Revert "Merge branch 'overvote_and_writeins' into main"

This reverts commit 355b689, reversing
changes made to a6fad69.

Author: SteveMaier-IRT

bindings/netstandard/ElectionGuard/ElectionGuard.Encryption.Tests/TestEncrypt.cs

@@ -73,7 +73,7 @@ public void Test_Encrypt_Ballot_Undervote_Succeeds()
         }
 
         [Test]
-        public void Test_Encrypt_Ballot_Overvote_Succeeds()
+        public void Test_Encrypt_Ballot_Overvote_Fails()
         {
             // Configure the election context
             var keypair = ElGamalKeyPair.FromSecret(Constants.TWO_MOD_Q);
@@ -86,9 +86,8 @@ public void Test_Encrypt_Ballot_Overvote_Succeeds()
 
             // Act
             var ballot = BallotGenerator.GetFakeBallot(internalManifest, 2);
-            var ciphertext = mediator.Encrypt(ballot);
+            Assert.Throws<ArgumentException>(() => mediator.Encrypt(ballot));
 
-            Assert.That(ciphertext.IsValidEncryption(context.ManifestHash, keypair.PublicKey, context.CryptoExtendedBaseHash));
         }
 
         [Test]

include/electionguard/ballot.hpp

@@ -43,12 +43,11 @@ namespace electionguard
     /// <returns>BallotBoxState.unknown if the value cannot be resolved</returns>
     /// </Summary>
     EG_API BallotBoxState getBallotBoxState(const std::string &value);
-    
+
     /// <summary>
     /// ExtendedData represents any arbitrary data expressible as a string with a length.
     ///
-    /// This class is used primarily as a field to hold encrypted data on a
-    /// contest, overvote data and writeins.
+    /// This class is used primarily as a field on a selection to indicate a write-in candidate text value
     /// </summary>
     struct ExtendedData {
       public:
@@ -72,7 +71,7 @@ namespace electionguard
             return std::make_unique<ExtendedData>(this->value, this->length);
         }
     };
-    
+
     /// <summary>
     /// A BallotSelection represents an individual selection on a ballot.
     ///
@@ -95,7 +94,8 @@ namespace electionguard
         PlaintextBallotSelection(const PlaintextBallotSelection &other);
         PlaintextBallotSelection(PlaintextBallotSelection &&other);
         PlaintextBallotSelection(std::string objectId, uint64_t vote,
-                                 bool isPlaceholderSelection = false, std::string writeIn = "");
+                                 bool isPlaceholderSelection = false,
+                                 std::unique_ptr<ExtendedData> extendedData = nullptr);
         ~PlaintextBallotSelection();
 
         PlaintextBallotSelection &operator=(PlaintextBallotSelection other);
@@ -118,9 +118,9 @@ namespace electionguard
         bool getIsPlaceholder() const;
 
         /// <summary>
-        /// an optional field holding the value of a write-in candidate
+        /// an optional field of arbitrary data, such as the value of a write-in candidate
         /// </summary>
-        std::string getWriteIn() const;
+        ExtendedData *getExtendedData() const;
 
         /// <summary>
         /// Given a PlaintextBallotSelection validates that the object matches an expected object
@@ -330,14 +330,6 @@ namespace electionguard
         //TODO: void setNonce(ElementModQ *nonce);
     };
 
-    typedef enum valid_contest_return_e {
-        SUCCESS = 0,
-        OVERVOTE = 1,
-        OVERVOTE_ERROR = 2,
-        INVALID_OBJECT_ID_ERROR = 2,
-        TOO_MANY_SELECTIONS_ERROR = 3,
-    } valid_contest_return;
-
     /// <summary>
     /// A PlaintextBallotContest represents the selections made by a voter for a specific ContestDescription
     ///
@@ -378,10 +370,8 @@ namespace electionguard
         ///
         /// Note: because this class supports partial representations, undervotes are considered a valid state.
         /// </Summary>
-        valid_contest_return isValid(const std::string &expectedObjectId,
-                                     uint64_t expectedNumberSelections,
-                                     uint64_t expectedNumberElected, uint64_t votesAllowd = 0,
-                                     bool supportOvervotes = true) const;
+        bool isValid(const std::string &expectedObjectId, uint64_t expectedNumberSelections,
+                     uint64_t expectedNumberElected, uint64_t votesAllowd = 0) const;
 
       private:
         class Impl;
@@ -414,8 +404,7 @@ namespace electionguard
                                 std::unique_ptr<ElementModQ> nonce,
                                 std::unique_ptr<ElGamalCiphertext> ciphertextAccumulation,
                                 std::unique_ptr<ElementModQ> cryptoHash,
-                                std::unique_ptr<ConstantChaumPedersenProof> proof,
-                                std::unique_ptr<HashedElGamalCiphertext> hashedElGamal);
+                                std::unique_ptr<ConstantChaumPedersenProof> proof);
         ~CiphertextBallotContest();
 
