diff --git a/shell.nix b/shell.nix index 48e833828..fc41147d3 100644 --- a/shell.nix +++ b/shell.nix @@ -1,7 +1,7 @@ with import {}; let - myPython = python3.withPackages(ps: [ps.trezor ps.pytest ps.flake8 ps.isort ps.black ps.Mako ps.munch ps.Pyro4]); + myPython = python3.withPackages(ps: [ps.trezor ps.pytest ps.flake8 ps.isort ps.black ps.Mako ps.munch ps.Pyro4 ps.pillow]); in stdenv.mkDerivation { name = "trezor-core-dev"; diff --git a/src/apps/fido_u2f/knownapps.py b/src/apps/fido_u2f/knownapps.py deleted file mode 100644 index 65e2c2981..000000000 --- a/src/apps/fido_u2f/knownapps.py +++ /dev/null @@ -1,25 +0,0 @@ -from trezor.crypto import hashlib - -knownapps = { - hashlib.sha256( - b"https://account.gandi.net/api/u2f/trusted_facets.json" - ).digest(): "Gandi", - hashlib.sha256(b"https://api-9dcf9b83.duosecurity.com").digest(): "Duo", - hashlib.sha256(b"https://bitbucket.org").digest(): "Bitbucket", - hashlib.sha256(b"https://dashboard.stripe.com").digest(): "Stripe", - hashlib.sha256(b"https://demo.yubico.com").digest(): "Yubico U2F Demo", - hashlib.sha256(b"https://github.com/u2f/trusted_facets").digest(): "GitHub", - hashlib.sha256(b"https://gitlab.com").digest(): "GitLab", - hashlib.sha256(b"https://keepersecurity.com").digest(): "Keeper", - hashlib.sha256( - b"https://slushpool.com/static/security/u2f.json" - ).digest(): "Slush Pool", - hashlib.sha256(b"https://u2f.bin.coffee").digest(): "u2f.bin.coffee", - hashlib.sha256(b"https://vault.bitwarden.com/app-id.json").digest(): "Bitwarden", - hashlib.sha256(b"https://www.bitfinex.com").digest(): "Bitfinex", - hashlib.sha256(b"https://www.dropbox.com/u2f-app-id.json").digest(): "Dropbox", - hashlib.sha256(b"https://www.fastmail.com").digest(): "FastMail", - hashlib.sha256( - b"https://www.gstatic.com/securitykey/origins.json" - ).digest(): "Google", -} diff --git a/src/apps/fido_u2f/res/u2f_bitbucket.toif b/src/apps/fido_u2f/res/u2f_bitbucket.toif deleted file mode 100644 index 85bac589b..000000000 Binary files a/src/apps/fido_u2f/res/u2f_bitbucket.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_bitfinex.toif b/src/apps/fido_u2f/res/u2f_bitfinex.toif deleted file mode 100644 index 8359da4db..000000000 Binary files a/src/apps/fido_u2f/res/u2f_bitfinex.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_bitwarden.toif b/src/apps/fido_u2f/res/u2f_bitwarden.toif deleted file mode 100644 index c91ccdcac..000000000 Binary files a/src/apps/fido_u2f/res/u2f_bitwarden.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_dropbox.toif b/src/apps/fido_u2f/res/u2f_dropbox.toif deleted file mode 100644 index 2fe2e2a4e..000000000 Binary files a/src/apps/fido_u2f/res/u2f_dropbox.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_duo.toif b/src/apps/fido_u2f/res/u2f_duo.toif deleted file mode 100644 index 61a841427..000000000 Binary files a/src/apps/fido_u2f/res/u2f_duo.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_fastmail.toif b/src/apps/fido_u2f/res/u2f_fastmail.toif deleted file mode 100644 index 360833851..000000000 Binary files a/src/apps/fido_u2f/res/u2f_fastmail.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_gandi.toif b/src/apps/fido_u2f/res/u2f_gandi.toif deleted file mode 100644 index f0a1c521a..000000000 Binary files a/src/apps/fido_u2f/res/u2f_gandi.