From 610ee34caa18dde81c89bff7ac0e69554bdb96ff Mon Sep 17 00:00:00 2001
From: udqps <udqps@student.kit.edu>
Date: Thu, 10 Oct 2024 12:10:45 +0200
Subject: [PATCH] Changed the initial code seed for ballot chaining to be
 consistend with the specification

---
 .../electionguard/encrypt/AddEncryptedBallot.kt     | 13 +++++--------
 .../verifier/VerifyEncryptedBallots.js.kt           |  4 +---
 .../verifier/VerifyEncryptedBallotsJvm.kt           |  4 +---
 3 files changed, 7 insertions(+), 14 deletions(-)

diff --git a/egklib/src/commonMain/kotlin/electionguard/encrypt/AddEncryptedBallot.kt b/egklib/src/commonMain/kotlin/electionguard/encrypt/AddEncryptedBallot.kt
index a5ccb356..5d7442f7 100644
--- a/egklib/src/commonMain/kotlin/electionguard/encrypt/AddEncryptedBallot.kt
+++ b/egklib/src/commonMain/kotlin/electionguard/encrypt/AddEncryptedBallot.kt
@@ -48,7 +48,6 @@ class AddEncryptedBallot(
 
     val publisher = makePublisher(outputDir, false, isJson)
     val sink: EncryptedBallotSinkIF = publisher.encryptedBallotSink(deviceName)
-    val baux0: ByteArray
 
     private val ballotIds = mutableListOf<String>()
     private val pending = mutableMapOf<UInt256, CiphertextBallot>() // key = ccode.toHex()
@@ -63,7 +62,6 @@ class AddEncryptedBallot(
             // this is a restart on an existing chain
             val chain: EncryptedBallotChain = chainResult.unwrap()
             require(configChaining == chain.chaining) { "mismatched chaining config=$configChaining ouputDir=${chain.chaining}" }
-            baux0 = chain.baux0
             ballotIds.addAll(chain.ballotIds)
             this.lastConfirmationCode = chain.lastConfirmationCode
             first = false
@@ -71,9 +69,8 @@ class AddEncryptedBallot(
             // hmmm you could check EncryptedBallotChain each time, in case of crash
 
         } else {
-            baux0 = if (!configChaining) configBaux0 else
-                // H0 = H(HE ; 0x24, Baux,0 ), eq (59)
-                hashFunction(extendedBaseHash.bytes, 0x24.toByte(), configBaux0).bytes
+            // H0 = H(HE ; 0x24, Baux,0 ), eq (59)
+            this.lastConfirmationCode = hashFunction(extendedBaseHash.bytes, 0x24.toByte(), configBaux0)
         }
     }
 
@@ -91,7 +88,7 @@ class AddEncryptedBallot(
         }
 
         // Baux,j = Hj−1 ∥ Baux,0 eq (60)
-        val bauxj: ByteArray = if (!configChaining || first) baux0 else lastConfirmationCode.bytes + configBaux0
+        val bauxj: ByteArray = if (!configChaining) configBaux0 else lastConfirmationCode.bytes + configBaux0
         first = false
 
         val ciphertextBallot = encryptor.encrypt(ballot, bauxj, errs)
@@ -178,8 +175,8 @@ class AddEncryptedBallot(
                 submit(it, EncryptedBallot.BallotState.UNKNOWN)
             }
         }
-        val closing =
-            EncryptedBallotChain(deviceName, baux0, ballotIds, this.lastConfirmationCode, configChaining, closeChain())
+        val closing = EncryptedBallotChain(
+            deviceName, configBaux0, ballotIds, this.lastConfirmationCode, configChaining, closeChain())
         publisher.writeEncryptedBallotChain(closing)
     }
 
diff --git a/egklib/src/jsMain/kotlin/electionguard/verifier/VerifyEncryptedBallots.js.kt b/egklib/src/jsMain/kotlin/electionguard/verifier/VerifyEncryptedBallots.js.kt
index 60f45600..9acc831d 100644
--- a/egklib/src/jsMain/kotlin/electionguard/verifier/VerifyEncryptedBallots.js.kt
+++ b/egklib/src/jsMain/kotlin/electionguard/verifier/VerifyEncryptedBallots.js.kt
@@ -182,10 +182,8 @@ actual class VerifyEncryptedBallots actual constructor(
                 // (7.E) For all 1 ≤ j ≤ ℓ, the additional input byte array used to compute Hj = H(Bj) is equal to
                 //       Baux,j = H(Bj−1) ∥ Baux,0 .
                 var prevCC = H0
-                var first = true
                 ballots.forEach { ballot ->
-                    val expectedBaux = if (first) H0 else prevCC + config.configBaux0  // eq 7.D and 7.E
-                    first = false
+                    val expectedBaux = prevCC + config.configBaux0  // eq 7.D and 7.E
                     if (!expectedBaux.contentEquals(ballot.codeBaux)) {
                         errs.add("    7.E. additional input byte array Baux != H(Bj−1 ) ∥ Baux,0 for ballot=${ballot.ballotId}")
                     }
diff --git a/egklib/src/jvmMain/kotlin/electionguard/verifier/VerifyEncryptedBallotsJvm.kt b/egklib/src/jvmMain/kotlin/electionguard/verifier/VerifyEncryptedBallotsJvm.kt
index 459ca704..8450dffa 100644
--- a/egklib/src/jvmMain/kotlin/electionguard/verifier/VerifyEncryptedBallotsJvm.kt
+++ b/egklib/src/jvmMain/kotlin/electionguard/verifier/VerifyEncryptedBallotsJvm.kt
@@ -189,10 +189,8 @@ actual class VerifyEncryptedBallots actual constructor(
                 // (7.E) For all 1 ≤ j ≤ ℓ, the additional input byte array used to compute Hj = H(Bj) is equal to
                 //       Baux,j = H(Bj−1) ∥ Baux,0 .
                 var prevCC = H0
-                var first = true
                 ballots.forEach { ballot ->
-                    val expectedBaux = if (first) H0 else prevCC + config.configBaux0  // eq 7.D and 7.E
-                    first = false
+                    val expectedBaux = prevCC + config.configBaux0  // eq 7.D and 7.E
                     if (!expectedBaux.contentEquals(ballot.codeBaux)) {
                         errs.add("    7.E. additional input byte array Baux != H(Bj−1 ) ∥ Baux,0 for ballot=${ballot.ballotId}")
                     }