def verify_vote(self, votedata):
import regrights
self.user_msg = \
EvMessage().get_str("TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL", \
evstrings.TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL)
conf = bdocpythonutils.BDocConfig()
conf.load(Election().get_bdoc_conf())
self.bdoc = bdocpythonutils.BDocContainer()
self.bdoc.load_bytes(votedata)
self.bdoc.validateflex()
res = self.__check_incoming_vote(conf)
if not res.result:
self.log_msg = res.error
if self.user_msg == '':
self.user_msg = EvMessage().\
get_str("TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL", \
evstrings.TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL)
if not res.ocsp_is_good:
self.user_msg = EvMessage().\
get_str("SERTIFIKAAT_ON_TYHISTATUD_VOI_PEATATUD", \
evstrings.SERTIFIKAAT_ON_TYHISTATUD_VOI_PEATATUD)
raise HTSStoreException, evcommon.EVOTE_CERT_ERROR
raise HTSStoreException, evcommon.EVOTE_ERROR
self.signercode = regrights.get_personal_code(res.subject)
self.ocsp_time = res.ocsp_time
self.signed_vote = self.bdoc.get_bytes()
def check_ocsp():
log = evlog.Logger()
log.set_format(evlog.AppLogFormat('OCSPWD'))
log.set_logs(Election().get_path(evcommon.OCSP_LOG_FILE))
try:
_conf = bdocpythonutils.BDocConfig()
_conf.load(Election().get_bdoc_conf())
_ocsp = _conf.get_ocsp_responders()
for el in _ocsp:
app = 'openssl ocsp -issuer "%s" -serial 123 -url "%s" -noverify' % \
(_ocsp[el], el)
pp = subprocess.Popen(app, shell=True, stdin=subprocess.PIPE, \
stdout=subprocess.PIPE, close_fds=True)
is_ok = 0
start = time.time()
while 1:
line = pp.stdout.readline()
if line == '':
break
if line.strip().find('This Update:') != -1:
is_ok = 1
end = time.time()
if is_ok:
log.log_info(message='OCSP vastas %5.2f sekundiga' %
(end - start))
else:
log.log_info(message='OCSP ei vasta')
except:
log.log_err(message=exception_msg.trace())
def calculate(self, verify):
import bdocpythonutils
tic = ticker.Counter('Hääli:', '\tKorras: %d\tVigaseid: %d')
tic.start('Hääletuse \"%s\" olekuanalüüs' % self.__elid)
conf = bdocpythonutils.BDocConfig()
conf.load(Election().get_bdoc_conf())
for path in os.walk(self.__reg.path(['hts', 'votes'])):
root = path[0]
for vote_file in path[2]:
code = root.split('/').pop()
msg = None
res = True
if verify:
res, msg = self.do_verify(root, vote_file, conf, code)
if htscommon.VALID_VOTE_PATTERN.match(vote_file):
self.__sti.valid_vote(msg, res)
elif htscommon.USERREVOKED_VOTE_PATTERN.match(vote_file):
self.__sti.userrevoked_vote(msg, res)
elif htscommon.AUTOREVOKED_VOTE_PATTERN.match(vote_file):
self.__sti.autorevoked_vote(msg, res)
elif htscommon.REVOKE_REASON_PATTERN.match(vote_file):
pass
elif htscommon.VOTE_VERIFICATION_ID_FILENAME == vote_file:
pass
else:
self.__sti.unknown_file('\t' + root + '/' + vote_file)
tic.tick(1, self.__sti.ok_count(), self.__sti.bad_count())
tic.finish()
def cert_ok(incert):
import bdocpythonutils
conf = bdocpythonutils.BDocConfig()
conf.load(Election().get_bdoc_conf())
b64cert = incert.replace('-----BEGIN CERTIFICATE-----', '').\
replace('-----END CERTIFICATE-----', '')
return conf.is_good_mid_cert(b64cert)
def __init__(self):
self.elid = None
