Commit cfe7d738 authored by Stephane Glondu's avatar Stephane Glondu
Browse files

Add "vote" subcommand

The credential is taken from the file given to --privkey (if any).
parent 254f8671
......@@ -21,6 +21,22 @@
open Util
let remove_dashes x =
let n = String.length x in
let res = Buffer.create n in
for i = 0 to n-1 do
let c = x.[i] in
if c <> '-' then Buffer.add_char res c;
done;
Buffer.contents res
let derive uuid x =
let open Cryptokit in
let uuid = remove_dashes (Uuidm.to_string uuid) in
let salt = transform_string (Hexa.decode ()) uuid in
pbkdf2 ~prf:MAC.hmac_sha256 ~iterations:1000 ~size:1 ~salt x |>
transform_string (Hexa.encode ())
module RunCredgen (X : sig end) = struct
(* Setup group *)
......@@ -37,12 +53,7 @@ module RunCredgen (X : sig end) = struct
let n53 = Z.of_int 53
let public_key_of_token uuid x =
let open Cryptokit in
let salt = transform_string (Hexa.decode ()) uuid in
let hex =
pbkdf2 ~prf:MAC.hmac_sha256 ~iterations:1000 ~size:1 ~salt x |>
transform_string (Hexa.encode ())
in
let hex = derive uuid x in
let x = Z.(of_string_base 16 hex mod G.q) in
let y = G.(g **~ x) in
Z.to_string y
......@@ -72,22 +83,13 @@ module RunCredgen (X : sig end) = struct
let () = Arg.parse speclist anon_fun usage_msg
let remove_dashes x =
let n = String.length x in
let res = Buffer.create n in
for i = 0 to n-1 do
let c = x.[i] in
if c <> '-' then Buffer.add_char res c;
done;
Buffer.contents res
let uuid = match !uuid with
| None ->
Printf.eprintf "UUID is missing!\n";
exit 1
| Some u ->
match Uuidm.of_string u with
| Some _ -> remove_dashes u
| Some u -> u
| None ->
Printf.eprintf "UUID is invalid!\n";
exit 1
......
val derive : Uuidm.t -> string -> string
val main : unit -> unit
......@@ -48,6 +48,7 @@ module type PARAMS = sig
val sk_file : string option
val do_finalize : bool
val do_decrypt : bool
val ballot_file : string option
val params : ff_pubkey params
val election_fingerprint : string
val group : ff_params
......@@ -64,6 +65,7 @@ module GetParams (X : sig end) : PARAMS = struct
let sk_file = ref None
let do_finalize = ref false
let do_decrypt = ref false
let ballot_file = ref None
let speclist = Arg.([
"--dir", String (fun s -> dir := s), "path to election files";
......@@ -75,7 +77,7 @@ module GetParams (X : sig end) : PARAMS = struct
])
let usage_msg =
Printf.sprintf "Usage: %s election [--dir <dir>] [--privkey <privkey>] { verify | decrypt | finalize }" Sys.argv.(0)
Printf.sprintf "Usage: %s election [--dir <dir>] [--privkey <privkey>] { vote <ballot> | verify | decrypt | finalize }" Sys.argv.(0)
let usage () =
Arg.usage speclist usage_msg;
......@@ -90,6 +92,13 @@ module GetParams (X : sig end) : PARAMS = struct
let () = match List.rev !anon_args with
| [] -> usage ()
| ["vote"; f] ->
let f =
if Filename.is_relative f then Filename.concat initial_dir f else f
in ballot_file := Some f
| ["vote"] ->
Printf.eprintf "ballot file is missing\n";
exit 1
| ["verify"] -> ()
| ["finalize"] -> do_finalize := true
| ["decrypt"] ->
......@@ -119,6 +128,7 @@ module GetParams (X : sig end) : PARAMS = struct
let sk_file = !sk_file
let do_finalize = !do_finalize
let do_decrypt = !do_decrypt
let ballot_file = !ballot_file
end
......@@ -213,6 +223,31 @@ module RunTool (G : Election.FF_GROUP) (P : PARAMS) = struct
) (E.neutral_ciphertext e) ()
)
let () = match ballot_file with
| None -> ()
| Some fn ->
(match load_from_file Serializable_j.plaintext_of_string fn with
| Some [b] ->
let sk =
match sk_file with
| Some fn ->
(match load_from_file (fun x -> x) fn with
| Some [cred] ->
let hex = Credgen.derive e.e_params.e_uuid cred in
Some Z.(of_string_base 16 hex mod G.q)
| _ -> failwith "invalid credential file"
)
| None -> None
in
let b = E.create_ballot e ?sk (E.make_randomness e ()) b () in
assert (E.check_ballot e b);
print_endline (
Serializable_j.string_of_ballot
Serializable_builtin_j.write_number b
)
| _ -> failwith "invalid plaintext ballot file"
)
let () = if do_decrypt then
match sk_file with
| Some fn ->
......
......@@ -124,11 +124,13 @@ type 'a partial_decryption = {
decryption_proofs : proof list <ocaml repr="array"> list <ocaml repr="array">;
}
type plaintext = int list <ocaml repr="array"> list <ocaml repr="array">
type 'a result = {
num_tallied : int;
encrypted_tally : 'a ciphertext list <ocaml repr="array"> list <ocaml repr="array">;
partial_decryptions : 'a partial_decryption list <ocaml repr="array">;
result : int list <ocaml repr="array"> list <ocaml repr="array">;
result : plaintext;
}
(** {1 Other datastructures} *)
......
......@@ -162,7 +162,7 @@ module type ELECTION = sig
(** {2 Ballots} *)
type plaintext = int array array
type plaintext = Serializable_t.plaintext
(** The plaintext equivalent of [ciphertext], i.e. the contents of a
ballot. When [x] is such a value, [x.(i).(j)] is the weight (0
or 1) given to answer [j] in question [i]. *)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment