ennistusavalduse import') g_l, b_l = the_hts.load_restore(rl.rev_list, operator) report.append(['------------------------------']) report.append(['ENNISTAMINE (%s)' % time.strftime("%Y%m%d%H%M%S", newtime)]) report.append(['%d õnnestumist, %d ebaõnnestumist' % (len(g_l), len(b_l))]) report.append(['Operaator %s, fail %s ' % (operator, rfile)]) for el in b_l: el.append(act + ' nurjus') report.append(el) for el in g_l: el.append(act + ' õnnestus') report.append(el) report.append(['------------------------------']) the_hts.save_revocation_report(report) return len(rl.rev_list), len(g_l), len(b_l)
def poll(self, form): try: evlog.log('Poll: ALGUS') self.ctx().load_pre_poll() poll_type = form.getvalue(evcommon.POST_MID_POLL) if formatutil.is_mobid_poll_auth(poll_type): evlog.log('Poll: authentication request') return self.__poll_auth() if formatutil.is_mobid_poll_vote(poll_type): if not self.ctx().auth_succ(): raise Exception('Unauthenticated session') evlog.log('Poll: signing request') return self.__poll_sign() # Should never happen if cgivalidator is working correctly raise Exception('Bad poll type: %s' % poll_type[:20]) except httplib.BadStatusLine as exc: return self.__return_badstatusline_error(exc) except ZSI.FaultException as exc: return self.__return_zsi_error(exc) except: return self.__return_exception() finally: evlog.log('Poll: LÕPP')
def compose_list(self): questions = Election().get_questions_obj('hes') for quest in questions: voter = quest.get_voter(self._ik) if voter == None: continue elid = quest.qname() self._name_type = \ self._name_type + elid + ':' + str(quest.get_type()) + '\t' kandidaadid = quest.choices_to_voter(voter) evlog.log("Ringkond: %s-%s-%s-%s-%s" % \ (elid, voter['jaoskond_omavalitsus'], voter['jaoskond'], \ voter['ringkond_omavalitsus'], voter['ringkond'])) self._list.append(kandidaadid)
def get_candidate_list(self, valid_person): ik = valid_person[0] en = valid_person[1] pn = valid_person[2] evlog.AppLog().set_person(ik) evlog.log('Kandidaatide nimekiri: %s %s' % (en, pn)) cld = CandidateListExtractor(ik, sessionid.voting()) cld.compose_list() if cld.has_list(): return evcommon.EVOTE_OK, cld.get_list() error = HESResult() error.pole_valija(ik) return self.__return_error(error)
def poll(self, form): try: evlog.log("Poll: ALGUS") self.ctx().load_pre_poll() poll_type = form.getvalue(evcommon.POST_MID_POLL) if formatutil.is_mobid_poll_auth(poll_type): evlog.log("Poll: authentication request") return self.__poll_auth() if formatutil.is_mobid_poll_vote(poll_type): if not self.ctx().auth_succ(): raise Exception("Unauthenticated session") evlog.log("Poll: signing request") return self.__poll_sign() # Should never happen if cgivalidator is working correctly raise Exception("Bad poll type: %s" % poll_type[:20]) except httplib.BadStatusLine as exc: return self.__return_badstatusline_error(exc) except ZSI.FaultException as exc: return self.__return_zsi_error(exc) except: return self.__return_exception() finally: evlog.log("Poll: LÕPP")
def get_candidate_list(self, valid_person): ik = valid_person[0] en = valid_person[1] pn = valid_person[2] evlog.AppLog().set_person(ik) evlog.log("Kandidaatide nimekiri: %s %s" % (en, pn)) cld = CandidateListExtractor(ik, sessionid.voting()) cld.compose_list() if cld.has_list(): return evcommon.EVOTE_OK, cld.get_list() error = HESResult() error.pole_valija(ik) return self.__return_error(error)
