diff --git a/core/.changelog.d/1163.fixed b/core/.changelog.d/1163.fixed deleted file mode 100644 index 1f4b60d39..000000000 --- a/core/.changelog.d/1163.fixed +++ /dev/null @@ -1 +0,0 @@ -Disable TT features (SD card, SBU, FAT) for T1 build. diff --git a/core/.changelog.d/1545.changed b/core/.changelog.d/1545.changed deleted file mode 100644 index e18fc97dc..000000000 --- a/core/.changelog.d/1545.changed +++ /dev/null @@ -1 +0,0 @@ -Converted all remaining code to common layouts. diff --git a/core/.changelog.d/1557.added b/core/.changelog.d/1557.added deleted file mode 100644 index e195a6d6f..000000000 --- a/core/.changelog.d/1557.added +++ /dev/null @@ -1 +0,0 @@ -[emulator] Added option to dump detailed Micropython memory layout diff --git a/core/.changelog.d/1581.changed b/core/.changelog.d/1581.changed deleted file mode 100644 index 754651675..000000000 --- a/core/.changelog.d/1581.changed +++ /dev/null @@ -1 +0,0 @@ -Memory optimization of BTC signing and CBOR decoding. diff --git a/core/.changelog.d/1604.added b/core/.changelog.d/1604.added deleted file mode 100644 index 4eb50cf08..000000000 --- a/core/.changelog.d/1604.added +++ /dev/null @@ -1 +0,0 @@ -Support for Ethereum EIP1559 transactions diff --git a/core/.changelog.d/1683.changed.1 b/core/.changelog.d/1683.changed.1 deleted file mode 100644 index b381dc65c..000000000 --- a/core/.changelog.d/1683.changed.1 +++ /dev/null @@ -1 +0,0 @@ -Thanks to transaction streaming, Cardano now supports larger transactions (tested with 62kB transactions, but supposedly even larger transactions are supported) diff --git a/core/.changelog.d/1683.changed.2 b/core/.changelog.d/1683.changed.2 deleted file mode 100644 index b0ebb89f2..000000000 --- a/core/.changelog.d/1683.changed.2 +++ /dev/null @@ -1 +0,0 @@ -Cardano transaction parameters are now streamed into the device one by one instead of being sent as one large object diff --git a/core/.changelog.d/1683.fixed.4 b/core/.changelog.d/1683.fixed.4 deleted file mode 100644 index d33d11bad..000000000 --- a/core/.changelog.d/1683.fixed.4 +++ /dev/null @@ -1 +0,0 @@ -It is no longer possible to sign Cardano transactions containing paths belonging to multiple accounts (except for Byron to Shelley migration) diff --git a/core/.changelog.d/1683.incompatible.3 b/core/.changelog.d/1683.incompatible.3 deleted file mode 100644 index 238b608ea..000000000 --- a/core/.changelog.d/1683.incompatible.3 +++ /dev/null @@ -1 +0,0 @@ -Due to transaction streaming in Cardano, it isn't possible to return the whole serialized transaction anymore. Instead the transaction hash, transaction witnesses and auxiliary data supplement are returned and the serialized transaction needs to be assembled by the client. diff --git a/core/.changelog.d/1704.changed b/core/.changelog.d/1704.changed deleted file mode 100644 index 39486b52e..000000000 --- a/core/.changelog.d/1704.changed +++ /dev/null @@ -1 +0,0 @@ -Refactor RLP codec for better clarity and some small memory savings. diff --git a/core/.changelog.d/1705.fixed b/core/.changelog.d/1705.fixed deleted file mode 100644 index 8439102e5..000000000 --- a/core/.changelog.d/1705.fixed +++ /dev/null @@ -1 +0,0 @@ -Add new rpId to Binance's FIDO definition. diff --git a/core/.changelog.d/1707.fixed b/core/.changelog.d/1707.fixed deleted file mode 100644 index f8ba84e38..000000000 --- a/core/.changelog.d/1707.fixed +++ /dev/null @@ -1 +0,0 @@ -Don't use format strings in keyctl-proxy diff --git a/core/.changelog.d/1708.fixed b/core/.changelog.d/1708.fixed deleted file mode 100644 index 08f129c09..000000000 --- a/core/.changelog.d/1708.fixed +++ /dev/null @@ -1 +0,0 @@ -Properly respond to USB events while on a paginated screen. diff --git a/core/.changelog.d/1744.changed b/core/.changelog.d/1744.changed deleted file mode 100644 index 748780be5..000000000 --- a/core/.changelog.d/1744.changed +++ /dev/null @@ -1 +0,0 @@ -Refer to `m/48'/...