Cast-as-intended in the command line tool

As illustrated in the demo-cai.sh script, the voter now gets some audit codes out of the ballot generation. She can then form an audit mask by selecting one for each voting option with the reveal-audit-mask command. This audit mask is sent along the ballot to the bulletin board.

Since the encrypted audit codes and a zero-knowledge proof of v + a = b mod mu is included in the ballot, the verification step checks that the zkp is valid and that the audit masks correspond to the selected codes.