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_generic.toif b/src/apps/fido_u2f/res/u2f_generic.toif deleted file mode 100644 index ccd0130fe..000000000 Binary files a/src/apps/fido_u2f/res/u2f_generic.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_github.toif b/src/apps/fido_u2f/res/u2f_github.toif deleted file mode 100644 index d9a6e8e31..000000000 Binary files a/src/apps/fido_u2f/res/u2f_github.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_gitlab.toif b/src/apps/fido_u2f/res/u2f_gitlab.toif deleted file mode 100644 index 6c79010cc..000000000 Binary files a/src/apps/fido_u2f/res/u2f_gitlab.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_google.toif b/src/apps/fido_u2f/res/u2f_google.toif deleted file mode 100644 index b69d5861d..000000000 Binary files a/src/apps/fido_u2f/res/u2f_google.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_keeper.toif b/src/apps/fido_u2f/res/u2f_keeper.toif deleted file mode 100644 index 46b79c490..000000000 Binary files a/src/apps/fido_u2f/res/u2f_keeper.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_slush_pool.toif b/src/apps/fido_u2f/res/u2f_slush_pool.toif deleted file mode 100644 index ab6a036ce..000000000 Binary files a/src/apps/fido_u2f/res/u2f_slush_pool.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_stripe.toif b/src/apps/fido_u2f/res/u2f_stripe.toif deleted file mode 100644 index a069c28d3..000000000 Binary files a/src/apps/fido_u2f/res/u2f_stripe.toif and /dev/null differ diff --git a/src/apps/fido_u2f/res/u2f_yubico_u2f_demo.toif b/src/apps/fido_u2f/res/u2f_yubico_u2f_demo.toif deleted file mode 100644 index d9fac9a20..000000000 Binary files a/src/apps/fido_u2f/res/u2f_yubico_u2f_demo.toif and /dev/null differ diff --git a/src/apps/fido_u2f/__init__.py b/src/apps/webauthn/__init__.py similarity index 98% rename from src/apps/fido_u2f/__init__.py rename to src/apps/webauthn/__init__.py index 1825a3d25..dc321bd01 100644 --- a/src/apps/fido_u2f/__init__.py +++ b/src/apps/webauthn/__init__.py @@ -379,8 +379,8 @@ class ConfirmState: @ui.layout async def confirm_layout(self) -> None: - workflow.fido_u2f_stop_signal.reset() - await loop.spawn(self.confirm_layout_inner(), workflow.fido_u2f_stop_signal) + workflow.webauthn_stop_signal.reset() + await loop.spawn(self.confirm_layout_inner(), workflow.webauthn_stop_signal) async def confirm_layout_inner(self) -> None: from trezor.ui.confirm import ConfirmDialog, CONFIRMED @@ -413,15 +413,15 @@ class ConfirmContent(ui.Widget): def boot(self) -> None: from ubinascii import hexlify from trezor import res - from apps.fido_u2f import knownapps + from apps.webauthn import knownapps if self.app_id in knownapps.knownapps: name = knownapps.knownapps[self.app_id] try: namepart = name.lower().replace(" ", "_") - icon = res.load("apps/fido_u2f/res/u2f_%s.toif" % namepart) + icon = res.load("apps/webauthn/res/icon_%s.toif" % namepart) except Exception as e: - icon = res.load("apps/fido_u2f/res/u2f_generic.toif") + icon = res.load("apps/webauthn/res/icon_generic.toif") if __debug__: log.exception(__name__, e) else: @@ -429,7 +429,7 @@ class ConfirmContent(ui.Widget): hexlify(self.app_id[:4]).decode(), hexlify(self.app_id[-4:]).decode(), ) - icon = res.load("apps/fido_u2f/res/u2f_generic.toif") + icon = res.load("apps/webauthn/res/icon_generic.toif") self.app_name = name self.app_icon = icon diff --git a/src/apps/webauthn/knownapps.py b/src/apps/webauthn/knownapps.py new file mode 100644 index 000000000..f32a26edf --- /dev/null +++ b/src/apps/webauthn/knownapps.py @@ -0,0 +1,34 @@ +from trezor.crypto.hashlib import sha256 + +# contents generated via script in +# trezor-common/defs/webauthn/gen.py +# do not edit manually + +_knownapps = { + # U2F + "https://bitbucket.org": "Bitbucket", + "https://www.bitfinex.com": "Bitfinex", + "https://vault.bitwarden.com/app-id.json": "Bitwarden", + "https://www.dashlane.com": "Dashlane", + "https://www.dropbox.com/u2f-app-id.json": "Dropbox", + "https://api-9dcf9b83.duosecurity.com": "Duo", + "https://www.fastmail.com": "FastMail", + "https://id.fedoraproject.org/u2f-origins.json": "Fedora", + "https://account.gandi.net/api/u2f/trusted_facets.json": "Gandi", + "https://github.com/u2f/trusted_facets": "GitHub", + "https://gitlab.com": "GitLab", + "https://www.gstatic.com/securitykey/origins.json": "Google", + "https://keepersecurity.com": "Keeper", + "https://lastpass.com": "LastPass", + "https://slushpool.com/static/security/u2f.json": "Slush Pool", + "https://dashboard.stripe.com": "Stripe", + "https://u2f.bin.coffee": "u2f.bin.coffee", + # WebAuthn + "www.dropbox.com": "Dropbox", + "webauthn.bin.coffee": "webauthn.bin.coffee", + "webauthn.io": "WebAuthn.io", + "webauthn.me": "WebAuthn.me", + "demo.yubico.com": "demo.yubico.com", +} + +knownapps = {sha256(k).digest(): v for (k, v) in _knownapps.items()} diff --git a/src/apps/webauthn/res/icon_bitbucket.toif b/src/apps/webauthn/res/icon_bitbucket.toif new file mode 100644 index 000000000..c4cce921b Binary files /dev/null and b/src/apps/webauthn/res/icon_bitbucket.toif differ diff --git a/src/apps/webauthn/res/icon_bitfinex.toif b/src/apps/webauthn/res/icon_bitfinex.toif new file mode 100644 index 000000000..d86c16dc0 Binary files /dev/null and b/src/apps/webauthn/res/icon_bitfinex.toif differ diff --git a/src/apps/webauthn/res/icon_dashlane.toif b/src/apps/webauthn/res/icon_dashlane.toif new file mode 100644 index 000000000..cdace4d4a Binary files /dev/null and b/src/apps/webauthn/res/icon_dashlane.toif differ diff --git a/src/apps/webauthn/res/icon_dropbox.toif b/src/apps/webauthn/res/icon_dropbox.toif new file mode 100644 index 000000000..a284d1b58 Binary files /dev/null and b/src/apps/webauthn/res/icon_dropbox.toif differ diff --git a/src/apps/webauthn/res/icon_duo.toif b/src/apps/webauthn/res/icon_duo.toif new file mode 100644 index 000000000..613a16e9e Binary files /dev/null and b/src/apps/webauthn/res/icon_duo.toif differ diff --git a/src/apps/webauthn/res/icon_fastmail.toif b/src/apps/webauthn/res/icon_fastmail.toif new file mode 100644 index 000000000..6cf90f003 Binary files /dev/null and b/src/apps/webauthn/res/icon_fastmail.toif differ diff --git a/src/apps/webauthn/res/icon_fedora.toif b/src/apps/webauthn/res/icon_fedora.toif new file mode 100644 index 000000000..4982615f2 Binary files /dev/null and b/src/apps/webauthn/res/icon_fedora.toif differ diff --git a/src/apps/webauthn/res/icon_gandi.toif b/src/apps/webauthn/res/icon_gandi.toif new file mode 100644 index 000000000..070bb1e78 Binary files /dev/null and b/src/apps/webauthn/res/icon_gandi.toif differ diff --git a/src/apps/webauthn/res/icon_github.toif