diff --git a/helios/election_urls.py b/helios/election_urls.py index 31760a5944145aacc6197a05cf44e18d7229315d..323c2b0d14f9958e37e1be4b98b2bbb6637d26df 100644 --- a/helios/election_urls.py +++ b/helios/election_urls.py @@ -42,6 +42,9 @@ urlpatterns = patterns('', # (r'^/bboard$', one_election_bboard), (r'^/audited-ballots/$', one_election_audited_ballots), + # get randomness + (r'^/get-randomness$', get_randomness), + # server-side encryption (r'^/encrypt-ballot$', encrypt_ballot), diff --git a/helios/views.py b/helios/views.py index 32691371fe90f3c05ef9efdea61bc039454ca3bd..166517d67d66ca2a26dba105e589a62bc1ebe562 100644 --- a/helios/views.py +++ b/helios/views.py @@ -13,7 +13,7 @@ from django.db import transaction from mimetypes import guess_type -import csv, urllib +import csv, urllib, os, base64 from crypto import algs, electionalgs, elgamal from crypto import utils as cryptoutils @@ -507,6 +507,16 @@ def trustee_upload_pk(request, election, trustee): ## Ballot Management ## +@json +@election_view(frozen=True) +def get_randomness(request, election): + """ + get some randomness to sprinkle into the sjcl entropy pool + """ + return { + "randomness" : base64.b64encode(os.urandom(32)) + } + @json @election_view(frozen=True) def encrypt_ballot(request, election): diff --git a/heliosbooth/vote.html b/heliosbooth/vote.html index 1273b2d1f08e18a900105751808536030aed413b..44b96742b48ffc75f08368a711e92f6cbcf3abc0 100644 --- a/heliosbooth/vote.html +++ b/heliosbooth/vote.html @@ -321,7 +321,15 @@ BOOTH.load_and_setup_election = function(election_url) { BOOTH.setup_election(raw_json); BOOTH.show_election(); BOOTH.election_url = election_url; - }); + }); + + + if (USE_SJCL) { + // get more randomness from server + $.getJSON(election_url + "/get-randomness", {}, function(result) { + sjcl.random.addEntropy(result.randomness); + }); + } }; BOOTH.hide_progress = function() { @@ -370,8 +378,9 @@ BOOTH.nojava = function() { BOOTH.ready_p = false; $(document).ready(function() { - if (USE_SJCL) + if (USE_SJCL) { sjcl.random.startCollectors(); + } // we're asynchronous if we have SJCL and Worker BOOTH.synchronous = !(USE_SJCL && window.Worker);