def get_response(self): import binascii # load a random BDOC from the ones available otp_key = htscommon.get_verification_key(self._vote_id) elids = self._rreg.read_string_value(otp_key, "elids")\ .value.rstrip().split("\t") bdoc = self.__load_bdoc(random.choice(elids)) evlog.log("Sending BDOC %s with vote ID %s for verification" %\ (ksum.votehash(bdoc.get_bytes()), self._vote_id)) # check consistency bdoc_set = set([doc.split(".")[0] for doc in bdoc.documents]) elids_set = set(elids) if bdoc_set != elids_set: evlog.log_error("Votes in BDOC for vote ID %s are inconsistent " \ "with registry: %s, %s" % (self._vote_id, bdoc_set, elids_set)) raise HTSVerifyException, evcommon.VERIFY_ERROR # create question objects questions = [] for elid in elids: questions.append(question.Question(\ elid, "hts", Election().get_sub_reg(elid))) # start assembling the response ret = "" # append questions for quest in questions: ret += quest.qname() + ":" + str(quest.get_type()) + "\t" ret += "\n" # append election IDs and votes for votefile in bdoc.documents: elid = votefile.split(".")[0] ret += elid + "\t" + binascii.b2a_hex( bdoc.documents[votefile]) + "\n" ret += "\n" # append choices list for quest in questions: tv = quest.get_voter(self._voter_code) if tv: ret += quest.choices_to_voter(tv) else: evlog.log_error("Voter not found") self.__decrease_count() return ret
def get_response(self): import binascii # load a random BDOC from the ones available otp_key = htscommon.get_verification_key(self._vote_id) elids = self._rreg.read_string_value(otp_key, "elids")\ .value.rstrip().split("\t") bdoc = self.__load_bdoc(random.choice(elids)) evlog.log("Sending BDOC %s with vote ID %s for verification" %\ (ksum.votehash(bdoc.get_bytes()), self._vote_id)) # check consistency bdoc_set = set([doc.split(".")[0] for doc in bdoc.documents]) elids_set = set(elids) if bdoc_set != elids_set: evlog.log_error("Votes in BDOC for vote ID %s are inconsistent " \ "with registry: %s, %s" % (self._vote_id, bdoc_set, elids_set)) raise HTSVerifyException, evcommon.VERIFY_ERROR # create question objects questions = [] for elid in elids: questions.append(question.Question(\ elid, "hts", Election().get_sub_reg(elid))) # start assembling the response ret = "" # append questions for quest in questions: ret += quest.qname() + ":" + str(quest.get_type()) + "\t" ret += "\n" # append election IDs and votes for votefile in bdoc.documents: elid = votefile.split(".")[0] ret += elid + "\t" + binascii.b2a_hex(bdoc.documents[votefile]) + "\n" ret += "\n" # append choices list for quest in questions: tv = quest.get_voter(self._voter_code) if tv: ret += quest.choices_to_voter(tv) else: evlog.log_error("Voter not found") self.__decrease_count() return ret
def restore_revoke(elid, rfile, operator): the_hts = hts.HTS(elid) rl = revocationlists.RevocationList() rl.attach_elid(elid) rl.attach_logger(evlog.AppLog()) if not rl.check_format(rfile, "Kontrollin tühistus-/ennistusnimekirja: "): errmsg = "Vigase formaadiga tühistus-/ennistusnimekiri" raise Exception(errmsg) g_l = None b_l = None act = "" report = [] newtime = time.localtime() if rl.revoke: act = "tühistamine" evlog.log("Tühistusavalduse import") g_l, b_l = the_hts.load_revoke(rl.rev_list, operator) report.append(["------------------------------"]) report.append(["TÜHISTAMINE (%s)" % time.strftime("%Y%m%d%H%M%S", newtime)]) report.append(["%d õnnestumist, %d ebaõnnestumist" % (len(g_l), len(b_l))]) report.append(["Operaator %s, fail %s " % (operator, rfile)]) else: act = "ennistamine" evlog.log("Ennistusavalduse import") g_l, b_l = the_hts.load_restore(rl.rev_list, operator) report.append(["------------------------------"]) report.append(["ENNISTAMINE (%s)" % time.strftime("%Y%m%d%H%M%S", newtime)]) report.append(["%d õnnestumist, %d ebaõnnestumist" % (len(g_l), len(b_l))]) report.append(["Operaator %s, fail %s " % (operator, rfile)]) for el in b_l: el.append(act + " nurjus") report.append(el) for el in g_l: el.append(act + " õnnestus") report.append(el) report.append(["------------------------------"]) the_hts.save_revocation_report(report) return len(rl.rev_list), len(g_l), len(b_l)
def verify(self, vote_id): verifier = HTSVerify() try: verifier.verify_id(vote_id) except HTSVerifyException as e: return e.ret, EvMessage().get_str(\ "INVALID_VOTE_ID", evstrings.INVALID_VOTE_ID) evlog.log("Verifying vote with ID %s" % vote_id) try: return evcommon.VERIFY_OK, verifier.get_response() except HTSVerifyException as e: return e.ret, EvMessage().get_str(\ "TECHNICAL_ERROR_VOTE_VERIFICATION", \ evstrings.TECHNICAL_ERROR_VOTE_VERIFICATION)
def do_cgi(): try: elec = election.Election() evlog.AppLog().set_app(APP) # Create a list of pairs from the form parameters. Don't use a dictionary # because that will overwrite recurring keys. form = cgi.FieldStorage() params = [] for key in form: for value in form.getlist(key): params.append((key, value)) # Only accept up to a single parameter if len(params) > 1: def keys(pairs): """Return a comma-separated list of the keys.""" return ", ".join([pair[0] for pair in pairs]) evlog.log_error("Too many query parameters: " + keys(params)) bad_parameters() return # Only accept the POST_VERIFY_VOTE parameter. if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE: evlog.log_error('Unknown query parameter "%s"' % params[0][0]) bad_parameters() return # Make sure the parameter is correctly formatted. if not formatutil.is_vote_verification_id(params[0][1]): # Don't write to disk; we don't know how large the value is evlog.log_error("Malformed vote ID") bad_parameters() return evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip()) evlog.log("verif/auth VOTE-ID: " + params[0][1]) params.append((evcommon.POST_SESS_ID, sessionid.voting())) url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path() conn = urllib.urlopen(url, urllib.urlencode(params)) protocol.http_response(conn.read()) except: evlog.log_exception() technical_error()
def do_cgi(): try: elec = election.Election() evlog.AppLog().set_app(APP) # Create a list of pairs from the form parameters. Don't use a dictionary # because that will overwrite recurring keys. form = cgi.FieldStorage() params = [] for key in form: for value in form.getlist(key): params.append((key, value)) # Only accept up to a single parameter if len(params) > 1: def keys(pairs): """Return a comma-separated list of the keys.""" return ", ".join([pair[0] for pair in pairs]) evlog.log_error("Too many query parameters: " + keys(params)) bad_parameters() return # Only accept the POST_VERIFY_VOTE parameter. if len(params) and