` multisig derivation paths as BIP-48 instead of Purpose48. diff --git a/core/.changelog.d/1765.removed b/core/.changelog.d/1765.removed deleted file mode 100644 index a82056b27..000000000 --- a/core/.changelog.d/1765.removed +++ /dev/null @@ -1 +0,0 @@ -Removed support for Lisk diff --git a/core/.changelog.d/1767.added b/core/.changelog.d/1767.added deleted file mode 100644 index 6d8639fcc..000000000 --- a/core/.changelog.d/1767.added +++ /dev/null @@ -1 +0,0 @@ -Re-enabled Firo support diff --git a/core/CHANGELOG.md b/core/CHANGELOG.md index a44ccb8f7..f3d471857 100644 --- a/core/CHANGELOG.md +++ b/core/CHANGELOG.md @@ -4,6 +4,35 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## 2.4.2 [26th August 2021] + +### Added +- [emulator] Added option to dump detailed Micropython memory layout [#1557] +- Support for Ethereum EIP1559 transactions [#1604] +- Re-enabled Firo support [#1767] + +### Changed +- Converted all remaining code to common layouts. [#1545] +- Memory optimization of BTC signing and CBOR decoding. [#1581] +- Cardano transaction parameters are now streamed into the device one by one instead of being sent as one large object [#1683] +- Thanks to transaction streaming, Cardano now supports larger transactions (tested with 62kB transactions, but supposedly even larger transactions are supported) [#1683] +- Refactor RLP codec for better clarity and some small memory savings. [#1704] +- Refer to `m/48'/...` multisig derivation paths as BIP-48 instead of Purpose48. [#1744] + +### Removed +- Removed support for Lisk [#1765] + +### Fixed +- Disable TT features (SD card, SBU, FAT) for T1 build. [#1163] +- It is no longer possible to sign Cardano transactions containing paths belonging to multiple accounts (except for Byron to Shelley migration) [#1683] +- Add new rpId to Binance's FIDO definition. [#1705] +- Don't use format strings in keyctl-proxy [#1707] +- Properly respond to USB events while on a paginated screen. [#1708] + +### Incompatible changes +- Due to transaction streaming in Cardano, it isn't possible to return the whole serialized transaction anymore. Instead the transaction hash, transaction witnesses and auxiliary data supplement are returned and the serialized transaction needs to be assembled by the client. [#1683] + + ## 2.4.1 [14th July 2021] ### Added @@ -389,6 +418,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#1133]: https://github.com/trezor/trezor-firmware/issues/1133 [#1139]: https://github.com/trezor/trezor-firmware/issues/1139 [#1159]: https://github.com/trezor/trezor-firmware/issues/1159 +[#1163]: https://github.com/trezor/trezor-firmware/issues/1163 [#1165]: https://github.com/trezor/trezor-firmware/pull/1165 [#1167]: https://github.com/trezor/trezor-firmware/issues/1167 [#1173]: https://github.com/trezor/trezor-firmware/pull/1173 @@ -421,8 +451,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#1538]: https://github.com/trezor/trezor-firmware/issues/1538 [#1540]: https://github.com/trezor/trezor-firmware/issues/1540 [#1541]: https://github.com/trezor/trezor-firmware/issues/1541 +[#1545]: https://github.com/trezor/trezor-firmware/issues/1545 [#1554]: https://github.com/trezor/trezor-firmware/issues/1554 +[#1557]: https://github.com/trezor/trezor-firmware/issues/1557 [#1565]: https://github.com/trezor/trezor-firmware/issues/1565 +[#1581]: https://github.com/trezor/trezor-firmware/issues/1581 +[#1604]: https://github.com/trezor/trezor-firmware/issues/1604 [#1606]: https://github.com/trezor/trezor-firmware/issues/1606 [#1620]: https://github.com/trezor/trezor-firmware/issues/1620 [#1647]: https://github.com/trezor/trezor-firmware/issues/1647 @@ -431,3 +465,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#1659]: https://github.com/trezor/trezor-firmware/issues/1659 [#1671]: https://github.com/trezor/trezor-firmware/issues/1671 [#1672]: https://github.com/trezor/trezor-firmware/issues/1672 +[#1683]: https://github.com/trezor/trezor-firmware/issues/1683 +[#1704]: https://github.com/trezor/trezor-firmware/issues/1704 +[#1705]: https://github.com/trezor/trezor-firmware/issues/1705 +[#1707]: https://github.com/trezor/trezor-firmware/issues/1707 +[#1708]: https://github.com/trezor/trezor-firmware/issues/1708 +[#1744]: https://github.com/trezor/trezor-firmware/issues/1744 +[#1765]: https://github.com/trezor/trezor-firmware/issues/1765 +[#1767]: https://github.com/trezor/trezor-firmware/issues/1767 diff --git a/legacy/firmware/.changelog.d/1705.fixed b/legacy/firmware/.changelog.d/1705.fixed deleted file mode 100644 index 8439102e5..000000000 --- a/legacy/firmware/.changelog.d/1705.fixed +++ /dev/null @@ -1 +0,0 @@ -Add new rpId to Binance's FIDO definition. diff --git a/legacy/firmware/.changelog.d/1743.changed b/legacy/firmware/.changelog.d/1743.changed deleted file mode 100644 index fbda3b491..000000000 --- a/legacy/firmware/.changelog.d/1743.changed +++ /dev/null @@ -1 +0,0 @@ -Emulator properly waits for IO without busy loop diff --git a/legacy/firmware/.changelog.d/1765.removed b/legacy/firmware/.changelog.d/1765.removed deleted file mode 100644 index a82056b27..000000000 --- a/legacy/firmware/.changelog.d/1765.removed +++ /dev/null @@ -1 +0,0 @@ -Removed support for Lisk diff --git a/legacy/firmware/.changelog.d/1767.added b/legacy/firmware/.changelog.d/1767.added deleted file mode 100644 index 6d8639fcc..000000000 --- a/legacy/firmware/.changelog.d/1767.added +++ /dev/null @@ -1 +0,0 @@ -Re-enabled Firo support diff --git a/legacy/firmware/CHANGELOG.md b/legacy/firmware/CHANGELOG.md index 871036576..3105b80ce 100644 --- a/legacy/firmware/CHANGELOG.md +++ b/legacy/firmware/CHANGELOG.md @@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## 1.10.3 [26th August 2021] + +### Added +- Re-enabled Firo support [#1767] + +### Changed +- Emulator properly waits for IO without busy loop [#1743] + +### Removed +- Removed support for Lisk [#1765] + +### Fixed +- Add new rpId to Binance's FIDO definition. [#1705] + +### Security +- Stricter protobuf field handling in Stellar. + + ## 1.10.2 [14th July 2021] ### Removed @@ -412,3 +430,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). [#1647]: https://github.com/trezor/trezor-firmware/issues/1647 [#1650]: https://github.com/trezor/trezor-firmware/issues/1650 [#1660]: https://github.com/trezor/trezor-firmware/issues/1660 +[#1705]: https://github.com/trezor/trezor-firmware/issues/1705 +[#1743]: https://github.com/trezor/trezor-firmware/issues/1743 +[#1765]: https://github.com/trezor/trezor-firmware/issues/1765 +[#1767]: https://github.com/trezor/trezor-firmware/issues/1767 diff --git a/legacy/firmware/stellar.c b/legacy/firmware/stellar.c index 8b79adb30..7896c2deb 100644 --- a/legacy/firmware/stellar.c +++ b/legacy/firmware/stellar.c @@ -105,10 +105,9 @@ bool stellar_signingInit(const StellarSignTx *msg) { // non-zero uint8_t has_timebounds = (msg->timebounds_start > 0 || msg->timebounds_end > 0); + // Hash: the "has timebounds?" boolean + stellar_hashupdate_bool(has_timebounds); if (has_timebounds) { - // Hash: the "has timebounds?" boolean - stellar_hashupdate_bool(true); - // Timebounds are sent as uint32s since that's all we can display, but they // must be hashed as 64-bit values stellar_hashupdate_uint32(0); @@ -117,10 +116,6 @@ bool stellar_signingInit(const StellarSignTx *msg) { stellar_hashupdate_uint32(0); stellar_hashupdate_uint32(msg->timebounds_end); } - // No timebounds, hash a false boolean - else { - stellar_hashupdate_bool(false); - } // Hash: memo stellar_hashupdate_uint32(msg->memo_type); @@ -140,10 +135,12 @@ bool stellar_signingInit(const StellarSignTx *msg) { // Hash and return are the same data structure (32 byte tx hash) case 3: case 4: - stellar_hashupdate_bytes(msg->memo_hash.bytes, msg->memo_hash.size); + stellar_hashupdate_bytes(msg->memo_hash.bytes, 32); break; default: - break; + fsm_sendFailure(FailureType_Failure_DataError, + _("Stellar invalid memo type")); + return false; } // Hash: number of operations @@ -707,6 +704,7 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) { // Hash low threshold stellar_hashupdate_uint32(msg->low_threshold); } + stellar_hashupdate_bool(msg->has_medium_threshold); if (msg->has_medium_threshold) { char str_med_threshold[10 + 1] = {0}; @@ -720,6 +718,7 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) { // Hash medium threshold stellar_hashupdate_uint32(msg->medium_threshold); } + stellar_hashupdate_bool(msg->has_high_threshold); if (msg->has_high_threshold) { char str_high_threshold[10 + 1] = {0}; @@ -789,45 +788,42 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) { strlcat(str_weight_row, str_weight, sizeof(str_weight_row)); // 0 = account, 1 = pre-auth, 2 = hash(x) - char str_signer_type[16] = {0}; + char *str_signer_type = NULL; bool needs_hash_confirm = false; - if (msg->signer_type == 0) { - strlcpy(str_signer_type, _("account"), sizeof(str_signer_type)); - strlcat(str_title, str_signer_type, sizeof(str_title)); - - const char **str_addr_rows = - stellar_lineBreakAddress(msg->signer_key.bytes); - stellar_layoutTransactionDialog(str_title, str_weight_row, - str_addr_rows[0], str_addr_rows[1], - str_addr_rows[2]); - if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) { - stellar_signingAbort(_("User canceled")); - return false; - } - } - if (msg->signer_type == 1) { - needs_hash_confirm = true; - strlcpy(str_signer_type, _("pre-auth hash"), sizeof(str_signer_type)); - strlcat(str_title, str_signer_type, sizeof(str_title)); - - stellar_layoutTransactionDialog(str_title, str_weight_row, NULL, - _("(confirm hash on next"), _("screen)")); - if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) { - stellar_signingAbort(_("User canceled")); + switch (msg->signer_type) { + case 0: + strlcat(str_title, _("account"), sizeof(str_title)); + + const char **str_addr_rows = + stellar_lineBreakAddress(msg->signer_key.bytes); + stellar_layoutTransactionDialog(str_title, str_weight_row, + str_addr_rows[0], str_addr_rows[1], + str_addr_rows[2]); + if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, + false)) { + stellar_signingAbort(_("User canceled")); + return false; + } + break; + case 1: + case 2: + str_signer_type = + (msg->signer_type == 1) ? _("pre-auth hash") : _("hash(x)"); + needs_hash_confirm = true; + strlcat(str_title, str_signer_type, sizeof(str_title)); + + stellar_layoutTransactionDialog(str_title, str_weight_row, NULL, + _("(confirm hash on next"), + _("screen)")); + if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, + false)) { + stellar_signingAbort(_("User canceled")); + return false; + } + break; + default: + stellar_signingAbort(_("Stellar: invalid signer type")); return false; - } - } - if (msg->signer_type == 2) { - needs_hash_confirm = true; - strlcpy(str_signer_type, _("hash(x)"), sizeof(str_signer_type)); - strlcat(str_title, str_signer_type, sizeof(str_title)); - - stellar_layoutTransactionDialog(str_title, str_weight_row, NULL, - _("(confirm hash on next"), _("screen)")); - if (!protectButton(ButtonRequestType_ButtonRequest_ProtectCall, false)) { - stellar_signingAbort(_("User canceled")); - return false; - } } // Extra confirmation step for hash signers @@ -850,7 +846,7 @@ bool stellar_confirmSetOptionsOp(const StellarSetOptionsOp *msg) { // Hash: signer type stellar_hashupdate_uint32(msg->signer_type); // key - stellar_hashupdate_bytes(msg->signer_key.bytes, msg->signer_key.size); + stellar_hashupdate_bytes(msg->signer_key.bytes, 32); // weight stellar_hashupdate_uint32(msg->signer_weight); } @@ -973,17 +969,21 @@ bool stellar_confirmAllowTrustOp(const StellarAllowTrustOp *msg) { // asset type