b/src/apps/webauthn/res/icon_github.toif new file mode 100644 index 000000000..8f8206260 Binary files /dev/null and b/src/apps/webauthn/res/icon_github.toif differ diff --git a/src/apps/webauthn/res/icon_gitlab.toif b/src/apps/webauthn/res/icon_gitlab.toif new file mode 100644 index 000000000..4c2c41210 Binary files /dev/null and b/src/apps/webauthn/res/icon_gitlab.toif differ diff --git a/src/apps/webauthn/res/icon_google.toif b/src/apps/webauthn/res/icon_google.toif new file mode 100644 index 000000000..4b34f971d Binary files /dev/null and b/src/apps/webauthn/res/icon_google.toif differ diff --git a/src/apps/webauthn/res/icon_keeper.toif b/src/apps/webauthn/res/icon_keeper.toif new file mode 100644 index 000000000..8c3e80303 Binary files /dev/null and b/src/apps/webauthn/res/icon_keeper.toif differ diff --git a/src/apps/webauthn/res/icon_lastpass.toif b/src/apps/webauthn/res/icon_lastpass.toif new file mode 100644 index 000000000..c3cde2239 Binary files /dev/null and b/src/apps/webauthn/res/icon_lastpass.toif differ diff --git a/src/apps/webauthn/res/icon_slush_pool.toif b/src/apps/webauthn/res/icon_slush_pool.toif new file mode 100644 index 000000000..c3e5fc0c6 Binary files /dev/null and b/src/apps/webauthn/res/icon_slush_pool.toif differ diff --git a/src/apps/webauthn/res/icon_stripe.toif b/src/apps/webauthn/res/icon_stripe.toif new file mode 100644 index 000000000..b1f780873 Binary files /dev/null and b/src/apps/webauthn/res/icon_stripe.toif differ diff --git a/src/main.py b/src/main.py index c54ae0838..b419aa23a 100644 --- a/src/main.py +++ b/src/main.py @@ -24,7 +24,7 @@ import apps.tezos if __debug__: import apps.debug else: - import apps.fido_u2f + import apps.webauthn # boot applications apps.homescreen.boot() @@ -41,7 +41,7 @@ apps.tezos.boot() if __debug__: apps.debug.boot() else: - apps.fido_u2f.boot(usb.iface_u2f) + apps.webauthn.boot(usb.iface_webauthn) # initialize the wire codec and start the USB wire.setup(usb.iface_wire) diff --git a/src/trezor/workflow.py b/src/trezor/workflow.py index 7e11d4c32..92ec261d4 100644 --- a/src/trezor/workflow.py +++ b/src/trezor/workflow.py @@ -5,8 +5,8 @@ layouts = [] default = None default_layout = None -# HACK: workaround way to stop the u2f layout from the outside -fido_u2f_stop_signal = loop.signal() +# HACK: workaround way to stop the WebAuthn layout from the outside +webauthn_stop_signal = loop.signal() def onstart(w): @@ -47,7 +47,7 @@ def restartdefault(): def onlayoutstart(l): closedefault() layouts.append(l) - fido_u2f_stop_signal.send(None) + webauthn_stop_signal.send(None) def onlayoutclose(l): diff --git a/src/usb.py b/src/usb.py index 53f0bfee4..beda879b9 100644 --- a/src/usb.py +++ b/src/usb.py @@ -12,7 +12,7 @@ iface_wire = io.WebUSB( ) # as the iface_vcp inteface needs 3 endpoints, we cannot use it simultaneously -# with the iface_u2f inteface. +# with the iface_webauthn inteface. if __debug__: # interface used for debug messages with trezor wire protocol iface_debug = io.WebUSB( @@ -30,7 +30,7 @@ if __debug__: ) else: # interface used for FIDO U2F HID transport - iface_u2f = io.HID( + iface_webauthn = io.HID( iface_num=1, ep_in=0x82, ep_out=0x02, @@ -69,4 +69,4 @@ if __debug__: bus.add(iface_debug) bus.add(iface_vcp) else: - bus.add(iface_u2f) + bus.add(iface_webauthn)