security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

g10: Extend TOFU_STATS to always show the validity 

* doc/DETAILS (TOFU_STATS): Rename the VALIDITY field to SUMMARY.  Add
a new field called VALIDITY.
* g10/tofu.c (write_stats_status): Update output accordingly.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>

Change TOFU_STATS as discussed offline with Werner, Justus and Andre.
This commit is contained in:
Neal H. Walfield 2016-11-29 14:33:29 +01:00
parent bde4fddadc
commit 2f27cb12e3
2 changed files with 31 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/DETAILS
View File

@ -722,14 +722,14 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
userid encoded in UTF-8 and percent escaped. The fingerprint is
identical for all TOFU_USER lines up to a NEWSIG line.
*** TOFU_STATS <validity> <sign-count> 0 [<policy> [<tm1> <tm2> <tm3> <tm4>]]
*** TOFU_STATS <summary> <sign-count> <encryption-count> [<policy> [<tm1> <tm2> <tm3> <tm4> [<validity>]]]
Statistics for the current user id.
Values for VALIDITY are:
- 0 :: conflict
- 1 :: key without history
- 2 :: key with too little history
Values for SUMMARY are:
- 0 :: attention, an interaction with the user is required (conflict)
- 1 :: key with no verification/encryption history
- 2 :: key with little history
- 3 :: key with enough history for basic trust
- 4 :: key with a lot of history
@ -739,7 +739,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
- good :: Policy is "good"
- bad :: Policy is "bad"
- ask :: Policy is "ask"
- unknown :: Policy is not known.
- unknown :: Policy is "unknown" (TOFU information does not
contribute to the key's validity)
TM1 ist the time the first message was verified. TM2 is the time
the most recent message was verified. TM3 is the time the first
@ -747,6 +748,11 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
either be seconds since Epoch or an ISO time string
(yyyymmddThhmmss).
VALIDITY is the same as SUMMARY with the exception that VALIDITY
doesn't reflect whether the key needs attention. That is it never
takes on value 0. Instead, if there is a conflict, VALIDITY still
reflects the key's validity (values: 1-4).
*** TOFU_STATS_SHORT <long_string>
Information about the TOFU binding for the signature.

30
g10/tofu.c
View File

@ -2897,7 +2897,8 @@ write_stats_status (estream_t fp,
unsigned long encryption_first_done,
unsigned long encryption_most_recent)
{
const char *validity;
int summary;
int validity;
unsigned long messages;
/* Use the euclidean distance (m = sqrt(a^2 + b^2)) rather then the
@ -2907,34 +2908,41 @@ write_stats_status (estream_t fp,
+ encryption_count * encryption_count);
if (messages < 1)
validity = "1"; /* Key without history. */
validity = 1; /* Key without history. */
else if (messages < 2 * BASIC_TRUST_THRESHOLD)
validity = "2"; /* Key with too little history. */
validity = 2; /* Key with too little history. */
else if (messages < 2 * FULL_TRUST_THRESHOLD)
validity = "3"; /* Key with enough history for basic trust. */
validity = 3; /* Key with enough history for basic trust. */
else
validity = "4"; /* Key with a lot of history. */
validity = 4; /* Key with a lot of history. */
if (policy == TOFU_POLICY_ASK)
summary = 0; /* Key requires attention. */
else
summary = validity;
if (fp)
{
es_fprintf (fp, "tfs:1:%s:%lu:%lu:%s:%lu:%lu:%lu:%lu:\n",
validity, signature_count, encryption_count,
es_fprintf (fp, "tfs:1:%d:%lu:%lu:%s:%lu:%lu:%lu:%lu:%d:\n",
summary, signature_count, encryption_count,
tofu_policy_str (policy),
signature_first_seen, signature_most_recent,
encryption_first_done, encryption_most_recent);
encryption_first_done, encryption_most_recent,
validity);
}
else
{
write_status_printf (STATUS_TOFU_STATS,
"%s %lu %lu %s %lu %lu %lu %lu",
validity,
"%d %lu %lu %s %lu %lu %lu %lu %d",
summary,
signature_count,
encryption_count,
tofu_policy_str (policy),
signature_first_seen,
signature_most_recent,
encryption_first_done,
encryption_most_recent);
encryption_most_recent,
validity);
}
}