params[0][0] != evcommon.POST_VERIFY_VOTE: evlog.log_error("Unknown query parameter \"%s\"" % params[0][0]) bad_parameters() return # Make sure the parameter is correctly formatted. if not formatutil.is_vote_verification_id(params[0][1]): # Don't write to disk; we don't know how large the value is evlog.log_error("Malformed vote ID") bad_parameters() return evlog.log("verif/auth REMOTE_ADDR: " + evlogdata.get_remote_ip()) evlog.log("verif/auth VOTE-ID: " + params[0][1]) params.append((evcommon.POST_SESS_ID, sessionid.voting())) url = "http://" + elec.get_hts_ip() + "/" + elec.get_hts_verify_path() conn = urllib.urlopen(url, urllib.urlencode(params)) protocol.http_response(conn.read()) except: evlog.log_exception() technical_error()
def _main(expected, cmd): state = election.ElectionState().get() if state == int(expected): evlog.log(LOG_EXECUTING % cmd) if cmd == COMMAND_START: _execute_start() elif cmd == COMMAND_PREPARE_STOP: _execute_prepare_stop() elif cmd == COMMAND_STOP: _execute_stop() else: evlog.log_error(LOG_ERROR_UNKNOWN % cmd) raise Exception _signal_ui() else: evlog.log_error(LOG_ERROR_STATE % (cmd, state, expected)) _clean_reg(cmd)
def __poll_auth(self): service = MobileIDService() rsp = service.poll_auth(self.ctx()) if rsp._Status == 'OUTSTANDING_TRANSACTION': return protocol.msg_mobid_poll() if rsp._Status == 'USER_AUTHENTICATED': evlog.log('Received USER_AUTHENTICATED from DDS') c1, c2 = self.ctx().verify_challenge(rsp._Signature) if not c1: evlog.log_error(c2) return self.__return_mid_error('Autentimine ebaõnnestus') return self.__get_candidate_list() return self.__return_mid_error(rsp._Status)
def _revoke_vote_id(voter_code): elec = Election() otps = set() for quest in elec.get_questions(): reg = elec.get_sub_reg(quest) key = htscommon.get_user_key(voter_code) if reg.check(key + [htscommon.VOTE_VERIFICATION_ID_FILENAME]): otp = reg.read_string_value(key, \ htscommon.VOTE_VERIFICATION_ID_FILENAME) otps.add(otp.value) evlog.log("Revoking vote ID %s" % otp) if not _delete_vote_id(otp.value): evlog.log_error("No such vote-ID: %s" % otp) otp.delete() if len(otps) > 1: evlog.log_error("The voter %s had multiple vote ID-s: %s" % \ (voter_code, ", ".join(otps)))
def hts_repeat_check(self, valid_person): ik = valid_person[0] evlog.AppLog().set_person(ik) evlog.log("Korduvhääletuse kontroll") params = {} params[evcommon.POST_PERSONAL_CODE] = ik params[evcommon.POST_VOTERS_FILES_SHA256] = Election().get_voters_files_sha256() params[evcommon.POST_SESS_ID] = sessionid.voting() hts_connector = HTSConnector(params) if not hts_connector.work(): hts_connector.error.user_code = evcommon.EVOTE_REPEAT_ERROR return self.__return_error(hts_connector.error) retcode = hts_connector.answer[1] ans = "<br>".join(hts_connector.answer[2:]) return retcode, ans
def __get_candidate_list(self, valid_person): cand_ok, cand_msg = self.__hes.get_candidate_list(valid_person) if not cand_ok == evcommon.EVOTE_OK: return self.__return_error(cand_ok, cand_msg) korduv_ret, korduv_msg = self.__hes.hts_repeat_check(valid_person) if korduv_ret == evcommon.EVOTE_REPEAT_NO: evlog.log('Kandidaatide nimekiri väljastati A') return protocol.msg_ok(cand_msg) elif korduv_ret == evcommon.EVOTE_REPEAT_YES: evlog.log('Kandidaatide nimekiri väljastati B') return protocol.msg_repeat(cand_msg, korduv_msg) elif korduv_ret == evcommon.EVOTE_REPEAT_NOT_CONSISTENT: r1, r2 = protocol.plain_error_maintainance() return self.__return_error(r1, r2) else: return self.__return_error(evcommon.EVOTE_ERROR, korduv_msg)