stellar_hashupdate_uint32(msg->asset_type); // asset code - if (msg->asset_type == 1) { - char code4[4 + 1] = {0}; - memzero(code4, sizeof(code4)); - strlcpy(code4, msg->asset_code, sizeof(code4)); - stellar_hashupdate_bytes((uint8_t *)code4, 4); - } - if (msg->asset_type == 2) { - char code12[12 + 1] = {0}; - memzero(code12, sizeof(code12)); - strlcpy(code12, msg->asset_code, sizeof(code12)); - stellar_hashupdate_bytes((uint8_t *)code12, 12); + char padded_code[12 + 1] = {0}; + switch (msg->asset_type) { + case 0: // native asset (XLM) + break; + case 1: // alphanum 4 + strlcpy(padded_code, msg->asset_code, 4 + 1); + stellar_hashupdate_bytes((uint8_t *)padded_code, 4); + break; + case 2: // alphanum 12 + strlcpy(padded_code, msg->asset_code, 12 + 1); + stellar_hashupdate_bytes((uint8_t *)padded_code, 12); + break; + default: + stellar_signingAbort(_("Stellar: invalid asset type")); + return false; } // is authorized stellar_hashupdate_bool(msg->is_authorized); @@ -1086,11 +1086,9 @@ bool stellar_confirmManageDataOp(const StellarManageDataOp *msg) { stellar_hashupdate_string((unsigned char *)&(msg->key), strnlen(msg->key, 64)); // value + stellar_hashupdate_bool(msg->has_value); if (msg->has_value) { - stellar_hashupdate_bool(true); stellar_hashupdate_string(msg->value.bytes, msg->value.size); - } else { - stellar_hashupdate_bool(false); } // At this point, the operation is confirmed @@ -1628,36 +1626,36 @@ void stellar_layoutTransactionSummary(const StellarSignTx *msg) { // Reset lines for displaying memo memzero(str_lines, sizeof(str_lines)); - // Memo: none - if (msg->memo_type == 0) { - strlcpy(str_lines[0], _("[No Memo Set]"), sizeof(str_lines[0])); - strlcpy(str_lines[1], _("Important:"), sizeof(str_lines[0])); - strlcpy(str_lines[2], _("Many exchanges require"), sizeof(str_lines[0])); - strlcpy(str_lines[3], _("a memo when depositing."), sizeof(str_lines[0])); - } - // Memo: text - if (msg->memo_type == 1) { - strlcpy(str_lines[0], _("Memo (TEXT)"), sizeof(str_lines[0])); - - // Split 28-character string into two lines of 19 / 9 - // todo: word wrap method? - strlcpy(str_lines[1], (const char *)msg->memo_text, 19 + 1); - strlcpy(str_lines[2], (const char *)(msg->memo_text + 19), 9 + 1); - } - // Memo: ID - if (msg->memo_type == 2) { - strlcpy(str_lines[0], _("Memo (ID)"), sizeof(str_lines[0])); - stellar_format_uint64(msg->memo_id, str_lines[1], sizeof(str_lines[1])); - } - // Memo: hash - if (msg->memo_type == 3) { - needs_memo_hash_confirm = 1; - strlcpy(str_lines[0], _("Memo (HASH)"), sizeof(str_lines[0])); - } - // Memo: return - if (msg->memo_type == 4) { - needs_memo_hash_confirm = 1; - strlcpy(str_lines[0], _("Memo (RETURN)"), sizeof(str_lines[0])); + switch (msg->memo_type) { + case 0: // Memo: none + strlcpy(str_lines[0], _("[No Memo Set]"), sizeof(str_lines[0])); + strlcpy(str_lines[1], _("Important:"), sizeof(str_lines[0])); + strlcpy(str_lines[2], _("Many exchanges require"), sizeof(str_lines[0])); + strlcpy(str_lines[3], _("a memo when depositing."), sizeof(str_lines[0])); + break; + case 1: // Memo: text + strlcpy(str_lines[0], _("Memo (TEXT)"), sizeof(str_lines[0])); + + // Split 28-character string into two lines of 19 / 9 + // todo: word wrap method? + strlcpy(str_lines[1], (const char *)msg->memo_text, 19 + 1); + strlcpy(str_lines[2], (const char *)(msg->memo_text + 19), 9 + 1); + break; + case 2: // Memo: ID + strlcpy(str_lines[0], _("Memo (ID)"), sizeof(str_lines[0])); + stellar_format_uint64(msg->memo_id, str_lines[1], sizeof(str_lines[1])); + break; + case 3: // Memo: hash + needs_memo_hash_confirm = 1; + strlcpy(str_lines[0], _("Memo (HASH)"), sizeof(str_lines[0])); + break; + case 4: // Memo: return + needs_memo_hash_confirm = 1; + strlcpy(str_lines[0], _("Memo (RETURN)"), sizeof(str_lines[0])); + break; + default: + stellar_signingAbort(_("Stellar invalid memo type")); + return; } if (needs_memo_hash_confirm) {