add notes

micolous · Jan 29, 2024 · 47bc20b · 47bc20b
1 parent 59d44b0
commit 47bc20b
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 1 deletion.
diff --git a/webauthn-authenticator-rs/src/tlv/ber.rs b/webauthn-authenticator-rs/src/tlv/ber.rs
@@ -20,11 +20,14 @@ impl BerTlvParser<'_> {
         BerTlvParser { b: &tlv[i..] }
     }
 
+    /// Sets the internal buffer to an empty range, effectively "bricking" the
+    /// iterator.
     #[inline]
     fn brick(&mut self) {
         self.b = &self.b[0..0];
     }
 
+    /// Returns `None` if the internal buffer is empty.
     fn stop_if_empty(&self) -> Option<()> {
         if self.b.is_empty() {
             None
@@ -33,6 +36,10 @@ impl BerTlvParser<'_> {
         }
     }
 
+    /// Returns `None` and [bricks][0] the buffer if it contains less than
+    /// `bytes` bytes.
+    ///
+    /// [0]: BerTlvParser::brick
     fn stop_and_brick_if_less_than(&mut self, bytes: usize) -> Option<()> {
         if self.b.len() < bytes {
             error!("bricked: less than {bytes} bytes: {}", self.b.len());

diff --git a/webauthn-authenticator-rs/src/transport/yubikey.rs b/webauthn-authenticator-rs/src/transport/yubikey.rs
@@ -1,17 +1,31 @@
 //! YubiKey vendor-specific commands.
 //!
+//! This currently only supports YubiKey 5 and later. Older keys have different
+//! config formats and protocols, some firmwares give bogus data.
+//!
 //! ## USB HID
 //!
 //! Commands are sent on a `U2FHIDFrame` level, and values are bitwise-OR'd
 //! with `transport::TYPE_INIT` (0x80).
 //!
 //! Command | Description | Request | Response
 //! ------- | ----------- | ------- | --------
+//! `0x40`  | Set legacy device config | ... | ...
 //! `0x42`  | Get device config | _none_ | [`YubiKeyConfig`]
-//!
+//! `0x43`  | Set device config | [`YubiKeyConfig`] | none?
 //!
 //! ## NFC
 //!
+//! Management app AID: `a000000527471117`
+//!
+//! INS    | P1     | Description | Request | Response
+//! ------ | ------ | ----------- | ------- | --------
+//! `0x16` | `0x11` | Set legacy device config | ... | ...
+//! `0x1D` | `0x00` | Get device config | _none_ | [`YubiKeyConfig`]
+//! `0x1C` | `0x00` | Set device config | [`YubiKeyConfig`] | none?
+//!
+//! All commands sent with CLA = `0x00`, P2 = `0x00`.
+//!
 //! ## References
 //!
 //! * [DeviceInfo structure][0] (includes config)
@@ -60,7 +74,9 @@ enum ConfigKey {
     ChallengeResponseTimeout = 0x7,
     DeviceFlags = 0x8,
     AppVersions = 0x9,
+    /// 16 bytes lock code, or indicates when a device is locked
     ConfigLock = 0xa,
+    /// 16 bytes unlock code, to unlock a locked device
     Unlock = 0xb,
     Reboot = 0xc,
     SupportedNfcInterfaces = 0xd,