g10: Record and show statistics for encrypted messages when using TOFU

* g10/tofu.c: Include "sqrtu32.h". (struct tofu_dbs_s.s): Rename get_trust_gather_other_keys to get_trust_gather_signature_stats. Add new field get_trust_gather_encryption_stats. (initdb): Create the encryptions table. (ask_about_binding): Show the encryption statistics too. (tofu_register): Rename from this... (tofu_register_signature): ... to this and update callers. (tofu_register_encryption): New function. (write_stats_status): Add parameters encryption_count, encryption_first_done and encryption_most_recent. Update callers. Compute the trust using the euclidean distance of the signature and signature count. Compare with twice the threshold. Include encryption count information in the TFS and TOFU_STATS lines. (show_statistics): Also get information about the encrypted messages. * g10/trustdb.c (tdb_get_validity_core): Use it. -- Signed-off-by: Neal H. Walfield <neal@g10code.com>
2025-07-02 22:46:30 +02:00 · 2016-09-06 15:45:38 +02:00 · 2016-09-06 15:45:38 +02:00 · 875ac9216f
commit 875ac9216f
parent a9e6db6c7e
6 changed files with 474 additions and 229 deletions
--- a/g10/tofu.h
+++ b/g10/tofu.h
@ -78,13 +78,24 @@ int tofu_policy_to_trust_level (enum tofu_policy policy);
   data came from, e.g., "email:claws" (default: "unknown").  Note:
   this function does not interact with the user, If there is a
   conflict, or if the binding's policy is ask, the actual interaction
-   is deferred until tofu_get_validity is called..  Set the string
+   is deferred until tofu_get_validity is called.  Set the string
   list FLAG to indicate that a specified user id is expired.  This
   function returns 0 on success and an error code on failure.  */
-gpg_error_t tofu_register (ctrl_t ctrl, PKT_public_key *pk,
-                           strlist_t user_id_list,
-                           const byte *sigs_digest, int sigs_digest_len,
-                           time_t sig_time, const char *origin);
+gpg_error_t tofu_register_signature (ctrl_t ctrl, PKT_public_key *pk,
+                                     strlist_t user_id_list,
+                                     const byte *sigs_digest,
+                                     int sigs_digest_len,
+                                     time_t sig_time, const char *origin);
+
+/* Note that an encrypted mail was sent to <PK, USER_ID>, for each
+   USER_ID in USER_ID_LIST.  (If USER_ID_LIST is NULL, then all
+   non-revoked user ids associated with PK are used.)  If MAY_ASK is
+   set, then may interact with the user to resolve a TOFU
+   conflict.  */
+gpg_error_t tofu_register_encryption (ctrl_t ctrl,
+                                      PKT_public_key *pk,
+                                      strlist_t user_id_list,
+                                      int may_ask);

 /* Combine a trust level returned from the TOFU trust model with a
   trust level returned by the PGP trust model.  This is primarily of