From 2f27cb12e30c9f6e780354eecc3ff0039ed52c63 Mon Sep 17 00:00:00 2001 From: "Neal H. Walfield" Date: Tue, 29 Nov 2016 14:33:29 +0100 Subject: [PATCH] g10: Extend TOFU_STATS to always show the validity * doc/DETAILS (TOFU_STATS): Rename the VALIDITY field to SUMMARY. Add a new field called VALIDITY. * g10/tofu.c (write_stats_status): Update output accordingly. -- Signed-off-by: Neal H. Walfield Change TOFU_STATS as discussed offline with Werner, Justus and Andre. --- doc/DETAILS | 18 ++++++++++++------ g10/tofu.c | 30 +++++++++++++++++++----------- 2 files changed, 31 insertions(+), 17 deletions(-) diff --git a/doc/DETAILS b/doc/DETAILS index a264e53ee..534c48c0b 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -722,14 +722,14 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: userid encoded in UTF-8 and percent escaped. The fingerprint is identical for all TOFU_USER lines up to a NEWSIG line. -*** TOFU_STATS 0 [ [ ]] +*** TOFU_STATS [ [ []]] Statistics for the current user id. - Values for VALIDITY are: - - 0 :: conflict - - 1 :: key without history - - 2 :: key with too little history + Values for SUMMARY are: + - 0 :: attention, an interaction with the user is required (conflict) + - 1 :: key with no verification/encryption history + - 2 :: key with little history - 3 :: key with enough history for basic trust - 4 :: key with a lot of history @@ -739,7 +739,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: - good :: Policy is "good" - bad :: Policy is "bad" - ask :: Policy is "ask" - - unknown :: Policy is not known. + - unknown :: Policy is "unknown" (TOFU information does not + contribute to the key's validity) TM1 ist the time the first message was verified. TM2 is the time the most recent message was verified. TM3 is the time the first @@ -747,6 +748,11 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: either be seconds since Epoch or an ISO time string (yyyymmddThhmmss). + VALIDITY is the same as SUMMARY with the exception that VALIDITY + doesn't reflect whether the key needs attention. That is it never + takes on value 0. Instead, if there is a conflict, VALIDITY still + reflects the key's validity (values: 1-4). + *** TOFU_STATS_SHORT Information about the TOFU binding for the signature. diff --git a/g10/tofu.c b/g10/tofu.c index 85759479d..bf2a0484d 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2897,7 +2897,8 @@ write_stats_status (estream_t fp, unsigned long encryption_first_done, unsigned long encryption_most_recent) { - const char *validity; + int summary; + int validity; unsigned long messages; /* Use the euclidean distance (m = sqrt(a^2 + b^2)) rather then the @@ -2907,34 +2908,41 @@ write_stats_status (estream_t fp, + encryption_count * encryption_count); if (messages < 1) - validity = "1"; /* Key without history. */ + validity = 1; /* Key without history. */ else if (messages < 2 * BASIC_TRUST_THRESHOLD) - validity = "2"; /* Key with too little history. */ + validity = 2; /* Key with too little history. */ else if (messages < 2 * FULL_TRUST_THRESHOLD) - validity = "3"; /* Key with enough history for basic trust. */ + validity = 3; /* Key with enough history for basic trust. */ else - validity = "4"; /* Key with a lot of history. */ + validity = 4; /* Key with a lot of history. */ + + if (policy == TOFU_POLICY_ASK) + summary = 0; /* Key requires attention. */ + else + summary = validity; if (fp) { - es_fprintf (fp, "tfs:1:%s:%lu:%lu:%s:%lu:%lu:%lu:%lu:\n", - validity, signature_count, encryption_count, + es_fprintf (fp, "tfs:1:%d:%lu:%lu:%s:%lu:%lu:%lu:%lu:%d:\n", + summary, signature_count, encryption_count, tofu_policy_str (policy), signature_first_seen, signature_most_recent, - encryption_first_done, encryption_most_recent); + encryption_first_done, encryption_most_recent, + validity); } else { write_status_printf (STATUS_TOFU_STATS, - "%s %lu %lu %s %lu %lu %lu %lu", - validity, + "%d %lu %lu %s %lu %lu %lu %lu %d", + summary, signature_count, encryption_count, tofu_policy_str (policy), signature_first_seen, signature_most_recent, encryption_first_done, - encryption_most_recent); + encryption_most_recent, + validity); } }