From dff885437e40a4ea6f8957f55c5e39a05c0deb39 Mon Sep 17 00:00:00 2001 From: Rumperuu Date: Sat, 15 Sep 2018 16:25:36 +0100 Subject: [PATCH] eat --- static/js/event_vote.js | 11 +++++++---- static/js/vote_audit.js | 16 +++++++++------- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/static/js/event_vote.js b/static/js/event_vote.js index 6807fba..44fb60c 100644 --- a/static/js/event_vote.js +++ b/static/js/event_vote.js @@ -557,8 +557,11 @@ function sendBallotsToServer(selection, selectedBallot, otherBallot) { var ballotID = encodeURIComponent(btoa(JSON.stringify({voterID: voterID, eventID: eventID, pollNum: pollNum}))); // TODO: Generate a SK rather than using a static one. UUID generated server side and then injected JS side? + JSON.stringify(otherBallot) var SK = "temporary"; var encAlt = sjcl.encrypt(SK, JSON.stringify(otherBallot)); + var out = (new sjcl.misc.hmac(key, sjcl.hash.sha256)).mac(encAlt); + var hmac = sjcl.codec.hex.fromBits(out); let selectedBallotAsStr = JSON.stringify(selectedBallot); $.ajax({ @@ -566,13 +569,13 @@ function sendBallotsToServer(selection, selectedBallot, otherBallot) { url : window.location, data : { handle: ballotID, encBallot: encAlt, ballot: selectedBallotAsStr, selection: selection }, success : function(){ - onAfterBallotSend(ballotID, SK); + onAfterBallotSend(ballotID, SK, hmac); } }); } // Called once the ballot has been sent to the back-end and dialog has closed -function onAfterBallotSend(ballotID, SK) { +function onAfterBallotSend(ballotID, SK, hmac) { // With one ballot selected, we can display a QR code of the ballot ID var modalDialog = $('#modalDialog'); var title = modalDialog.find('.modal-title'); @@ -593,7 +596,7 @@ function onAfterBallotSend(ballotID, SK) { // Add the second section: QR code that contains the ballot identifier var QRCodeImg = document.createElement('img'); QRCodeImg.setAttribute('class', 'QR-code'); - new QRCode(QRCodeImg, ballotID); + new QRCode(QRCodeImg, ballotID+";"+btoa(hmac)); body.append(QRCodeImg); @@ -602,7 +605,7 @@ function onAfterBallotSend(ballotID, SK) { instructions2Div.setAttribute('class', 'containerMarginTop'); let instructions2Txt = "You will also be emailed the ballot identifier. However, you will need to note down the following " + - "secret in order to later verify your ballot was recorded as cast: "; + "secret in order to later verify your ballot was cast as recorded: "; let instructions2P = document.createElement('p'); instructions2P.innerHTML = instructions2Txt; instructions2Div.append(instructions2P); diff --git a/static/js/vote_audit.js b/static/js/vote_audit.js index d6e9c78..9bf133e 100644 --- a/static/js/vote_audit.js +++ b/static/js/vote_audit.js @@ -32,17 +32,19 @@ $('#begin-test').click(function() { var encoding = ""; - var C1 = getBytes(fragment['C1'].split(",")); - var C2 = getBytes(fragment['C2'].split(",")); - var r = getBytes(fragment['r'].split(",")); + var C1Bytes = getBytes(fragment['C1'].split(",")); + var C2Bytes = getBytes(fragment['C2'].split(",")); + var rBytes = getBytes(fragment['r'].split(",")); - ciphertext.C1 = new ctx.ECP.fromBytes(C1); - ciphertext.C2 = new ctx.ECP.fromBytes(C2); - ciphertext.r = new ctx.BIG.fromBytes(r); + ciphertext.C1 = new ctx.ECP.fromBytes(C1Bytes); + ciphertext.C2 = new ctx.ECP.fromBytes(C2Bytes); + ciphertext.r = new ctx.BIG.fromBytes(rBytes); // For each pair of C1,C2 values (i.e. one ballot's ciphertext) and the randomness used in its encryption r, // test whether C2/(C1)^r = g^0 or g^1, and record g's exponent. - var m = ciphertext.C2 / Math.pow(ciphertext.C1, ciphertext.r); + //var c1 = ctx.PAIR.GTpow(ciphertext.C1, ciphertext.r); + + var m = ciphertext.C2.div(Math.pow(ciphertext.C1, ciphertext.r)); console.log("m = "+m); encoding += (m) ? "1" : "0";