make it configurable whether or not allow logging of sensitive apdu command data at all (to please the Belgian EID guys ;-)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2096 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
3158fa3e05
commit
69cd0dbb76
|
@ -188,9 +188,18 @@ static int sc_transceive(struct sc_card *card, struct sc_apdu *apdu)
|
||||||
if (card->ctx->debug >= 5) {
|
if (card->ctx->debug >= 5) {
|
||||||
char buf[2048];
|
char buf[2048];
|
||||||
|
|
||||||
buf[0] = 0;
|
#ifndef OPENSC_DONT_LOG_SENSITIVE
|
||||||
if (!apdu->sensitive || card->ctx->debug >= 6)
|
if (!apdu->sensitive || card->ctx->debug >= 6)
|
||||||
|
#else
|
||||||
|
if (!apdu->sensitive)
|
||||||
|
#endif
|
||||||
sc_hex_dump(card->ctx, sbuf, sendsize, buf, sizeof(buf));
|
sc_hex_dump(card->ctx, sbuf, sendsize, buf, sizeof(buf));
|
||||||
|
else
|
||||||
|
/* sensitive information: just print the command
|
||||||
|
* header and no data */
|
||||||
|
snprintf(buf, sizeof(buf), "%02x %02x %02x %02x [sensitve data]",
|
||||||
|
apdu->cla, apdu->ins, apdu->p1, apdu->p2);
|
||||||
|
|
||||||
sc_debug(card->ctx, "Sending %d bytes (resp. %d bytes%s):\n%s",
|
sc_debug(card->ctx, "Sending %d bytes (resp. %d bytes%s):\n%s",
|
||||||
sendsize, recvsize,
|
sendsize, recvsize,
|
||||||
apdu->sensitive ? ", sensitive" : "", buf);
|
apdu->sensitive ? ", sensitive" : "", buf);
|
||||||
|
|
Loading…
Reference in New Issue