Merge branch 'master' into matejcik/storage-relocation

5 years ago · 75622d92d2
parent dee47a06f2 e286bd46f9
commit 75622d92d2
32 changed files with 178 additions and 184 deletions
--- a/ci/build.yml
+++ b/ci/build.yml
@ -186,7 +186,6 @@ legacy fw regular build:
  script:
    - cd legacy
    - pipenv run script/cibuild
-    - pipenv run make -C bootloader
    - pipenv run make -C demo
    - cd ..
    - export VERSION=$(./tools/version.sh legacy/firmware/version.h)
--- a/core/ChangeLog
+++ b/core/ChangeLog
@ -1,6 +1,7 @@
 Version 2.x.x [not yet released]
 * SD card protection
 * Remove unused ButtonRequest.data field
+* Rework Recovery persistence internally

 Version 2.1.8 [Nov 2019]
 * Support Tezos 005-BABYLON hardfork
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-nem.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-nem.h
@ -56,8 +56,7 @@ STATIC mp_obj_t mod_trezorcrypto_nem_compute_address(mp_obj_t public_key,
    mp_raise_ValueError(
        "Failed to compute a NEM address from provided public key");
  }
-  return mp_obj_new_str_of_type(&mp_type_str, (const uint8_t *)address,
-                                strlen(address));
+  return mp_obj_new_str(address, strlen(address));
 }
 STATIC MP_DEFINE_CONST_FUN_OBJ_2(mod_trezorcrypto_nem_compute_address_obj,
                                 mod_trezorcrypto_nem_compute_address);
--- a/core/src/apps/management/recovery_device/homescreen.py
+++ b/core/src/apps/management/recovery_device/homescreen.py
@ -145,9 +145,9 @@ async def _finish_recovery(
        storage.device.set_slip39_identifier(identifier)
        storage.device.set_slip39_iteration_exponent(exponent)

-    await show_success(ctx, ("You have successfully", "recovered your wallet."))
-
    storage.recovery.end_progress()
+
+    await show_success(ctx, ("You have successfully", "recovered your wallet."))
    return Success(message="Device recovered")


--- a/legacy/bootloader/Makefile
+++ b/legacy/bootloader/Makefile
@ -4,6 +4,13 @@ OBJS += bootloader.o
 OBJS += signatures.o
 OBJS += usb.o

+# overrides from libtrezor
+CFLAGS += -DFONT_SKIP_FIXED=1
+OBJS += ../gen/fonts.small.o
+
+# overrides from trezor-crypto
+CFLAGS += -DUSE_PRECOMPUTED_IV=0
+CFLAGS += -DUSE_PRECOMPUTED_CP=0
 OBJS += ../vendor/trezor-crypto/bignum.small.o
 OBJS += ../vendor/trezor-crypto/ecdsa.small.o
 OBJS += ../vendor/trezor-crypto/secp256k1.small.o
@ -11,9 +18,6 @@ OBJS += ../vendor/trezor-crypto/sha2.small.o
 OBJS += ../vendor/trezor-crypto/memzero.small.o
 OBJS += ../vendor/trezor-crypto/hmac_drbg.small.o

-CFLAGS += -DUSE_PRECOMPUTED_IV=0
-CFLAGS += -DUSE_PRECOMPUTED_CP=0
-
 OPTFLAGS ?= -Os

 include ../Makefile.include
--- a/legacy/bootloader/bootloader.c
+++ b/legacy/bootloader/bootloader.c
@ -57,6 +57,11 @@ void show_halt(const char *line1, const char *line2) {
  shutdown();
 }

+void show_unplug(const char *line1, const char *line2) {
+  layoutDialog(&bmp_icon_ok, NULL, NULL, NULL, line1, line2, NULL,
+               "You may now", "unplug your Trezor.", NULL);
+}
+
 static void show_unofficial_warning(const uint8_t *hash) {
  layoutDialog(&bmp_icon_warning, "Abort", "I'll take the risk", NULL,
               "WARNING!", NULL, "Unofficial firmware", "detected.", NULL,
@ -136,10 +141,7 @@ int main(void) {
    }

    if (SIG_OK != check_firmware_hashes(hdr)) {
-      layoutDialog(&bmp_icon_error, NULL, NULL, NULL, "Broken firmware",
-                   "detected.", NULL, "Unplug your Trezor,",
-                   "reinstall firmware.", NULL);
-      shutdown();
+      show_halt("Broken firmware", "detected.");
    }

    mpu_config_off();
--- a/legacy/bootloader/bootloader.h
+++ b/legacy/bootloader/bootloader.h
@ -25,14 +25,11 @@
 #define STR(X) #X
 #define VERSTR(X) STR(X)

-#define VERSION_MAJOR_CHAR "\x01"
-#define VERSION_MINOR_CHAR "\x08"
-#define VERSION_PATCH_CHAR "\x00"
-
 #include <stdbool.h>
 #include <stdint.h>

 void show_halt(const char *line1, const char *line2);
+void show_unplug(const char *line1, const char *line2);
 void layoutFirmwareFingerprint(const uint8_t *hash);
 bool get_button_response(void);

--- a/legacy/bootloader/usb.c
+++ b/legacy/bootloader/usb.c
@ -42,7 +42,6 @@
 #include "winusb.h"

 #include "usb_desc.h"
-#include "usb_erase.h"
 #include "usb_send.h"

 enum {
@ -61,6 +60,19 @@ static char flash_state = STATE_READY;
 static uint32_t FW_HEADER[FLASH_FWHEADER_LEN / sizeof(uint32_t)];
 static uint32_t FW_CHUNK[FW_CHUNK_SIZE / sizeof(uint32_t)];