         CiphertextBallotContest &operator=(CiphertextBallotContest other);
@@ -463,12 +452,6 @@ namespace electionguard
         /// </summary>
         ConstantChaumPedersenProof *getProof() const;
 
-        /// <summary>
-        /// The hashed elgamal ciphertext is the encrypted extended data (overvote information
-        /// and writeins).
-        /// </summary>
-        std::unique_ptr<HashedElGamalCiphertext> getHashedElGamalCiphertext() const;
-
         /// <summary>
         /// Given an encrypted BallotContest, generates a hash, suitable for rolling up
         /// into a hash / tracking code for an entire ballot. Of note, this particular hash examines
@@ -496,8 +479,7 @@ namespace electionguard
              const ElementModQ &proofSeed, const uint64_t numberElected,
              std::unique_ptr<ElementModQ> nonce = nullptr,
              std::unique_ptr<ElementModQ> cryptoHash = nullptr,
-             std::unique_ptr<ConstantChaumPedersenProof> proof = nullptr,
-             std::unique_ptr<HashedElGamalCiphertext> hashedElGamal = nullptr);
+             std::unique_ptr<ConstantChaumPedersenProof> proof = nullptr);
 
         /// <summary>
         /// An aggregate nonce for the contest composed of the nonces of the selections.

include/electionguard/ballot_compact.hpp

@@ -39,7 +39,8 @@ namespace electionguard
         CompactPlaintextBallot(const CompactPlaintextBallot &other);
         CompactPlaintextBallot(const CompactPlaintextBallot &&other);
         CompactPlaintextBallot(const std::string &objectId, const std::string &styleId,
-                               std::vector<uint64_t> selections, std::vector<std::string> writeins);
+                               std::vector<uint64_t> selections,
+                               std::map<uint64_t, std::unique_ptr<ExtendedData>> extendedData);
         ~CompactPlaintextBallot();
 
         CompactPlaintextBallot &operator=(CompactPlaintextBallot other);
@@ -65,16 +66,22 @@ namespace electionguard
         std::vector<uint64_t> getSelections() const;
 
         /// <Summary>
-        /// The collection of writeins on the ballot ordered by the contest sequence order
-        /// and the selection sequence order.  It is up to the consumer to guarantee the order of elements
+        /// The mapping of extended data selections as they apply to the selections on the ballot
+        /// by index order when calling `getSelections`.
         /// </Summary>
-        std::vector<std::string> getWriteIns() const;
+        std::map<uint64_t, std::reference_wrapper<ExtendedData>> getExtendedData() const;
 
         /// <Summary>
         /// Make a compact representation of a plaintext ballot
         /// </Summary>
         static std::unique_ptr<CompactPlaintextBallot> make(const PlaintextBallot &plaintext);
 
+        /// <Summary>
+        /// Convenience accessor for retrieving the extended data for a selection index
+        /// <returns>a value or a null pointer if none exists</returns>
+        /// </Summary>
+        std::unique_ptr<ExtendedData> getExtendedDataFor(const uint64_t index) const;
+
         /// <Summary>
         /// Export the ballot representation as BSON
         /// </Summary>

include/electionguard/elgamal.hpp

@@ -37,8 +37,7 @@ namespace electionguard
         /// <Summary>
         /// Make an elgamal keypair from a secret.
         /// </Summary>
-        static std::unique_ptr<ElGamalKeyPair> fromSecret(const ElementModQ &secretKey,
-                                                          bool isFixedBase = true);
+        static std::unique_ptr<ElGamalKeyPair> fromSecret(const ElementModQ &secretKey, bool isFixedBase = true);
 
       private:
         class Impl;
@@ -132,18 +131,23 @@ namespace electionguard
     /// <returns>A ciphertext tuple.</returns>
     /// </summary>
     EG_API std::unique_ptr<ElGamalCiphertext>
-    elgamalEncrypt_with_precomputed(uint64_t m, ElementModP &gToRho, ElementModP &pubkeyToRho);
+    elgamalEncrypt_with_precomputed(uint64_t m, ElementModP &gToRho,
+                                    ElementModP &pubkeyToRho);
     /// <summary>
     /// Accumulate the ciphertexts by adding them together.
     /// </summary>
     EG_API std::unique_ptr<ElGamalCiphertext>
     elgamalAdd(const std::vector<std::reference_wrapper<ElGamalCiphertext>> &ciphertexts);
 
