1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-24 15:17:02 +01:00

g10: Extend TOFU_STATS to always show the validity

* doc/DETAILS (TOFU_STATS): Rename the VALIDITY field to SUMMARY.  Add
a new field called VALIDITY.
* g10/tofu.c (write_stats_status): Update output accordingly.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>

Change TOFU_STATS as discussed offline with Werner, Justus and Andre.
This commit is contained in:
Neal H. Walfield 2016-11-29 14:33:29 +01:00
parent bde4fddadc
commit 2f27cb12e3
2 changed files with 31 additions and 17 deletions

View File

@ -722,14 +722,14 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
userid encoded in UTF-8 and percent escaped. The fingerprint is userid encoded in UTF-8 and percent escaped. The fingerprint is
identical for all TOFU_USER lines up to a NEWSIG line. identical for all TOFU_USER lines up to a NEWSIG line.
*** TOFU_STATS <validity> <sign-count> 0 [<policy> [<tm1> <tm2> <tm3> <tm4>]] *** TOFU_STATS <summary> <sign-count> <encryption-count> [<policy> [<tm1> <tm2> <tm3> <tm4> [<validity>]]]
Statistics for the current user id. Statistics for the current user id.
Values for VALIDITY are: Values for SUMMARY are:
- 0 :: conflict - 0 :: attention, an interaction with the user is required (conflict)
- 1 :: key without history - 1 :: key with no verification/encryption history
- 2 :: key with too little history - 2 :: key with little history
- 3 :: key with enough history for basic trust - 3 :: key with enough history for basic trust
- 4 :: key with a lot of history - 4 :: key with a lot of history
@ -739,7 +739,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
- good :: Policy is "good" - good :: Policy is "good"
- bad :: Policy is "bad" - bad :: Policy is "bad"
- ask :: Policy is "ask" - ask :: Policy is "ask"
- unknown :: Policy is not known. - unknown :: Policy is "unknown" (TOFU information does not
contribute to the key's validity)
TM1 ist the time the first message was verified. TM2 is the time TM1 ist the time the first message was verified. TM2 is the time
the most recent message was verified. TM3 is the time the first the most recent message was verified. TM3 is the time the first
@ -747,6 +748,11 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
either be seconds since Epoch or an ISO time string either be seconds since Epoch or an ISO time string
(yyyymmddThhmmss). (yyyymmddThhmmss).
VALIDITY is the same as SUMMARY with the exception that VALIDITY
doesn't reflect whether the key needs attention. That is it never
takes on value 0. Instead, if there is a conflict, VALIDITY still
reflects the key's validity (values: 1-4).
*** TOFU_STATS_SHORT <long_string> *** TOFU_STATS_SHORT <long_string>
Information about the TOFU binding for the signature. Information about the TOFU binding for the signature.

View File

@ -2897,7 +2897,8 @@ write_stats_status (estream_t fp,
unsigned long encryption_first_done, unsigned long encryption_first_done,
unsigned long encryption_most_recent) unsigned long encryption_most_recent)
{ {
const char *validity; int summary;
int validity;
unsigned long messages; unsigned long messages;
/* Use the euclidean distance (m = sqrt(a^2 + b^2)) rather then the /* Use the euclidean distance (m = sqrt(a^2 + b^2)) rather then the
@ -2907,34 +2908,41 @@ write_stats_status (estream_t fp,
+ encryption_count * encryption_count); + encryption_count * encryption_count);
if (messages < 1) if (messages < 1)
validity = "1"; /* Key without history. */ validity = 1; /* Key without history. */
else if (messages < 2 * BASIC_TRUST_THRESHOLD) else if (messages < 2 * BASIC_TRUST_THRESHOLD)
validity = "2"; /* Key with too little history. */ validity = 2; /* Key with too little history. */
else if (messages < 2 * FULL_TRUST_THRESHOLD) else if (messages < 2 * FULL_TRUST_THRESHOLD)
validity = "3"; /* Key with enough history for basic trust. */ validity = 3; /* Key with enough history for basic trust. */
else else
validity = "4"; /* Key with a lot of history. */ validity = 4; /* Key with a lot of history. */
if (policy == TOFU_POLICY_ASK)
summary = 0; /* Key requires attention. */
else
summary = validity;
if (fp) if (fp)
{ {
es_fprintf (fp, "tfs:1:%s:%lu:%lu:%s:%lu:%lu:%lu:%lu:\n", es_fprintf (fp, "tfs:1:%d:%lu:%lu:%s:%lu:%lu:%lu:%lu:%d:\n",
validity, signature_count, encryption_count, summary, signature_count, encryption_count,
tofu_policy_str (policy), tofu_policy_str (policy),
signature_first_seen, signature_most_recent, signature_first_seen, signature_most_recent,
encryption_first_done, encryption_most_recent); encryption_first_done, encryption_most_recent,
validity);
} }
else else
{ {
write_status_printf (STATUS_TOFU_STATS, write_status_printf (STATUS_TOFU_STATS,
"%s %lu %lu %s %lu %lu %lu %lu", "%d %lu %lu %s %lu %lu %lu %lu %d",
validity, summary,
signature_count, signature_count,
encryption_count, encryption_count,
tofu_policy_str (policy), tofu_policy_str (policy),
signature_first_seen, signature_first_seen,
signature_most_recent, signature_most_recent,
encryption_first_done, encryption_first_done,
encryption_most_recent); encryption_most_recent,
validity);
} }
} }