diff options
| author | Werner Koch <wk@gnupg.org> | 2022-11-17 14:22:04 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2022-11-17 14:33:18 +0100 |
| commit | 9f7ff43672478b213582125a7d288c96c5bb73b9 (patch) | |
| tree | 1cd0eba02f01ca348ff28812d89ade90ff8fbdcb /scd/apdu.c | |
| parent | common: Remove Windows CE support in common. (diff) | |
| download | gnupg2-9f7ff43672478b213582125a7d288c96c5bb73b9.tar.xz gnupg2-9f7ff43672478b213582125a7d288c96c5bb73b9.zip | |
scd: Redact --debug cardio output of a VERIFY APDU.
* scd/apdu.c (pcsc_send_apdu) [DBG_CARD_IO]: Detect and redact a
VERIFY.
(send_apdu_ccid): Ditto.
--
This should handle the most common case.
GnuPG-bug-id: 5085
Diffstat (limited to 'scd/apdu.c')
| -rw-r--r-- | scd/apdu.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/scd/apdu.c b/scd/apdu.c index e83815ba5..ffada1d78 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -773,7 +773,14 @@ pcsc_send_apdu (int slot, unsigned char *apdu, size_t apdulen, return err; if (DBG_CARD_IO) - log_printhex (apdu, apdulen, " PCSC_data:"); + { + /* Do not dump the PIN in a VERIFY command. */ + if (apdulen > 5 && apdu[1] == 0x20) + log_debug ("PCSC_data: %02X %02X %02X %02X %02X [redacted]\n", + apdu[0], apdu[1], apdu[2], apdu[3], apdu[4]); + else + log_printhex (apdu, apdulen, "PCSC_data:"); + } if ((reader_table[slot].pcsc.protocol & PCSC_PROTOCOL_T1)) send_pci.protocol = PCSC_PROTOCOL_T1; @@ -1555,7 +1562,14 @@ send_apdu_ccid (int slot, unsigned char *apdu, size_t apdulen, return err; if (DBG_CARD_IO) - log_printhex (apdu, apdulen, " raw apdu:"); + { + /* Do not dump the PIN in a VERIFY command. */ + if (apdulen > 5 && apdu[1] == 0x20) + log_debug (" raw apdu: %02x%02x%02x%02x%02x [redacted]\n", + apdu[0], apdu[1], apdu[2], apdu[3], apdu[4]); + else + log_printhex (apdu, apdulen, " raw apdu:"); + } maxbuflen = *buflen; if (pininfo) |