-#define HASHED_CIPHERTEXT_BLOCK_LENGTH 32U
-#define _PAD_INDICATOR_SIZE sizeof(uint16_t)
+    #define HASHED_CIPHERTEXT_BLOCK_LENGTH 32U
+    #define _PAD_INDICATOR_SIZE sizeof(uint16_t)
 
     typedef enum padded_data_size_e {
         NO_PADDING = 0,
+        BYTES_32 = 32 - _PAD_INDICATOR_SIZE,
+        BYTES_64 = 64 - _PAD_INDICATOR_SIZE,
+        BYTES_128 = 128 - _PAD_INDICATOR_SIZE,
+        BYTES_256 = 256 - _PAD_INDICATOR_SIZE,
         BYTES_512 = 512 - _PAD_INDICATOR_SIZE
     } padded_data_size_t;
 
@@ -155,7 +159,7 @@ namespace electionguard
     /// result. Create one with `hashedElgamalEncrypt`. Decrypt using one the
     /// 'decrypt' method.
     /// </summary>
-    class EG_API HashedElGamalCiphertext : public CryptoHashable
+    class EG_API HashedElGamalCiphertext
     {
       public:
         HashedElGamalCiphertext(const HashedElGamalCiphertext &other);
@@ -203,17 +207,14 @@ namespace electionguard
         /// </Summary>
         std::vector<uint8_t> getMac() const;
 
-        virtual std::unique_ptr<ElementModQ> crypto_hash() override;
-        virtual std::unique_ptr<ElementModQ> crypto_hash() const override;
-
         /// <summary>
         /// Decrypts ciphertext with the Auxiliary Encryption method (as specified in the
         /// ElectionGuard specification) given a random nonce, an ElGamal public key,
         /// and a description hash. The encrypt may be called to look for padding to
         /// verify and remove, in this case the plaintext will be smaller than
         /// the ciphertext, or not to look for padding in which case the
-        /// plaintext will be the same size as the ciphertext.
-        ///
+        /// plaintext will be the same size as the ciphertext. 
+        /// 
         /// <param name="nonce"> Randomly chosen nonce in [1,Q). </param>
         /// <param name="publicKey"> ElGamal public key. </param>
         /// <param name="descriptionHash"> Hash of the ballot description. </param>
@@ -231,7 +232,7 @@ namespace electionguard
       private:
         class Impl;
 #pragma warning(suppress : 4251)
-        std::unique_ptr<Impl> pimpl;
+                std::unique_ptr<Impl> pimpl;
     };
 
     /// <summary>
@@ -243,32 +244,24 @@ namespace electionguard
     /// This value indicates the maximum length of the plaintext that may be
     /// encrypted. The padding scheme applies two bytes for length of padding
     /// plus padding bytes. If padding is not to be applied then the
-    /// max_len parameter must be NO_PADDING. and the plaintext must
+    /// max_len parameter must be NO_PADDING and the plaintext must
     /// be a multiple of the block length (32) and the ciphertext will be
-    /// the same size. If the max_len is set to  something other than
-    /// NO_PADDING and the allow_truncation parameter is set to
-    /// true then if the message parameter data is longer than
-    /// max_len then it will be truncated to max_len. If the max_len is set to
-    /// something other than NO_PADDING and the allow_truncation parameter
-    /// is set to false then if the message parameter data is longer than
-    /// max_len then an exception will be thrown.
+    /// the same size.
     ///
-    /// <param name="message"> Message to hashed elgamal encrypt. </param>
+    /// <param name="plaintext"> Message to hashed elgamal encrypt. </param>
     /// <param name="nonce"> Randomly chosen nonce in [1,Q). </param>
     /// <param name="publicKey"> ElGamal public key. </param>
     /// <param name="descriptionHash"> Hash of the ballot description. </param>
     /// <param name="max_len"> If padding is to be applied then this indicates the
     ///  maximum length of plaintext, must be one padded_data_size_t enumeration
     ///  values. If padding is not to be applied then this parameter must use
     ///  the NO_PADDING padded_data_size_t enumeration value.</param>
-    /// <param name="allow_truncation"> Truncates data to the max_len if set to
-    /// true. If max_len is set to NO_PADDING then this parameter is ignored. </param>
     /// <returns>A ciphertext triple.</returns>
     /// </summary>
     EG_API std::unique_ptr<HashedElGamalCiphertext>
     hashedElgamalEncrypt(std::vector<uint8_t> plaintext, const ElementModQ &nonce,
                          const ElementModP &publicKey, const ElementModQ &descriptionHash,
-                         padded_data_size_t max_len, bool allow_truncation);
+                         padded_data_size_t max_len);
 
