diff --git a/src/authenticator.rs b/src/authenticator.rs index 125ad3f9..571ca46f 100644 --- a/src/authenticator.rs +++ b/src/authenticator.rs @@ -304,7 +304,7 @@ where self.state.runtime.previously = None; } - // DESIGN Allow all commands to be called without PIN verification + // DESIGN (see design.md): Allow all commands to be called without PIN verification // Lazy init: make sure hardware key is initialized self.init()?; @@ -343,7 +343,7 @@ where }; // Call logout after processing, so the PIN-based KEK would not be kept in the memory - // DESIGN -> Per-request authorization + // DESIGN (see design.md): -> Per-request authorization if self.state.runtime.encryption_key.is_some() { // Do not call automatic logout after these commands match command { @@ -412,7 +412,7 @@ where } fn reset(&mut self) -> Result { - // DESIGN Reset: always confirm with touch button + // DESIGN (see design.md): Reset: always confirm with touch button self.user_present()?; // Run any structured cleanup we have @@ -626,7 +626,7 @@ where } fn register(&mut self, register: command::Register<'_>) -> Result { - // DESIGN Registration: require touch button if set on the credential, but not if the PIN was already checked + // DESIGN (see design.md): Registration: require touch button if set on the credential, but not if the PIN was already checked if register.credential.touch_required && register.credential.encryption_key_type != EncryptionKeyType::PinBased { @@ -822,10 +822,10 @@ where update_req: command::CredentialUpdate<'_>, _reply: &mut Data, ) -> Result { - // DESIGN Get operation confirmation from user before proceeding + // DESIGN (see design.md): Get operation confirmation from user before proceeding self.user_present()?; - // DESIGN check if the target name is occupied already + // DESIGN (see design.md): check if the target name is occupied already if let Some(new_label) = update_req.new_label { self.err_if_credential_with_label_exists(new_label)?; } @@ -882,10 +882,10 @@ where rename_req: command::RenameCredential<'_>, _reply: &mut Data, ) -> Result { - // DESIGN Get operation confirmation from user before proceeding + // DESIGN (see design.md): Get operation confirmation from user before proceeding self.user_present()?; - // DESIGN check if the target name is occupied already + // DESIGN (see design.md): check if the target name is occupied already self.err_if_credential_with_label_exists(rename_req.new_label)?; if !self.credential_with_label_exists(rename_req.label)? { return Err(Status::NotFound); @@ -935,7 +935,7 @@ where } fn require_touch_if_needed(&mut self, credential: &CredentialFlat) -> Result<()> { - // DESIGN Daily use: require touch button if set on the credential, but not if the PIN was already checked + // DESIGN (see design.md): Daily use: require touch button if set on the credential, but not if the PIN was already checked // Safety: encryption_key_type should be set for credential during loading in load_credential if credential.touch_required && credential.encryption_key_type.unwrap() != EncryptionKeyType::PinBased @@ -1444,7 +1444,7 @@ where self._extension_logout()?; - // DESIGN Always ask for touch button confirmation before verifying PIN, to prevent + // DESIGN (see design.md): Always ask for touch button confirmation before verifying PIN, to prevent // non-intentional attempt counter use up self.user_present()?; @@ -1464,7 +1464,7 @@ where if self._extension_is_pin_set()? { return Err(Status::SecurityStatusNotSatisfied); } - // DESIGN Set PIN: always confirm with touch button + // DESIGN (see design.md): Set PIN: always confirm with touch button self.user_present()?; let command::SetPin { password } = set_pin; @@ -1483,7 +1483,7 @@ where if !self._extension_is_pin_set()? { return Err(Status::SecurityStatusNotSatisfied); } - // DESIGN Change PIN: always confirm with touch button + // DESIGN (see design.md): Change PIN: always confirm with touch button self.user_present()?; let command::ChangePin {