def hts_repeat_check(self, valid_person): ik = valid_person[0] evlog.AppLog().set_person(ik) evlog.log('Korduvhääletuse kontroll') params = {} params[evcommon.POST_PERSONAL_CODE] = ik params[evcommon.POST_VOTERS_FILES_SHA256] = \ Election().get_voters_files_sha256() params[evcommon.POST_SESS_ID] = sessionid.voting() hts_connector = HTSConnector(params) if not hts_connector.work(): hts_connector.error.user_code = evcommon.EVOTE_REPEAT_ERROR return self.__return_error(hts_connector.error) retcode = hts_connector.answer[1] ans = '<br>'.join(hts_connector.answer[2:]) return retcode, ans
def schedule(cmd, tstruct): sched = scheduled(cmd) if sched: job, timestr = sched evlog.log_error(LOG_ERROR_SCHEDULED % (cmd, job, timestr)) print UI_ERROR_SCHEDULED % (cmd, job, timestr) return timestr = time.strftime(TIME_FORMAT, tstruct) job = _at(timestr, "python -m %s %i %s" % (MODULE_AUTOCMD, EXPECTED[cmd], cmd)) if not job: evlog.log_error(LOG_ERROR_SCHEDULE % cmd) print UI_ERROR_SCHEDULE % cmd return reg = evreg.Registry(root=evcommon.EVREG_CONFIG) reg.ensure_key(AUTOCMD_KEY) reg.create_integer_value(AUTOCMD_KEY, _job_value(cmd), job) reg.create_string_value(AUTOCMD_KEY, _time_value(cmd), timestr) evlog.log(LOG_SCHEDULED % (cmd, job, timestr)) print UI_SCHEDULED % (cmd, job, timestr)
def compose_list(self): questions = Election().get_questions_obj("hes") for quest in questions: voter = quest.get_voter(self._ik) if voter is None: continue # Read voter's name from voters list self._pname = voter["nimi"] elid = quest.qname() self._name_type = self._name_type + elid + ":" + str(quest.get_type()) + "\t" kandidaadid = quest.choices_to_voter(voter) evlog.log( "Ringkond: %s-%s-%s-%s-%s" % ( elid, voter["jaoskond_omavalitsus"], voter["jaoskond"], voter["ringkond_omavalitsus"], voter["ringkond"], ) ) self._list.append(kandidaadid)
def __talleta(self, binvote): store = HTSStore() new_otp = False try: store.verify_vote(binvote) evlog.log('Hääle allkirjastaja: %s' % store.signercode) store.extract_questions() store.create_actions() store.revoke_vote_id() vote_id = store.issue_vote_id() evlog.log("Issued vote ID %s to %s for BDOC %s" % \ (vote_id, store.signercode, ksum.votehash(store.signed_vote))) new_otp = True store.store_votes() except HTSStoreException as e: evlog.log_error(store.log_msg) if new_otp: store.revoke_vote_id() return e.ret, store.user_msg return evcommon.EVOTE_OK, vote_id
def init_auth(self, phone): try: evlog.log("Autentimispäring: ALGUS %s" % (phone)) if not ElectionState().election_on(): r1, r2 = ElectionState().election_off_msg() return protocol.msg_error(r1, r2) self.ctx().set_phone(phone) self.ctx().generate_challenge() service = MobileIDService() rsp_cert = service.get_cert(self.ctx()) if not (rsp_cert._SignCertStatus == 'OK'): return self.__return_mid_error(rsp_cert._SignCertStatus) if rsp_cert._AuthCertStatus == 'OK': res, err = cert_ok(rsp_cert._AuthCertData) if not res: evlog.log_error(err) return self.__return_mid_policy_error() else: return self.__return_mid_error(rsp_cert._AuthCertStatus) rsp = service.init_auth(self.ctx()) if rsp._Status == 'OK': self.ctx().save_post_auth(rsp) evlog.log('Autentimispäring (%s, %s, %s, %s)' % \ (rsp._UserIDCode, rsp._UserGivenname, \ rsp._UserSurname, rsp._Challenge)) return protocol.msg_mobid_auth_init_ok(\ self.ctx().sessid(), rsp._ChallengeID) return self.__return_mid_error(rsp._Status) except httplib.BadStatusLine, exc: return self.__return_badstatusline_error(exc)
