diff options
| author | Werner Koch <[email protected]> | 2022-11-17 13:22:04 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2022-11-25 12:58:22 +0000 |
| commit | 2e18c371d2417b86c34f986d075a2ef6a374ab92 (patch) | |
| tree | f85b3f27e6c6efae76229a347be5d00266950f3a | |
| parent | gpg: Add a notation to encryption subkeys in de-vs mode. (diff) | |
| download | gnupg-2e18c371d2417b86c34f986d075a2ef6a374ab92.tar.gz gnupg-2e18c371d2417b86c34f986d075a2ef6a374ab92.zip | |
scd: Redact --debug cardio output of a VERIFY APDU.
* scd/apdu.c (pcsc_send_apdu) [DBG_CARD_IO]: Detect and redact a
VERIFY.
(send_apdu_ccid): Ditto.
--
This should handle the most common case.
GnuPG-bug-id: 5085
| -rw-r--r-- | scd/apdu.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/scd/apdu.c b/scd/apdu.c index 9568d2503..9fb5cbee4 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -772,7 +772,14 @@ pcsc_send_apdu (int slot, unsigned char *apdu, size_t apdulen, return err; if (DBG_CARD_IO) - log_printhex (apdu, apdulen, " PCSC_data:"); + { + /* Do not dump the PIN in a VERIFY command. */ + if (apdulen > 5 && apdu[1] == 0x20) + log_debug ("PCSC_data: %02X %02X %02X %02X %02X [redacted]\n", + apdu[0], apdu[1], apdu[2], apdu[3], apdu[4]); + else + log_printhex (apdu, apdulen, "PCSC_data:"); + } if ((reader_table[slot].pcsc.protocol & PCSC_PROTOCOL_T1)) send_pci.protocol = PCSC_PROTOCOL_T1; @@ -1697,7 +1704,14 @@ send_apdu_ccid (int slot, unsigned char *apdu, size_t apdulen, return err; if (DBG_CARD_IO) - log_printhex (apdu, apdulen, " raw apdu:"); + { + /* Do not dump the PIN in a VERIFY command. */ + if (apdulen > 5 && apdu[1] == 0x20) + log_debug (" raw apdu: %02x%02x%02x%02x%02x [redacted]\n", + apdu[0], apdu[1], apdu[2], apdu[3], apdu[4]); + else + log_printhex (apdu, apdulen, " raw apdu:"); + } maxbuflen = *buflen; if (pininfo) |