+static void flash_enter(void) {
+  flash_wait_for_last_operation();
+  flash_clear_status_flags();
+  flash_unlock();
+}
+
+static void flash_exit(void) {
+  flash_wait_for_last_operation();
+  flash_lock();
+}
+
+#include "usb_erase.h"
+
 static void check_and_write_chunk(void) {
  uint32_t offset = (chunk_idx == 0) ? FLASH_FWHEADER_LEN : 0;
  uint32_t chunk_pos = flash_pos % FW_CHUNK_SIZE;
@ -89,17 +101,14 @@ static void check_and_write_chunk(void) {
    return;
  }

-  flash_wait_for_last_operation();
-  flash_clear_status_flags();
-  flash_unlock();
+  flash_enter();
  for (uint32_t i = offset / sizeof(uint32_t); i < chunk_pos / sizeof(uint32_t);
       i++) {
    flash_program_word(
        FLASH_FWHEADER_START + chunk_idx * FW_CHUNK_SIZE + i * sizeof(uint32_t),
        FW_CHUNK[i]);
  }
-  flash_wait_for_last_operation();
-  flash_lock();
+  flash_exit();

  // all done
  if (flash_len == flash_pos) {
@ -192,15 +201,11 @@ static void rx_callback(usbd_device *dev, uint8_t ep) {
      if (but) {
        erase_storage_code_progress();
        flash_state = STATE_END;
-        layoutDialog(&bmp_icon_ok, NULL, NULL, NULL, "Device",
-                     "successfully wiped.", NULL, "You may now",
-                     "unplug your Trezor.", NULL);
+        show_unplug("Device", "successfully wiped.");
        send_msg_success(dev);
      } else {
        flash_state = STATE_END;
-        layoutDialog(&bmp_icon_warning, NULL, NULL, NULL, "Device wipe",
-                     "aborted.", NULL, "You may now", "unplug your Trezor.",
-                     NULL);
+        show_unplug("Device wipe", "aborted.");
        send_msg_failure(dev);
      }
      return;
@ -236,9 +241,7 @@ static void rx_callback(usbd_device *dev, uint8_t ep) {
      } else {
        send_msg_failure(dev);
        flash_state = STATE_END;
-        layoutDialog(&bmp_icon_warning, NULL, NULL, NULL,
-                     "Firmware installation", "aborted.", NULL, "You may now",
-                     "unplug your Trezor.", NULL);
+        show_unplug("Firmware installation", "aborted.");
      }
      return;
    }
@ -258,27 +261,27 @@ static void rx_callback(usbd_device *dev, uint8_t ep) {
      if (readprotobufint(&p, &flash_len) != sectrue) {  // integer too large
        send_msg_failure(dev);
        flash_state = STATE_END;
-        show_halt("Firmware is too big.", NULL);
+        show_halt("Firmware is", "too big.");
        return;
      }
      if (flash_len <= FLASH_FWHEADER_LEN) {  // firmware is too small
        send_msg_failure(dev);
        flash_state = STATE_END;
-        show_halt("Firmware is too small.", NULL);
+        show_halt("Firmware is", "too small.");
        return;
      }
      if (flash_len >
          FLASH_FWHEADER_LEN + FLASH_APP_LEN) {  // firmware is too big
        send_msg_failure(dev);
        flash_state = STATE_END;
-        show_halt("Firmware is too big.", NULL);
+        show_halt("Firmware is", "too big.");
        return;
      }
      // check firmware magic
      if (memcmp(p, &FIRMWARE_MAGIC_NEW, 4) != 0) {
        send_msg_failure(dev);
        flash_state = STATE_END;
-        show_halt("Wrong firmware header.", NULL);
+        show_halt("Wrong firmware", "header.");
        return;
      }
      memzero(FW_HEADER, sizeof(FW_HEADER));
@ -395,9 +398,8 @@ static void rx_callback(usbd_device *dev, uint8_t ep) {
        return;
      }
    }
-    flash_wait_for_last_operation();
-    flash_clear_status_flags();
-    flash_unlock();
+
+    flash_enter();
    // write firmware header only when hash was confirmed
    if (hash_check_ok) {
      for (size_t i = 0; i < FLASH_FWHEADER_LEN / sizeof(uint32_t); i++) {
@ -409,14 +411,11 @@ static void rx_callback(usbd_device *dev, uint8_t ep) {
        flash_program_word(FLASH_FWHEADER_START + i * sizeof(uint32_t), 0);
      }
    }
-    flash_wait_for_last_operation();
-    flash_lock();
+    flash_exit();

    flash_state = STATE_END;
    if (hash_check_ok) {
-      layoutDialog(&bmp_icon_ok, NULL, NULL, NULL, "New firmware",
-                   "successfully installed.", NULL, "You may now",
-                   "unplug your Trezor.", NULL);
+      show_unplug("New firmware", "successfully installed.");
      send_msg_success(dev);
      shutdown();
    } else {
--- a/legacy/bootloader/usb_erase.h
+++ b/legacy/bootloader/usb_erase.h
@ -1,7 +1,5 @@
 static void erase_storage_code_progress(void) {
-  flash_wait_for_last_operation();
-  flash_clear_status_flags();
-  flash_unlock();
+  flash_enter();
  // erase storage area
  for (int i = FLASH_STORAGE_SECTOR_FIRST; i <= FLASH_STORAGE_SECTOR_LAST;
       i++) {
@ -17,14 +15,11 @@ static void erase_storage_code_progress(void) {
                       (FLASH_CODE_SECTOR_LAST - FLASH_STORAGE_SECTOR_FIRST));
    flash_erase_sector(i, FLASH_CR_PROGRAM_X32);
  }
-  flash_wait_for_last_operation();
-  flash_lock();
+  flash_exit();
 }

 static void erase_code_progress(void) {
-  flash_wait_for_last_operation();
-  flash_clear_status_flags();
-  flash_unlock();
+  flash_enter();
  for (int i = FLASH_CODE_SECTOR_FIRST; i <= FLASH_CODE_SECTOR_LAST; i++) {
    layoutProgress("PREPARING ... Please wait",
                   1000 * (i - FLASH_CODE_SECTOR_FIRST) /
@ -32,18 +27,14 @@ static void erase_code_progress(void) {
    flash_erase_sector(i, FLASH_CR_PROGRAM_X32);
  }
  layoutProgress("INSTALLING ... Please wait", 0);
-  flash_wait_for_last_operation();
-  flash_lock();
+  flash_exit();
 }

 static void erase_storage(void) {
-  flash_wait_for_last_operation();
-  flash_clear_status_flags();
-  flash_unlock();
+  flash_enter();
  for (int i = FLASH_STORAGE_SECTOR_FIRST; i <= FLASH_STORAGE_SECTOR_LAST;
       i++) {
    flash_erase_sector(i, FLASH_CR_PROGRAM_X32);
  }
-  flash_wait_for_last_operation();
-  flash_lock();
+  flash_exit();
 }
--- a/legacy/bootloader/version.h
+++ b/legacy/bootloader/version.h
@ -1,3 +1,7 @@
 #define VERSION_MAJOR 1
 #define VERSION_MINOR 8
 #define VERSION_PATCH 1
+
+#define VERSION_MAJOR_CHAR "\x01"
+#define VERSION_MINOR_CHAR "\x08"
+#define VERSION_PATCH_CHAR "\x01"
--- a/legacy/firmware/layout2.c
+++ b/legacy/firmware/layout2.c
@ -339,8 +339,8 @@ static void render_address_dialog(const CoinInfo *coin, const char *address,
      oledHLine(OLED_HEIGHT - 13);
    }
  }
-  layoutButtonNo(_("Cancel"));
-  layoutButtonYes(_("Confirm"));
+  layoutButtonNo(_("Cancel"), &bmp_btn_cancel);
+  layoutButtonYes(_("Confirm"), &bmp_btn_confirm);
  oledRefresh();
 }

@ -555,7 +555,7 @@ void layoutResetWord(const char *word, int pass, int word_pos, bool last) {
  // 30 is the maximum pixels used for a pixel row in the BIP39 word "abstract"
  oledSCA(4 * 9 - 3 - 2, 4 * 9 - 3 + 15 + 2, 30);
  oledInvert(0, 4 * 9 - 3 - 2, OLED_WIDTH - 1, 4 * 9 - 3 + 15 + 2);
-  layoutButtonYes(btnYes);
+  layoutButtonYes(btnYes, &bmp_btn_confirm);
  oledRefresh();
 }

@ -634,10 +634,10 @@ void layoutAddress(const char *address, const char *desc, bool qrcode,
  }

  if (!qrcode) {
-    layoutButtonNo(_("QR Code"));
+    layoutButtonNo(_("QR Code"), NULL);
  }

-  layoutButtonYes(_("Continue"));
+  layoutButtonYes(_("Continue"), &bmp_btn_confirm);
  oledRefresh();
 }

--- a/legacy/firmware/reset.c
+++ b/legacy/firmware/reset.c
@ -83,8 +83,8 @@ void reset_init(bool display_random, uint32_t _strength,
      oledDrawStringCenter(OLED_WIDTH / 2, 2 + 3 * 9, ent_str[2], FONT_FIXED);
      oledDrawStringCenter(OLED_WIDTH / 2, 2 + 4 * 9, ent_str[3], FONT_FIXED);
      oledHLine(OLED_HEIGHT - 13);
-      layoutButtonNo(_("Cancel"));
-      layoutButtonYes(_("Continue"));
+      layoutButtonNo(_("Cancel"), &bmp_btn_cancel);
+      layoutButtonYes(_("Continue"), &bmp_btn_confirm);
      // 40 is the maximum pixels used for a row
      oledSCA(2 + 1 * 9, 2 + 1 * 9 + 6, 40);
      oledSCA(2 + 2 * 9, 2 + 2 * 9 + 6, 40);
--- a/legacy/firmware/stellar.c
+++ b/legacy/firmware/stellar.c
@ -1792,13 +1792,7 @@ void stellar_layoutSigningDialog(const char *line1, const char *line2,
  offset_y += line_height;

  // Cancel button
-  oledDrawString(1, OLED_HEIGHT - 8, "\x15", FONT_STANDARD);
-  oledDrawString(fontCharWidth(FONT_STANDARD, '\x15') + 3, OLED_HEIGHT - 8,
-                 "Cancel", FONT_STANDARD);
-  oledInvert(0, OLED_HEIGHT - 9,
-             fontCharWidth(FONT_STANDARD, '\x15') +
-                 oledStringWidth("Cancel", FONT_STANDARD) + 2,
-             OLED_HEIGHT - 1);
+  layoutButtonNo("Cancel", &bmp_btn_cancel);

  // Warnings (drawn centered between the buttons
  if (warning) {
@ -1814,14 +1808,7 @@ void stellar_layoutSigningDialog(const char *line1, const char *line2,
    strlcpy(str_next_label, _("Next"), sizeof(str_next_label));
  }

-  oledDrawString(OLED_WIDTH - fontCharWidth(FONT_STANDARD, '\x06') - 1,
-                 OLED_HEIGHT - 8, "\x06", FONT_STANDARD);
-  oledDrawString(OLED_WIDTH - oledStringWidth(str_next_label, FONT_STANDARD) -
-                     fontCharWidth(FONT_STANDARD, '\x06') - 3,
-                 OLED_HEIGHT - 8, str_next_label, FONT_STANDARD);
-  oledInvert(OLED_WIDTH - oledStringWidth(str_next_label, FONT_STANDARD) -
-                 fontCharWidth(FONT_STANDARD, '\x06') - 4,
-             OLED_HEIGHT - 9, OLED_WIDTH - 1, OLED_HEIGHT - 1);
+  layoutButtonYes(str_next_label, &bmp_btn_confirm);

  oledRefresh();
 }
--- a/legacy/gen/bitmaps.c
+++ b/legacy/gen/bitmaps.c
@ -1,6 +1,8 @@
 // clang-format off
 #include "bitmaps.h"

+const uint8_t bmp_btn_cancel_data[] = { 0x44, 0xee, 0x7c, 0x38, 0x7c, 0xee, 0x44, 0x00, };
+const uint8_t bmp_btn_confirm_data[] = { 0x02, 0x04, 0x08, 0xd8, 0xf0, 0x60, 0x20, 0x00, };
 const uint8_t bmp_digit0_data[] = { 0xff, 0xff, 0xf8, 0x1f, 0xf0, 0x0f, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xe1, 0x87, 0xf0, 0x0f, 0xf8, 0x1f, 0xff, 0xff, };
 const uint8_t bmp_digit1_data[] = { 0xff, 0xff, 0xfc, 0x3f, 0xf8, 0x3f, 0xf0, 0x3f, 0xf0, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xfc, 0x3f, 0xff, 0xff, };
 const uint8_t bmp_digit2_data[] = { 0xff, 0xff, 0xe0, 0x1f, 0xe0, 0x0f, 0xff, 0x87, 0xff, 0x87, 0xff, 0x87, 0xff, 0x87, 0xf8, 0x0f, 0xf0, 0x1f, 0xe1, 0xff, 0xe1, 0xff, 0xe1, 0xff, 0xe1, 0xff, 0xe0, 0x07, 0xe0, 0x07, 0xff, 0xff, };
@ -26,6 +28,8 @@ const uint8_t bmp_logo64_data[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x
 const uint8_t bmp_logo64_empty_data[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0f, 0xf0, 0x00, 0x00, 0x00, 0x00, 0x70, 0x0e, 0x00, 0x00, 0x00, 0x00, 0x80, 0x01, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0xc0, 0x00, 0x00, 0x04, 0x00, 0x00, 0x20, 0x00, 0x00, 0x08, 0x00, 0x00, 0x10, 0x00, 0x00, 0x08, 0x07, 0xe0, 0x10, 0x00, 0x00, 0x10, 0x08, 0x10, 0x08, 0x00, 0x00, 0x20, 0x10, 0x08, 0x04, 0x00, 0x00, 0x20, 0x20, 0x04, 0x04, 0x00, 0x00, 0x20, 0x40, 0x02, 0x04, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x00, 0x40, 0x80, 0x01, 0x02, 0x00, 0x1f, 0xc0, 0xff, 0xff, 0x03, 0xf8, 0x10, 0x00, 0x00, 0x00, 0x00, 0x08, 0x10, 0x00, 0x00, 0x00, 0x00, 0x08, 0x10, 0x00, 0x00, 0x00, 0x00, 0x08, 0x10, 0x00, 0x00, 0x00, 0x00, 0x08, 0x10, 0x00, 0x00, 0x00, 0x00, 0x08, 0x10, 0x3f, 0xff, 0xff, 0xfc, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x20, 0x00, 0x00, 0x04, 0x08, 0x10, 0x18, 0x00, 0x00, 0x18, 0x08, 0x10, 0x06, 0x00, 0x00, 0x60, 0x08, 0x10, 0x01, 0x80, 0x01, 0x80, 0x08, 0x10, 0x00, 0x60, 0x06, 0x00, 0x08, 0x18, 0x00, 0x18, 0x18, 0x00, 0x18, 0x06, 0x00, 0x06, 0x60, 0x00, 0x60, 0x01, 0x80, 0x01, 0x80, 0x01, 0x80, 0x00, 0x60, 0x00, 0x00, 0x06, 0x00, 0x00, 0x18, 0x00, 0x00, 0x18, 0x00, 0x00, 0x06, 0x00, 0x00, 0x60, 0x00, 0x00, 0x01, 0x80, 0x01, 0x80, 0x00, 0x00, 0x00, 0x60, 0x06, 0x00, 0x00, 0x00, 0x00, 0x18, 0x18, 0x00, 0x00, 0x00, 0x00, 0x06, 0x60, 0x00, 0x00, 0x00, 0x00, 0x01, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, };
 const uint8_t bmp_webauthn_data[] = { 0x00, 0x00, 0x1f, 0x80, 0x00, 0x00, 0x7f, 0xe0, 0x00, 0x01, 0xff, 0xf8, 0x00, 0x03, 0xfe, 0x1c, 0x00, 0x03, 0xfc, 0x0c, 0x00, 0x07, 0xf8, 0x06, 0x00, 0x07, 0xf8, 0x06, 0x00, 0x0f, 0xf8, 0x06, 0x00, 0x0f, 0xf8, 0x07, 0x00, 0x0f, 0xfc, 0x0f, 0x00, 0x0f, 0xfe, 0x1f, 0x00, 0x0f, 0xff, 0xff, 0x00, 0x0f, 0xff, 0xff, 0x00, 0x07, 0xff, 0xfe, 0x00, 0x0f, 0xff, 0xfe, 0x00, 0x1f, 0xff, 0xfc, 0x00, 0x3f, 0xff, 0xfc, 0x00, 0x7f, 0xff, 0xf8, 0x00, 0xff, 0xff, 0xe0, 0x01, 0xff, 0xdf, 0x80, 0x03, 0xff, 0x80, 0x00, 0x07, 0xff, 0x00, 0x00, 0x0f, 0xfe, 0x00, 0x00, 0x1f, 0xfc, 0x00, 0x00, 0x3f, 0xf8, 0x00, 0x00, 0x7f, 0x80, 0x00, 0x00, 0xff, 0x80, 0x00, 0x00, 0xff, 0x80, 0x00, 0x00, 0xfc, 0x00, 0x00, 0x00, 0xfc, 0x00, 0x00, 0x00, 0xfc, 0x00, 0x00, 0x00, 0xfc, 0x00, 0x00, 0x00, };

+const BITMAP bmp_btn_cancel = {8, 8, bmp_btn_cancel_data};
+const BITMAP bmp_btn_confirm = {8, 8, bmp_btn_confirm_data};
 const BITMAP bmp_digit0 = {16, 16, bmp_digit0_data};
 const BITMAP bmp_digit1 = {16, 16, bmp_digit1_data};
 const BITMAP bmp_digit2 = {16, 16, bmp_digit2_data};
--- a/legacy/gen/bitmaps.h
+++ b/legacy/gen/bitmaps.h
@ -8,6 +8,8 @@ typedef struct {
  const uint8_t *data;
 } BITMAP;

+extern const BITMAP bmp_btn_cancel;
+extern const BITMAP bmp_btn_confirm;
 extern const BITMAP bmp_digit0;
 extern const BITMAP bmp_digit1;
 extern const BITMAP bmp_digit2;
--- a/legacy/gen/bitmaps/btn_cancel.png
+++ b/legacy/gen/bitmaps/btn_cancel.png
--- a/legacy/gen/bitmaps/btn_confirm.png
+++ b/legacy/gen/bitmaps/btn_confirm.png
--- a/legacy/gen/font.inc
+++ b/legacy/gen/font.inc
@ -1,35 +1,3 @@
-	/* 0x00 _ */ (uint8_t *)"\x01\x00",
-	/* 0x01 _ */ (uint8_t *)"\x01\x00",
-	/* 0x02 _ */ (uint8_t *)"\x01\x00",
-	/* 0x03 _ */ (uint8_t *)"\x01\x00",
-	/* 0x04 _ */ (uint8_t *)"\x01\x00",
-	/* 0x05 _ */ (uint8_t *)"\x01\x00",
-	/* 0x06 _ */ (uint8_t *)"\x07\x18\x1c\x0e\x18\x30\x40\x80",
-	/* 0x07 _ */ (uint8_t *)"\x01\x00",
-	/* 0x08 _ */ (uint8_t *)"\x01\x00",
-	/* 0x09 _ */ (uint8_t *)"\x01\x00",
-	/* 0x0a _ */ (uint8_t *)"\x01\x00",
-	/* 0x0b _ */ (uint8_t *)"\x01\x00",
-	/* 0x0c _ */ (uint8_t *)"\x01\x00",
-	/* 0x0d _ */ (uint8_t *)"\x01\x00",
-	/* 0x0e _ */ (uint8_t *)"\x01\x00",
-	/* 0x0f _ */ (uint8_t *)"\x01\x00",
-	/* 0x10 _ */ (uint8_t *)"\x01\x00",
-	/* 0x11 _ */ (uint8_t *)"\x01\x00",
-	/* 0x12 _ */ (uint8_t *)"\x01\x00",
-	/* 0x13 _ */ (uint8_t *)"\x01\x00",
-	/* 0x14 _ */ (uint8_t *)"\x01\x00",
-	/* 0x15 _ */ (uint8_t *)"\x07\x44\xee\x7c\x38\x7c\xee\x44",
-	/* 0x16 _ */ (uint8_t *)"\x01\x00",
-	/* 0x17 _ */ (uint8_t *)"\x01\x00",
-	/* 0x18 _ */ (uint8_t *)"\x01\x00",
-	/* 0x19 _ */ (uint8_t *)"\x01\x00",
-	/* 0x1a _ */ (uint8_t *)"\x01\x00",
-	/* 0x1b _ */ (uint8_t *)"\x01\x00",
-	/* 0x1c _ */ (uint8_t *)"\x01\x00",
-	/* 0x1d _ */ (uint8_t *)"\x01\x00",
-	/* 0x1e _ */ (uint8_t *)"\x01\x00",
-	/* 0x1f _ */ (uint8_t *)"\x01\x00",
 	/* 0x20   */ (uint8_t *)"\x01\x00",
 	/* 0x21 ! */ (uint8_t *)"\x02\xfa\xfa",
 	/* 0x22 " */ (uint8_t *)"\x03\xc0\x00\xc0",
--- a/legacy/gen/fontfixed.inc
+++ b/legacy/gen/fontfixed.inc
@ -1,35 +1,3 @@
-	/* 0x00 _ */ (uint8_t *)"\x01\x00",
-	/* 0x01 _ */ (uint8_t *)"\x01\x00",
-	/* 0x02 _ */ (uint8_t *)"\x01\x00",
-	/* 0x03 _ */ (uint8_t *)"\x01\x00",
-	/* 0x04 _ */ (uint8_t *)"\x01\x00",
-	/* 0x05 _ */ (uint8_t *)"\x01\x00",
-	/* 0x06 _ */ (uint8_t *)"\x07\x18\x1c\x0e\x18\x30\x40\x80",
-	/* 0x07 _ */ (uint8_t *)"\x01\x00",
-	/* 0x08 _ */ (uint8_t *)"\x01\x00",
-	/* 0x09 _ */ (uint8_t *)"\x01\x00",
-	/* 0x0a _ */ (uint8_t *)"\x01\x00",
-	/* 0x0b _ */ (uint8_t *)"\x01\x00",
-	/* 0x0c _ */ (uint8_t *)"\x01\x00",
-	/* 0x0d _ */ (uint8_t *)"\x01\x00",
-	/* 0x0e _ */ (uint8_t *)"\x01\x00",
-	/* 0x0f _ */ (uint8_t *)"\x01\x00",
-	/* 0x10 _ */ (uint8_t *)"\x01\x00",
-	/* 0x11 _ */ (uint8_t *)"\x01\x00",
-	/* 0x12 _ */ (uint8_t *)"\x01\x00",
-	/* 0x13 _ */ (uint8_t *)"\x01\x00",
-	/* 0x14 _ */ (uint8_t *)"\x01\x00",
-	/* 0x15 _ */ (uint8_t *)"\x07\x44\xee\x7c\x38\x7c\xee\x44",
-	/* 0x16 _ */ (uint8_t *)"\x01\x00",
-	/* 0x17 _ */ (uint8_t *)"\x01\x00",
-	/* 0x18 _ */ (uint8_t *)"\x01\x00",
-	/* 0x19 _ */ (uint8_t *)"\x01\x00",
-	/* 0x1a _ */ (uint8_t *)"\x01\x00",
-	/* 0x1b _ */ (uint8_t *)"\x01\x00",
-	/* 0x1c _ */ (uint8_t *)"\x01\x00",
-	/* 0x1d _ */ (uint8_t *)"\x01\x00",
-	/* 0x1e _ */ (uint8_t *)"\x01\x00",
-	/* 0x1f _ */ (uint8_t *)"\x01\x00",
 	/* 0x20   */ (uint8_t *)"\x01\x00",
 	/* 0x21 ! */ (uint8_t *)"\x03\x60\xfa\x60",
 	/* 0x22 " */ (uint8_t *)"\x05\x00\xe0\x00\xe0\x00",
--- a/legacy/gen/fonts.c
+++ b/legacy/gen/fonts.c
@ -1,16 +1,21 @@
 #include "fonts.h"

-const uint8_t *const font_data[2][128] = {
+const uint8_t *const font_data[FONTS][128 - 32] = {
    {
 #include "font.inc"
    },
+#ifndef FONT_SKIP_FIXED
    {
 #include "fontfixed.inc"
    },
+#endif
 };

-int fontCharWidth(int font, uint8_t c) { return font_data[font][c & 0x7f][0]; }
+int fontCharWidth(uint8_t font, uint8_t c) {
+  return (c < 0x20 || c >= 0x80) ? 0 : font_data[font % FONTS][c - 32][0];
+}

-const uint8_t *fontCharData(int font, uint8_t c) {
-  return font_data[font][c & 0x7f] + 1;
+const uint8_t *fontCharData(uint8_t font, uint8_t c) {
+  return (c < 0x20 || c >= 0x80) ? (const uint8_t *)""
+                                 : font_data[font % FONTS][c - 32] + 1;
 }
--- a/legacy/gen/fonts.h
+++ b/legacy/gen/fonts.h
@ -5,12 +5,19 @@

 #define FONT_HEIGHT 8
 #define FONT_STANDARD 0
+
+#ifndef FONT_SKIP_FIXED
 #define FONT_FIXED 1
+#define FONTS 2
+#else
+#define FONTS 1
+#endif
+
 #define FONT_DOUBLE 0x80

-extern const uint8_t *const font_data[2][128];
+extern const uint8_t *const font_data[FONTS][128 - 32];

-int fontCharWidth(int font, uint8_t c);
-const uint8_t *fontCharData(int font, uint8_t c);
+int fontCharWidth(uint8_t font, uint8_t c);
+const uint8_t *fontCharData(uint8_t font, uint8_t c);

 #endif
--- a/legacy/gen/fonts/font.png
+++ b/legacy/gen/fonts/font.png
--- a/legacy/gen/fonts/fontfixed.png
+++ b/legacy/gen/fonts/fontfixed.png
--- a/legacy/gen/fonts/generate.py
+++ b/legacy/gen/fonts/generate.py
@ -23,7 +23,7 @@ def convert(imgfile, outfile):
    img = Img(imgfile)
    cur = ""
    with open(outfile, "w") as f:
-        for i in range(128):
+        for i in range(128 - 32):
            x = (i % 16) * 10
            y = (i // 16) * 10
            cur = ""
@ -32,7 +32,8 @@ def convert(imgfile, outfile):
                x += 1
                cur += "\\x%02x" % int(val, 2)
            cur = "\\x%02x" % (len(cur) // 4) + cur
-            ch = chr(i) if i >= 32 and i <= 126 else "_"
+            i += 32
+            ch = "_" if (i == 127) else chr(i)
            f.write('\t/* 0x%02x %c */ (uint8_t *)"%s",\n' % (i, ch, cur))


--- a/legacy/layout.c
+++ b/legacy/layout.c
@ -22,24 +22,29 @@
 #include "layout.h"
 #include "oled.h"

-void layoutButtonNo(const char *btnNo) {
-  oledDrawString(1, OLED_HEIGHT - 8, "\x15", FONT_STANDARD);
-  oledDrawString(fontCharWidth(FONT_STANDARD, '\x15') + 3, OLED_HEIGHT - 8,
-                 btnNo, FONT_STANDARD);
+void layoutButtonNo(const char *btnNo, const BITMAP *icon) {
+  int icon_width = 0;
+  if (icon) {
+    oledDrawBitmap(1, OLED_HEIGHT - 8, icon);
+    icon_width = icon->width;
+  }
+  oledDrawString(8 + 3, OLED_HEIGHT - icon_width, btnNo, FONT_STANDARD);
  oledInvert(0, OLED_HEIGHT - 9,
-             fontCharWidth(FONT_STANDARD, '\x15') +
-                 oledStringWidth(btnNo, FONT_STANDARD) + 2,
+             icon_width + oledStringWidth(btnNo, FONT_STANDARD) + 2,
             OLED_HEIGHT - 1);
 }

-void layoutButtonYes(const char *btnYes) {
-  oledDrawString(OLED_WIDTH - fontCharWidth(FONT_STANDARD, '\x06') - 1,
-                 OLED_HEIGHT - 8, "\x06", FONT_STANDARD);
-  oledDrawStringRight(OLED_WIDTH - fontCharWidth(FONT_STANDARD, '\x06') - 3,
-                      OLED_HEIGHT - 8, btnYes, FONT_STANDARD);
-  oledInvert(OLED_WIDTH - oledStringWidth(btnYes, FONT_STANDARD) -
-                 fontCharWidth(FONT_STANDARD, '\x06') - 4,
-             OLED_HEIGHT - 9, OLED_WIDTH - 1, OLED_HEIGHT - 1);
+void layoutButtonYes(const char *btnYes, const BITMAP *icon) {
+  int icon_width = 0;
+  if (icon) {
+    oledDrawBitmap(OLED_WIDTH - 8 - 1, OLED_HEIGHT - 8, icon);
+    icon_width = icon->width;
+  }
+  oledDrawStringRight(OLED_WIDTH - icon_width - 3, OLED_HEIGHT - 8, btnYes,
+                      FONT_STANDARD);
+  oledInvert(
+      OLED_WIDTH - oledStringWidth(btnYes, FONT_STANDARD) - icon_width - 4,
+      OLED_HEIGHT - 9, OLED_WIDTH - 1, OLED_HEIGHT - 1);
 }

 void layoutDialog(const BITMAP *icon, const char *btnNo, const char *btnYes,
@ -70,10 +75,10 @@ void layoutDialog(const BITMAP *icon, const char *btnNo, const char *btnYes,
    }
  }
  if (btnNo) {
-    layoutButtonNo(btnNo);
+    layoutButtonNo(btnNo, &bmp_btn_cancel);
  }
  if (btnYes) {
-    layoutButtonYes(btnYes);
+    layoutButtonYes(btnYes, &bmp_btn_confirm);
  }
  oledRefresh();
 }
--- a/legacy/layout.h
+++ b/legacy/layout.h
@ -24,8 +24,8 @@
 #include <stdlib.h>
 #include "bitmaps.h"

-void layoutButtonNo(const char *btnNo);
-void layoutButtonYes(const char *btnYes);
+void layoutButtonNo(const char *btnNo, const BITMAP *icon);
+void layoutButtonYes(const char *btnYes, const BITMAP *icon);
 void layoutDialog(const BITMAP *icon, const char *btnNo, const char *btnYes,
                  const char *desc, const char *line1, const char *line2,
                  const char *line3, const char *line4, const char *line5,
--- a/legacy/oled.c
+++ b/legacy/oled.c
@ -241,7 +241,7 @@ void oledSetBuffer(uint8_t *buf) {
  memcpy(_oledbuffer, buf, sizeof(_oledbuffer));
 }

-void oledDrawChar(int x, int y, char c, int font) {
+void oledDrawChar(int x, int y, char c, uint8_t font) {
  if (x >= OLED_WIDTH || y >= OLED_HEIGHT || y <= -FONT_HEIGHT) {
    return;
  }
@ -304,7 +304,7 @@ static uint8_t convert_char(const char a) {
  return 0;
 }

-int oledStringWidth(const char *text, int font) {
+int oledStringWidth(const char *text, uint8_t font) {
  if (!text) return 0;
  int space = (font & FONT_DOUBLE) ? 2 : 1;
  int l = 0;
@ -317,7 +317,7 @@ int oledStringWidth(const char *text, int font) {
  return l;
 }