def init_sign(self, form): try: evlog.log('Signeerimispäring: ALGUS') if not self.ctx().auth_succ(): raise Exception('Autentimata sessioon') self.ctx().load_pre_sign() service = MobileIDService() for el in form: if el == evcommon.POST_SESS_ID: pass elif el == evcommon.POST_EVOTE: b64 = form.getvalue(el) votes = mobid_vote_data(b64) for el in votes: vote = base64.b64decode(votes[el]) service.add_file(el, vote) self.ctx().add_votefile(el, vote) self.ctx().set_origvote(b64) else: raise Exception('Vigane päringuparameeter %s' % el) if service.files() < 1: raise Exception('Ei ole hääli, mida signeerida') r1, r2, r3 = service.init_sign(self.ctx()) if r1: self.ctx().save_post_sign(r2) return protocol.msg_mobid_sign_init_ok(r3) return self.__return_mid_error(r2) except httplib.BadStatusLine, exc: return self.__return_badstatusline_error(exc)
def init_auth(self, phone): try: evlog.log("Autentimispäring: ALGUS %s" % (phone)) if not ElectionState().election_on(): r1, r2 = ElectionState().election_off_msg() evlog.log_error('Viga operatsioonil "cand", teade "%s"' % r2) return protocol.msg_error(r1, r2) self.ctx().set_phone(phone) self.ctx().generate_challenge() service = MobileIDService() rsp = service.init_auth(self.ctx()) if rsp._Status == 'OK': rsp._CertificateData = rsp._CertificateData.strip() self.ctx().save_post_auth(rsp) alog, elog = evlogdata.get_cert_data_log( rsp._CertificateData, 'cand/auth', True) evlog.log('Autentimispäring (%s, %s, %s, %s)' % (rsp._UserIDCode, rsp._UserGivenname, rsp._UserSurname, rsp._Challenge)) evlog.log(alog) if elog: evlog.log_error(elog) return protocol.msg_mobid_auth_init_ok(self.ctx().sessid(), rsp._ChallengeID) return self.__return_mid_error(rsp._Status) except httplib.BadStatusLine as exc: return self.__return_badstatusline_error(exc) except ZSI.FaultException as exc: return self.__return_zsi_error(exc) except: return self.__return_exception() finally: evlog.log('Autentimispäring: LÕPP')
def init_auth(self, phone): try: evlog.log("Autentimispäring: ALGUS %s" % (phone)) if not ElectionState().election_on(): r1, r2 = ElectionState().election_off_msg() evlog.log_error('Viga operatsioonil "cand", teade "%s"' % r2) return protocol.msg_error(r1, r2) self.ctx().set_phone(phone) self.ctx().generate_challenge() service = MobileIDService() rsp = service.init_auth(self.ctx()) if rsp._Status == "OK": rsp._CertificateData = rsp._CertificateData.strip() self.ctx().save_post_auth(rsp) alog, elog = evlogdata.get_cert_data_log(rsp._CertificateData, "cand/auth", True) evlog.log( "Autentimispäring (%s, %s, %s, %s)" % (rsp._UserIDCode, rsp._UserGivenname, rsp._UserSurname, rsp._Challenge) ) evlog.log(alog) if elog: evlog.log_error(elog) return protocol.msg_mobid_auth_init_ok(self.ctx().sessid(), rsp._ChallengeID) return self.__return_mid_error(rsp._Status) except httplib.BadStatusLine as exc: return self.__return_badstatusline_error(exc) except ZSI.FaultException as exc: return self.__return_zsi_error(exc) except: return self.__return_exception() finally: evlog.log("Autentimispäring: LÕPP")
