mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-24 15:17:02 +01:00
g10: Extend TOFU_STATS to always show the validity
* doc/DETAILS (TOFU_STATS): Rename the VALIDITY field to SUMMARY. Add a new field called VALIDITY. * g10/tofu.c (write_stats_status): Update output accordingly. -- Signed-off-by: Neal H. Walfield <neal@g10code.com> Change TOFU_STATS as discussed offline with Werner, Justus and Andre.
This commit is contained in:
parent
bde4fddadc
commit
2f27cb12e3
18
doc/DETAILS
18
doc/DETAILS
@ -722,14 +722,14 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
|||||||
userid encoded in UTF-8 and percent escaped. The fingerprint is
|
userid encoded in UTF-8 and percent escaped. The fingerprint is
|
||||||
identical for all TOFU_USER lines up to a NEWSIG line.
|
identical for all TOFU_USER lines up to a NEWSIG line.
|
||||||
|
|
||||||
*** TOFU_STATS <validity> <sign-count> 0 [<policy> [<tm1> <tm2> <tm3> <tm4>]]
|
*** TOFU_STATS <summary> <sign-count> <encryption-count> [<policy> [<tm1> <tm2> <tm3> <tm4> [<validity>]]]
|
||||||
|
|
||||||
Statistics for the current user id.
|
Statistics for the current user id.
|
||||||
|
|
||||||
Values for VALIDITY are:
|
Values for SUMMARY are:
|
||||||
- 0 :: conflict
|
- 0 :: attention, an interaction with the user is required (conflict)
|
||||||
- 1 :: key without history
|
- 1 :: key with no verification/encryption history
|
||||||
- 2 :: key with too little history
|
- 2 :: key with little history
|
||||||
- 3 :: key with enough history for basic trust
|
- 3 :: key with enough history for basic trust
|
||||||
- 4 :: key with a lot of history
|
- 4 :: key with a lot of history
|
||||||
|
|
||||||
@ -739,7 +739,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
|||||||
- good :: Policy is "good"
|
- good :: Policy is "good"
|
||||||
- bad :: Policy is "bad"
|
- bad :: Policy is "bad"
|
||||||
- ask :: Policy is "ask"
|
- ask :: Policy is "ask"
|
||||||
- unknown :: Policy is not known.
|
- unknown :: Policy is "unknown" (TOFU information does not
|
||||||
|
contribute to the key's validity)
|
||||||
|
|
||||||
TM1 ist the time the first message was verified. TM2 is the time
|
TM1 ist the time the first message was verified. TM2 is the time
|
||||||
the most recent message was verified. TM3 is the time the first
|
the most recent message was verified. TM3 is the time the first
|
||||||
@ -747,6 +748,11 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
|
|||||||
either be seconds since Epoch or an ISO time string
|
either be seconds since Epoch or an ISO time string
|
||||||
(yyyymmddThhmmss).
|
(yyyymmddThhmmss).
|
||||||
|
|
||||||
|
VALIDITY is the same as SUMMARY with the exception that VALIDITY
|
||||||
|
doesn't reflect whether the key needs attention. That is it never
|
||||||
|
takes on value 0. Instead, if there is a conflict, VALIDITY still
|
||||||
|
reflects the key's validity (values: 1-4).
|
||||||
|
|
||||||
*** TOFU_STATS_SHORT <long_string>
|
*** TOFU_STATS_SHORT <long_string>
|
||||||
|
|
||||||
Information about the TOFU binding for the signature.
|
Information about the TOFU binding for the signature.
|
||||||
|
30
g10/tofu.c
30
g10/tofu.c
@ -2897,7 +2897,8 @@ write_stats_status (estream_t fp,
|
|||||||
unsigned long encryption_first_done,
|
unsigned long encryption_first_done,
|
||||||
unsigned long encryption_most_recent)
|
unsigned long encryption_most_recent)
|
||||||
{
|
{
|
||||||
const char *validity;
|
int summary;
|
||||||
|
int validity;
|
||||||
unsigned long messages;
|
unsigned long messages;
|
||||||
|
|
||||||
/* Use the euclidean distance (m = sqrt(a^2 + b^2)) rather then the
|
/* Use the euclidean distance (m = sqrt(a^2 + b^2)) rather then the
|
||||||
@ -2907,34 +2908,41 @@ write_stats_status (estream_t fp,
|
|||||||
+ encryption_count * encryption_count);
|
+ encryption_count * encryption_count);
|
||||||
|
|
||||||
if (messages < 1)
|
if (messages < 1)
|
||||||
validity = "1"; /* Key without history. */
|
validity = 1; /* Key without history. */
|
||||||
else if (messages < 2 * BASIC_TRUST_THRESHOLD)
|
else if (messages < 2 * BASIC_TRUST_THRESHOLD)
|
||||||
validity = "2"; /* Key with too little history. */
|
validity = 2; /* Key with too little history. */
|
||||||
else if (messages < 2 * FULL_TRUST_THRESHOLD)
|
else if (messages < 2 * FULL_TRUST_THRESHOLD)
|
||||||
validity = "3"; /* Key with enough history for basic trust. */
|
validity = 3; /* Key with enough history for basic trust. */
|
||||||
else
|
else
|
||||||
validity = "4"; /* Key with a lot of history. */
|
validity = 4; /* Key with a lot of history. */
|
||||||
|
|
||||||
|
if (policy == TOFU_POLICY_ASK)
|
||||||
|
summary = 0; /* Key requires attention. */
|
||||||
|
else
|
||||||
|
summary = validity;
|
||||||
|
|
||||||
if (fp)
|
if (fp)
|
||||||
{
|
{
|
||||||
es_fprintf (fp, "tfs:1:%s:%lu:%lu:%s:%lu:%lu:%lu:%lu:\n",
|
es_fprintf (fp, "tfs:1:%d:%lu:%lu:%s:%lu:%lu:%lu:%lu:%d:\n",
|
||||||
validity, signature_count, encryption_count,
|
summary, signature_count, encryption_count,
|
||||||
tofu_policy_str (policy),
|
tofu_policy_str (policy),
|
||||||
signature_first_seen, signature_most_recent,
|
signature_first_seen, signature_most_recent,
|
||||||
encryption_first_done, encryption_most_recent);
|
encryption_first_done, encryption_most_recent,
|
||||||
|
validity);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
write_status_printf (STATUS_TOFU_STATS,
|
write_status_printf (STATUS_TOFU_STATS,
|
||||||
"%s %lu %lu %s %lu %lu %lu %lu",
|
"%d %lu %lu %s %lu %lu %lu %lu %d",
|
||||||
validity,
|
summary,
|
||||||
signature_count,
|
signature_count,
|
||||||
encryption_count,
|
encryption_count,
|
||||||
tofu_policy_str (policy),
|
tofu_policy_str (policy),
|
||||||
signature_first_seen,
|
signature_first_seen,
|
||||||
signature_most_recent,
|
signature_most_recent,
|
||||||
encryption_first_done,
|
encryption_first_done,
|
||||||
encryption_most_recent);
|
encryption_most_recent,
|
||||||
|
validity);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user