g10: Extend TOFU_STATS to always show the validity

* doc/DETAILS (TOFU_STATS): Rename the VALIDITY field to SUMMARY.  Add
a new field called VALIDITY.
* g10/tofu.c (write_stats_status): Update output accordingly.

--
Signed-off-by: Neal H. Walfield <[email protected]>

Change TOFU_STATS as discussed offline with Werner, Justus and Andre.

2 files changed, 31 insertions, 17 deletions

diff --git a/doc/DETAILS b/doc/DETAILS
index a264e53ee..534c48c0b 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -722,14 +722,14 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     userid encoded in UTF-8 and percent escaped.  The fingerprint is
     identical for all TOFU_USER lines up to a NEWSIG line.
 
-*** TOFU_STATS <validity> <sign-count> 0 [<policy> [<tm1> <tm2> <tm3> <tm4>]]
+*** TOFU_STATS <summary> <sign-count> <encryption-count> [<policy> [<tm1> <tm2> <tm3> <tm4> [<validity>]]]
 
     Statistics for the current user id.
 
-    Values for VALIDITY are:
-    - 0 :: conflict
-    - 1 :: key without history
-    - 2 :: key with too little history
+    Values for SUMMARY are:
+    - 0 :: attention, an interaction with the user is required (conflict)
+    - 1 :: key with no verification/encryption history
+    - 2 :: key with little history
     - 3 :: key with enough history for basic trust
     - 4 :: key with a lot of history
 
@@ -739,7 +739,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     - good    :: Policy is "good"
     - bad     :: Policy is "bad"
     - ask     :: Policy is "ask"
-    - unknown :: Policy is not known.
+    - unknown :: Policy is "unknown" (TOFU information does not
+                 contribute to the key's validity)
 
     TM1 ist the time the first message was verified.  TM2 is the time
     the most recent message was verified.  TM3 is the time the first
@@ -747,6 +748,11 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
     either be seconds since Epoch or an ISO time string
     (yyyymmddThhmmss).
 
+    VALIDITY is the same as SUMMARY with the exception that VALIDITY
+    doesn't reflect whether the key needs attention.  That is it never
+    takes on value 0.  Instead, if there is a conflict, VALIDITY still
+    reflects the key's validity (values: 1-4).
+
 *** TOFU_STATS_SHORT <long_string>
 
     Information about the TOFU binding for the signature.
diff --git a/g10/tofu.c b/g10/tofu.c
index 85759479d..bf2a0484d 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2897,7 +2897,8 @@ write_stats_status (estream_t fp,
                     unsigned long encryption_first_done,
                     unsigned long encryption_most_recent)
 {
-  const char *validity;
+  int summary;
+  int validity;
   unsigned long messages;
 
   /* Use the euclidean distance (m = sqrt(a^2 + b^2)) rather then the
@@ -2907,34 +2908,41 @@ write_stats_status (estream_t fp,
                       + encryption_count * encryption_count);
 
   if (messages < 1)
-    validity = "1"; /* Key without history.  */
+    validity = 1; /* Key without history.  */
   else if (messages < 2 * BASIC_TRUST_THRESHOLD)
-    validity = "2"; /* Key with too little history.  */
+    validity = 2; /* Key with too little history.  */
   else if (messages < 2 * FULL_TRUST_THRESHOLD)
-    validity = "3"; /* Key with enough history for basic trust.  */
+    validity = 3; /* Key with enough history for basic trust.  */
   else
-    validity = "4"; /* Key with a lot of history.  */
+    validity = 4; /* Key with a lot of history.  */
+
+  if (policy == TOFU_POLICY_ASK)
+    summary = 0; /* Key requires attention.  */
+  else
+    summary = validity;
 
   if (fp)
     {
-      es_fprintf (fp, "tfs:1:%s:%lu:%lu:%s:%lu:%lu:%lu:%lu:\n",
-                  validity, signature_count, encryption_count,
+      es_fprintf (fp, "tfs:1:%d:%lu:%lu:%s:%lu:%lu:%lu:%lu:%d:\n",
+                  summary, signature_count, encryption_count,
                   tofu_policy_str (policy),
                   signature_first_seen, signature_most_recent,
-                  encryption_first_done, encryption_most_recent);
+                  encryption_first_done, encryption_most_recent,
+                  validity);
     }
   else
     {
       write_status_printf (STATUS_TOFU_STATS,
-                           "%s %lu %lu %s %lu %lu %lu %lu",
-                           validity,
+                           "%d %lu %lu %s %lu %lu %lu %lu %d",
+                           summary,
                            signature_count,
                            encryption_count,
                            tofu_policy_str (policy),
                            signature_first_seen,
                            signature_most_recent,
                            encryption_first_done,
-                           encryption_most_recent);
+                           encryption_most_recent,
+                           validity);
     }
 }