scd: New option --debug-allow-pin-logging.

* scd/scdaemon.c (oDebugAllowPINLogging): New. (opts): Add option. (main): Set option. * scd/scdaemon.h (opt): Add debug_allow_pin_logging. * scd/apdu.c (pcsc_send_apdu): Do not hide the PIN dat in the debug output if the option is set. (send_apdu_ccid): Ditto. -- This option is only required during development.
2023-11-17 14:40:38 +01:00 · 2023-11-17 14:40:38 +01:00 · e43bd2a7a7
parent 2fa916ebff
commit e43bd2a7a7
3 changed files with 10 additions and 4 deletions
--- a/scd/apdu.c
+++ b/scd/apdu.c
@ -775,8 +775,8 @@ pcsc_send_apdu (int slot, unsigned char *apdu, size_t apdulen,
  if (DBG_CARD_IO)
    {
      /* Do not dump the PIN in a VERIFY command.  */
-      if (apdulen > 5 && apdu[1] == 0x20)
-        log_debug ("PCSC_data: %02X %02X %02X %02X %02X [redacted]\n",
+      if (apdulen > 5 && apdu[1] == 0x20 && !opt.debug_allow_pin_logging)
+        log_debug ("PCSC_data: %02X %02X %02X %02X %02X [hidden]\n",
                   apdu[0], apdu[1], apdu[2], apdu[3], apdu[4]);
      else
        log_printhex (apdu, apdulen, "PCSC_data:");
@ -1564,8 +1564,8 @@ send_apdu_ccid (int slot, unsigned char *apdu, size_t apdulen,
  if (DBG_CARD_IO)
    {
      /* Do not dump the PIN in a VERIFY command.  */
-      if (apdulen > 5 && apdu[1] == 0x20)
-        log_debug (" raw apdu: %02x%02x%02x%02x%02x [redacted]\n",
+      if (apdulen > 5 && apdu[1] == 0x20 && !opt.debug_allow_pin_logging)
+        log_debug (" raw apdu: %02x%02x%02x%02x%02x [hidden]\n",
                   apdu[0], apdu[1], apdu[2], apdu[3], apdu[4]);
      else
        log_printhex (apdu, apdulen, " raw apdu:");
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@ -79,6 +79,7 @@ enum cmd_and_opt_values
  oDebugAllowCoreDump,
  oDebugCCIDDriver,
  oDebugLogTid,
+  oDebugAllowPINLogging,
  oDebugAssuanLogCats,
  oNoGreeting,
  oNoOptions,
@ -138,6 +139,7 @@ static gpgrt_opt_t opts[] = {
  ARGPARSE_s_n (oDebugAllowCoreDump, "debug-allow-core-dump", "@"),
  ARGPARSE_s_n (oDebugCCIDDriver, "debug-ccid-driver", "@"),
  ARGPARSE_s_n (oDebugLogTid, "debug-log-tid", "@"),
+  ARGPARSE_s_n (oDebugAllowPINLogging, "debug-allow-pin-logging", "@"),
  ARGPARSE_p_u (oDebugAssuanLogCats, "debug-assuan-log-cats", "@"),
  ARGPARSE_s_s (oLogFile,  "log-file", N_("|FILE|write a log to FILE")),

@ -587,6 +589,9 @@ main (int argc, char **argv )
        case oDebugLogTid:
          log_set_pid_suffix_cb (tid_log_callback);
          break;
+        case oDebugAllowPINLogging:
+          opt.debug_allow_pin_logging = 1;
+          break;
        case oDebugAssuanLogCats:
          set_libassuan_log_cats (pargs.r.ret_ulong);
          break;
--- a/scd/scdaemon.h
+++ b/scd/scdaemon.h
@ -66,6 +66,7 @@ struct
  strlist_t disabled_applications;  /* Card applications we do not
                                       want to use. */
  unsigned long card_timeout; /* Disconnect after N seconds of inactivity.  */
+  int debug_allow_pin_logging; /* Allow PINs in debug output.  */
 } opt;