-void oledDrawString(int x, int y, const char *text, int font) {
+void oledDrawString(int x, int y, const char *text, uint8_t font) {
  if (!text) return;
  int l = 0;
  int space = (font & FONT_DOUBLE) ? 2 : 1;
@ -330,12 +330,12 @@ void oledDrawString(int x, int y, const char *text, int font) {
  }
 }

-void oledDrawStringCenter(int x, int y, const char *text, int font) {
+void oledDrawStringCenter(int x, int y, const char *text, uint8_t font) {
  x = x - oledStringWidth(text, font) / 2;
  oledDrawString(x, y, text, font);
 }

-void oledDrawStringRight(int x, int y, const char *text, int font) {
+void oledDrawStringRight(int x, int y, const char *text, uint8_t font) {
  x -= oledStringWidth(text, font);
  oledDrawString(x, y, text, font);
 }
--- a/legacy/oled.h
+++ b/legacy/oled.h
@ -43,12 +43,11 @@ bool oledGetPixel(int x, int y);
 void oledDrawPixel(int x, int y);
 void oledClearPixel(int x, int y);
 void oledInvertPixel(int x, int y);
-void oledDrawChar(int x, int y, char c, int zoom);
-int oledStringWidth(const char *text, int font);
-
-void oledDrawString(int x, int y, const char *text, int font);
-void oledDrawStringCenter(int x, int y, const char *text, int font);
-void oledDrawStringRight(int x, int y, const char *text, int font);
+void oledDrawChar(int x, int y, char c, uint8_t font);
+int oledStringWidth(const char *text, uint8_t font);
+void oledDrawString(int x, int y, const char *text, uint8_t font);
+void oledDrawStringCenter(int x, int y, const char *text, uint8_t font);
+void oledDrawStringRight(int x, int y, const char *text, uint8_t font);
 void oledDrawBitmap(int x, int y, const BITMAP *bmp);
 void oledInvert(int x1, int y1, int x2, int y2);
 void oledBox(int x1, int y1, int x2, int y2, bool set);
--- a/python/src/trezorlib/eos.py
+++ b/python/src/trezorlib/eos.py
@ -144,7 +144,7 @@ def parse_sell_ram(data):

 def parse_delegate(data):
    return messages.EosActionDelegate(
-        sender=name_to_number(data["sender"]),
+        sender=name_to_number(data["from"]),
        receiver=name_to_number(data["receiver"]),
        net_quantity=parse_asset(data["stake_net_quantity"]),
        cpu_quantity=parse_asset(data["stake_cpu_quantity"]),
@ -154,7 +154,7 @@ def parse_delegate(data):

 def parse_undelegate(data):
    return messages.EosActionUndelegate(
-        sender=name_to_number(data["sender"]),
+        sender=name_to_number(data["from"]),
        receiver=name_to_number(data["receiver"]),
        net_quantity=parse_asset(data["unstake_net_quantity"]),
        cpu_quantity=parse_asset(data["unstake_cpu_quantity"]),
--- a/tests/fido_tests/libfido2/.gitignore
+++ b/tests/fido_tests/libfido2/.gitignore
@ -0,0 +1,5 @@
+assert_param
+cred
+cred_param
+hmac_assert
+pubkey
--- a/tests/fido_tests/libfido2/cred-assert.sh
+++ b/tests/fido_tests/libfido2/cred-assert.sh
@ -0,0 +1,22 @@
+DEVICE=$(fido2-token -L | cut -d : -f 1)
+
+if [ -z "$DEVICE" ] ; then
+  echo "No FIDO2 token found"
+  exit 1
+fi
+
+# taken from fido2-cred manpage
+
+echo credential challenge | openssl sha256 -binary | base64 > cred_param
+echo relying party >> cred_param
+echo user name >> cred_param
+dd if=/dev/urandom bs=1 count=32 | base64 >> cred_param
+fido2-cred -M -i cred_param "$DEVICE" | fido2-cred -V -o cred
+
+# taken from fido2-assert manpage
+
+echo assertion challenge | openssl sha256 -binary | base64 > assert_param
+echo relying party >> assert_param
+head -1 cred >> assert_param
+tail -n +2 cred > pubkey
+fido2-assert -G -i assert_param "$DEVICE" | fido2-assert -V pubkey es256
--- a/tests/fido_tests/libfido2/hmac-secret.sh
+++ b/tests/fido_tests/libfido2/hmac-secret.sh
@ -0,0 +1,25 @@
+DEVICE=$(fido2-token -L | cut -d : -f 1)
+
+if [ -z "$DEVICE" ] ; then
+  echo "No FIDO2 token found"
+  exit 1
+fi
+
+# taken from https://github.com/Yubico/libfido2/issues/58
+
+echo credential challenge | openssl sha256 -binary | base64 > cred_param
+echo relying party >> cred_param
+echo user name >> cred_param
+dd if=/dev/urandom bs=1 count=32 | base64 >> cred_param
+fido2-cred -M -h -i cred_param "$DEVICE" | fido2-cred -V -h -o cred
+
+# taken from https://github.com/Yubico/libfido2/issues/58
+
+echo assertion challenge | openssl sha256 -binary | base64 > assert_param
+echo relying party >> assert_param
+head -1 cred >> assert_param
+tail -n +2 cred > pubkey
+dd if=/dev/urandom bs=1 count=64 | base64 -w0 >> assert_param  # hmac salt
+fido2-assert -G -h -i assert_param "$DEVICE" > hmac_assert
+fido2-assert -V -h -i hmac_assert pubkey es256
+tail -1 hmac_assert | base64 -d | xxd  # hmac secret