 } // namespace electionguard
 

include/electionguard/encrypt.hpp

@@ -111,30 +111,14 @@ namespace electionguard
                      const ElementModQ &cryptoExtendedBaseHash, const ElementModQ &nonceSeed,
                      bool isPlaceholder = false, bool shouldVerifyProofs = true);
 
-    /// <summary>
-    /// Gets overvote and write in information from the selections in a contest
-    /// puts the information in a json string. The internalManifest is needed because
-    /// it has the candidates and the candidate holds the indicator if a
-    /// selection is a write in.
-    ///
-    /// <param name="contest">the contest in valid input form</param>
-    /// <param name="internalManifest">the `InternalManifest` which defines this ballot's structure</param>
-    /// <param name="is_overvote">indicates if an overvote was detected</param>
-    /// <returns>string holding the json with the write ins</returns>
-    /// </summary>
-    std::string getOvervoteAndWriteIns(const PlaintextBallotContest &contest,
-                                       const InternalManifest &internalManifest,
-                                       valid_contest_return is_overvote);
-
     /// <summary>
     /// Encrypt a specific `BallotContest` in the context of a specific `Ballot`
     ///
     /// This method accepts a contest representation that only includes `True` selections.
     /// It will fill missing selections for a contest with `False` values, and generate `placeholder`
     /// selections to represent the number of seats available for a given contest.  By adding `placeholder`
     /// votes
-    /// <param name="contest">the contest in valid input form</param>
-    /// <param name="internalManifest">the `InternalManifest` which defines this ballot's structure</param>
+    /// <param name="plaintext">the selection in the valid input form</param>
     /// <param name="description">the `ContestDescriptionWithPlaceholders` from the `ContestDescription`
     ///                           which defines this contest's structure</param>
     /// <param name="elgamalPublicKey">the public key (K) used to encrypt the ballot</param>
@@ -147,7 +131,6 @@ namespace electionguard
     /// </summary>
     EG_API std::unique_ptr<CiphertextBallotContest>
     encryptContest(const PlaintextBallotContest &contest,
-                   const InternalManifest &internalManifest,
                    const ContestDescriptionWithPlaceholders &description,
                    const ElementModP &elgamalPublicKey, const ElementModQ &cryptoExtendedBaseHash,
                    const ElementModQ &nonceSeed, bool shouldVerifyProofs = true);

include/electionguard/group.hpp

@@ -283,8 +283,6 @@ namespace electionguard
     /// </summary>
     EG_API std::unique_ptr<ElementModQ> rand_q();
 
-    std::string vector_uint8_t_to_hex(const std::vector<uint8_t> &bytes);
-
 } // namespace electionguard
 
 #endif /* __ELECTIONGUARD_CPP_GROUP_HPP_INCLUDED__ */

include/electionguard/hash.hpp

@@ -22,8 +22,7 @@ namespace electionguard
       std::vector<std::reference_wrapper<const CryptoHashable>>,
       std::vector<std::reference_wrapper<const ElementModP>>,
       std::vector<std::reference_wrapper<const ElementModQ>>, std::vector<uint64_t>,
-      std::vector<std::string>,
-      std::vector<uint8_t>>;
+      std::vector<std::string>>;
 
     /// <Summary>
     /// Given zero or more elements, calculate their cryptographic hash

include/electionguard/manifest.hpp

@@ -971,7 +971,6 @@ namespace electionguard
         InternalManifest(InternalManifest &&other);
         explicit InternalManifest(
           std::vector<std::unique_ptr<GeopoliticalUnit>> geopoliticalUnits,
-          std::vector<std::unique_ptr<Candidate>> candidates,
           std::vector<std::unique_ptr<ContestDescriptionWithPlaceholders>> contests,
           std::vector<std::unique_ptr<BallotStyle>> ballotStyles, const ElementModQ &manifestHash);
         InternalManifest(const Manifest &description);
@@ -990,11 +989,6 @@ namespace electionguard
         /// </Summary>
         std::vector<std::reference_wrapper<GeopoliticalUnit>> getGeopoliticalUnits() const;
 
-        /// <Summary>
-        /// Collection of candidates for this election.
-        /// </Summary>
-        std::vector<std::reference_wrapper<Candidate>> getCandidates() const;
-
         /// <Summary>
         /// Collection of contests for this election.
         /// </Summary>
@@ -1058,9 +1052,6 @@ namespace electionguard
         static std::vector<std::unique_ptr<GeopoliticalUnit>>
         copyGeopoliticalUnits(const Manifest &description);
 
-        static std::vector<std::unique_ptr<Candidate>>
-        copyCandidates(const Manifest &description);
-
         static std::vector<std::unique_ptr<BallotStyle>>
         copyBallotStyles(const Manifest &description);