Page MenuHome GnuPG
Create Task
Maniphest T5085

Filter APDUs in log output
Open, LowPublic
Actions

Description

For remote debugging it is often necessary to ask a user for a logfile from scdaemon. Although we filter most sensitive information out in log files, this is not the case for --debug cardio and --debug-ccid-driver. In particular it is possible to view the PIN of a user during a VERIFY or CHANGE REFERENCE DATA.

We should filter those APDUs as well and hide the actual PIN by default.

Revisions and Commits

rG GnuPG
rG2e18c371d241 scd: Redact --debug cardio output of a VERIFY APDU.
rG468b64dcaa9e scd: Redact --debug cardio output of a VERIFY APDU.
rG9f7ff4367247 scd: Redact --debug cardio output of a VERIFY APDU.

Related Objects

Event Timeline

werner created this task.Sep 29 2020, 11:21 AM
werner added a project: Feature Request.
Jab added a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 11:55 AM
aheinecke removed a commit: rGb08418d22cc8: gpg: Fix ugly error message for an unknown symkey algorithm..Jan 27 2021, 12:21 PM
werner lowered the priority of this task from Normal to Low.Sep 14 2021, 2:00 PM
werner added a commit: rG9f7ff4367247: scd: Redact --debug cardio output of a VERIFY APDU..Nov 17 2022, 2:41 PM
werner added a commit: rG468b64dcaa9e: scd: Redact --debug cardio output of a VERIFY APDU..Nov 17 2022, 2:56 PM
werner added a comment.Nov 17 2022, 5:00 PM

We need to do this also for CHANGE REFERENCE DATA - however, there should be an extra option so that we can debug this despite of the redacting.

werner added a commit: rG2e18c371d241: scd: Redact --debug cardio output of a VERIFY APDU..Nov 29 2022, 12:50 PM
werner edited projects, added gnupg22, gnupg24; removed gnupg (gpg22).Dec 12 2022, 11:39 PM
werner mentioned this in T6303: Release GnuPG 2.4.0.Dec 16 2022, 6:23 PM
werner added a comment.Jan 11 2024, 4:05 PM

The extra option --debug-allow-pin-logging was implemented with commit rGe43bd2a7a78.