def init_sign(self, form): try: evlog.log('Signeerimispäring: ALGUS') if not self.ctx().check_session(): return self.__return_error(evcommon.EVOTE_ERROR, evmessage.EV_ERRORS.SEANSS_PUUDUB) self.ctx().load_pre_sign() service = MobileIDService() for el in form: if el == evcommon.POST_SESS_ID: pass elif el == evcommon.POST_EVOTE: b64 = form.getvalue(el) votes = mobid_vote_data(b64) for el in votes: vote = votes[el] service.add_file(el, vote) self.ctx().add_votefile(el, vote) self.ctx().set_origvote(b64) else: raise Exception('Vigane päringuparameeter %s' % el) if service.files() < 1: raise Exception('Ei ole hääli, mida signeerida') r1, r2, r3 = service.init_sign(self.ctx()) if r1: self.ctx().save_post_sign(r2) evlog.log('Signeerimispäring (%s)' % r2) return protocol.msg_mobid_sign_init_ok(r3) return self.__return_mid_error(r2) except httplib.BadStatusLine as exc: return self.__return_badstatusline_error(exc) except ZSI.FaultException as exc: return self.__return_zsi_error(exc) except: return self.__return_exception() finally: evlog.log('Signeerimispäring: LÕPP')
def check_vote(self, mobid): try: bdocpython.initialize() conf = bdocconfig.BDocConfig() conf.load(Election().get_bdoc_conf()) alines = [] elines = [] if mobid: alines, elines = \ regrights.analyze_signature_for_log(self._decoded_vote) else: alines, elines = \ regrights.analyze_vote_for_log(self._decoded_vote) for el in alines: evlog.log(el) for el in elines: evlog.log_error(el) res = None if mobid: res = regrights.check_vote_hes_mobid(self._decoded_vote, conf) else: res = regrights.check_vote_hes(self._decoded_vote, conf) if not res.result: self.error.log_msg = res.error if self.error.user_msg == '': self.error.user_msg = evmessage.EV_ERRORS.TEHNILINE_VIGA self.error.user_code = evcommon.EVOTE_ERROR if not res.cert_is_valid: self.error.user_msg =\ evmessage.EV_ERRORS.SERTIFIKAAT_ON_AEGUNUD self.error.user_code = evcommon.EVOTE_CERT_ERROR return False ik_ver = regrights.get_personal_code(res.subject) if self._ik != ik_ver: self.error.log_msg = \ 'Autentija (%s) ja allkirjastaja (%s) erinevad' % \ (self._ik, ik_ver) self.error.user_msg = \ evmessage.EV_ERRORS.TEHNILINE_VIGA self.error.user_code = evcommon.EVOTE_ERROR return False return True except: self.error.user_msg = evmessage.EV_ERRORS.TEHNILINE_VIGA self.error.user_code = evcommon.EVOTE_ERROR self.error.log_msg = exception_msg.trace() finally: bdocpython.terminate() return False
def do_log(prefix): alog, elog = get_loglines(prefix) for el in alog: evlog.log(el) for el in elog: evlog.log_error(el)
if r1: self.ctx().save_post_sign(r2) return protocol.msg_mobid_sign_init_ok(r3) return self.__return_mid_error(r2) except httplib.BadStatusLine, exc: return self.__return_badstatusline_error(exc) except ZSI.FaultException, exc: return self.__return_zsi_error(exc) except: return self.__return_exception() finally: evlog.log('Signeerimispäring: LÕPP') def init_auth(self, phone): try: evlog.log("Autentimispäring: ALGUS %s" % (phone)) if not ElectionState().election_on(): r1, r2 = ElectionState().election_off_msg() return protocol.msg_error(r1, r2) self.ctx().set_phone(phone) self.ctx().generate_challenge() service = MobileIDService() rsp_cert = service.get_cert(self.ctx()) if not (rsp_cert._SignCertStatus == 'OK'):