self._ed = None
self._ch = None
self.reg = None
self.quest = None
self.root = None
self.backup_dir = None
self.conf = bdocpythonutils.BDocConfig()
self.conf.load(Election().get_bdoc_conf())
def check_vote(self, mobid):
try:
bdocpython.initialize()
conf = bdocpythonutils.BDocConfig()
conf.load(Election().get_bdoc_conf())
res = None
if mobid:
res = regrights.check_vote_hes_mobid(self._decoded_vote, conf)
else:
res = regrights.check_vote_hes(self._decoded_vote, conf)
if not res.result:
self.error.log_msg = res.error
if self.error.user_msg == '':
self.error.user_msg = evmessage.EvMessage().\
get_str("TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL", \
evstrings.TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL)
self.error.user_code = evcommon.EVOTE_ERROR
if not res.cert_is_valid:
self.error.user_msg = evmessage.EvMessage().\
get_str("SERTIFIKAAT_ON_AEGUNUD", \
evstrings.SERTIFIKAAT_ON_AEGUNUD)
self.error.user_code = evcommon.EVOTE_CERT_ERROR
return False
ik_ver = regrights.get_personal_code(res.subject)
if self._ik != ik_ver:
self.error.log_msg = \
'Autentija (%s) ja allkirjastaja (%s) erinevad' % \
(self._ik, ik_ver)
self.error.user_msg = \
evmessage.EvMessage().get_str("ERINEV_KASUTAJA", \
evstrings.ERINEV_KASUTAJA)
self.error.user_code = evcommon.EVOTE_ERROR
return False
return True
except:
self.error.user_msg = evmessage.EvMessage().\
get_str("TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL", \
evstrings.TEHNILINE_VIGA_HAALE_VERIFITSEERIMISEL)
self.error.user_code = evcommon.EVOTE_ERROR
self.error.log_msg = exception_msg.trace()
finally:
bdocpython.terminate()
return False
def set_bdoc_conf(conf_dir):
conf = bdocpythonutils.BDocConfig()
conf.load(conf_dir)
conf.save(Election().get_bdoc_conf())
subprocess.check_call(['c_rehash', Election().get_bdoc_ca()])
def tyhista_ennista(self, filename):
tmp_tyhis_f = None
try:
bdocpython.initialize()
bconf = bdocpythonutils.BDocConfig()
bconf.load(Election().get_bdoc_conf())
result = regrights.kontrolli_volitusi(\
self._elid, filename, 'TYHIS', bconf)
if not result[0]:
self._errmsg = \
'Tühistus-/ennistusnimekirja volituste ' \
'kontroll andis negatiivse tulemuse: '
self._errmsg += result[1]
raise Exception(self._errmsg)
_signercode = result[2]
tmp_tyhis_f = bdocpythonutils.get_doc_content_file(filename)
rl = revocationlists.RevocationList()
rl.attach_elid(self._elid)
rl.attach_logger(evlog.AppLog())
if not rl.check_format(tmp_tyhis_f, \
'Kontrollin tühistus-/ennistusnimekirja: '):
self._errmsg = 'Vigase formaadiga tühistus-/ennistusnimekiri'
raise Exception(self._errmsg)
g_l = None
b_l = None
act = ''
report = []
if rl.revoke:
act = 'tühistamine'
g_l, b_l = self.__tyhista_haaled(rl.rev_list, _signercode)
else:
act = 'ennistamine'
g_l, b_l = self.__ennista_haaled(rl.rev_list, _signercode)
for el in b_l:
el.append(act + ' nurjus')
report.append(el)
for el in g_l:
el.append(act + ' õnnestus')
report.append(el)
fn = self._reg.path(['hts', 'output', evcommon.REVREPORT_FILE])
self.__save_list(report, fn)
ksum.store(fn)
return len(rl.rev_list), len(g_l), len(b_l)
finally:
if tmp_tyhis_f != None:
os.unlink(tmp_tyhis_f)