1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-25 07:48:10 +00:00
Commit Graph

627 Commits

Author SHA1 Message Date
Pavol Rusnak
7fa8ae136f
firmware: implement behaviour of state (still missing in PassphraseAck) 2018-02-24 17:26:57 +01:00
Pavol Rusnak
d7de064bde
bump version to 1.7.0; update firmware changelog 2018-02-21 15:40:56 +01:00
Pavol Rusnak
ab76828e16
update usb descriptors 2018-02-20 19:13:39 +01:00
Karel Bilek
cb067bd14c
Switch from HID to WebUSB
Also renaming varions functions from hid_ to webusb_ to actually reflect what they are doing
2018-02-20 19:13:38 +01:00
Jochen Hoenicke
c574c0a497
Updated confirmOutput dialog
Build it manually (to allow not indenting the address and using a
different font).
2018-02-20 18:23:14 +01:00
Jochen Hoenicke
63c6f95400
Fit 21 characters per line 2018-02-20 18:23:14 +01:00
Jochen Hoenicke
b9b36e0768
Remove duplicated code 2018-02-20 18:22:47 +01:00
Jochen Hoenicke
83a69a0334
Added fixed-width font and multi-font support 2018-02-20 18:22:47 +01:00
Pavol Rusnak
fc7189f801
use Failure_PinMismatch where it makes sense (ChangePin, ResetDevice, RecoveryDevice) 2018-02-20 17:48:19 +01:00
Pavol Rusnak
909f158c84
vendor: update trezor-common 2018-02-20 17:31:45 +01:00
Saleem Rashid
e019ab5557 fsm: Abort layoutAddress on Initialize or Cancel
Fixes #247
2018-02-20 17:19:41 +01:00
Jochen Hoenicke
1bc1bb1e77 Less paranoid change outputs.
- Allow change to be on the main chain (see spesmilo/electrum#3920).
- Allow more than one output to the Trezor, but don't treat it as change.
2018-02-20 16:39:16 +01:00
Saleem Rashid
e3a0b6e7b4 setup: Switch to unprivileged execution 2018-02-13 19:31:36 +01:00
Saleem Rashid
1f8f08d48a setup: Enable MPU
Disable code execution from SRAM and reconfiguration of the MPU.

Prevents almost all code execution attacks.
2018-02-13 15:48:42 +01:00
Wampum
2391beb6f4 expand description of multisig label (#294) 2018-01-31 17:12:52 +01:00
Pavol Rusnak
bd660655ee
introduce and use memzero instead of explicit_bzero 2018-01-18 15:21:48 +01:00
Pavol Rusnak
4a2d68acb9
use explicit_bzero where possible; update trezor-crypto 2018-01-16 19:49:47 +01:00
Pavol Rusnak
cd763b979b
layout: fix last commit 2018-01-15 18:56:57 +01:00
Pavol Rusnak
f70772fb58
rework ConfirmOutput layout (fixes #289) 2018-01-15 18:40:54 +01:00
Pavol Rusnak
c4e3596803
update trezor-crypto, adapt firmware to to changes 2018-01-13 15:20:10 +01:00
Pavol Rusnak
7e382fb790
update to python3 2018-01-12 00:03:55 +01:00
Pavol Rusnak
94fcc8c9a4
add bip84 (native segwit) 2018-01-04 22:30:40 +01:00
Saleem Rashid
6a2b92c49e storage: Fix for Clang 2017-12-20 15:04:43 +01:00
Saleem Rashid
58d2079b56 transaction: Fix uninitialized read in compile_output 2017-12-20 15:04:43 +01:00
Saleem Rashid
fd57b89902 Makefile: Use $PYTHON 2017-12-19 14:11:51 +01:00
Saleem Rashid
bab8db9191 vendor: Update Nanopb to 0.3.9 2017-12-19 14:11:51 +01:00
Saleem Rashid
045ef22d98 storage: Do not use Nanopb 2017-12-19 14:11:51 +01:00
Saleem Rashid
b92a0d24b0 fsm: Include file and line in fsm_sendFailure for DEBUG_LINK 2017-12-18 20:13:00 +01:00
Saleem Rashid
ba5b44d0c5 emulator: Initial commit 2017-12-18 20:09:59 +01:00
Saleem Rashid
36eac04e61 protob: Increase Features.coins max_count 2017-12-18 19:43:19 +01:00
Pavol Rusnak
9732825e24
move ethereum_tokens-gen.py to trezor-common 2017-12-18 18:36:17 +01:00
Saleem Rashid
83a34ff925
util: Add MIN and MAX macros 2017-12-17 03:12:37 +01:00
Saleem Rashid
9401d2805a protob: Increase NEM payload max_size
See NemProject/NanoWallet#362
2017-12-16 21:26:32 +01:00
Saleem Rashid
f17a0a85e0 fsm: Add NEMDecryptMessage 2017-12-16 21:26:32 +01:00
Jochen Hoenicke
810443f197 Fix NULL pointer access
Fixes #269
2017-12-16 15:26:25 +01:00
Jochen Hoenicke
ded41c484c storage: Padding to multiple of 4 bytes 2017-12-15 14:22:17 +01:00
Saleem Rashid
cfc5fda603 storage: Compact old_storage_size logic 2017-12-15 14:22:17 +01:00
Saleem Rashid
a304b76d34 storage: Clean up old_storage_size
Note that OLD_STORAGE_SIZE(imported) != 460, because
OLD_STORAGE_SIZE does not include end padding
2017-12-15 14:22:17 +01:00
Jochen Hoenicke
5812f9865d
Fix size of version 9 storage 2017-12-14 19:31:29 +01:00
Pavol Rusnak
2c63d51580
u2f: avoid using hdnode_private_ckd_cached in order not to constantly invalidate cache 2017-12-13 18:04:22 +01:00
Pavol Rusnak
106642bd44
fix last commit 2017-12-13 17:56:46 +01:00
Jochen Hoenicke
73edc7cb74 Added U2F root key to storage.
Fixes #251.
2017-12-13 17:54:27 +01:00
Jochen Hoenicke
88563ebaa5 Fix compile problem, fix clearing single byte 2017-12-12 19:36:34 +01:00
Pavol Rusnak
f22c849767 storage: rework storage_commit into storage_update 2017-12-12 16:28:42 +01:00
Pavol Rusnak
70843c9059 storage: introduce storageRam and storageRom 2017-12-12 16:28:42 +01:00
Pavol Rusnak
57bbcc754a storage: make storage accessible only via functions
add calls also for debug build and use them in fsm
2017-12-12 16:28:42 +01:00
Pavol Rusnak
41901a8056 firmware: rework protectChangePin
bootloader: wait for flash operation to finish
2017-12-12 12:51:08 +01:00
Pavol Rusnak
36f3b7fe09 firmware: mark usb buffer variables confidential 2017-12-12 12:51:08 +01:00
Pavol Rusnak
14d15dab99
fsm: refactor path checking code into path_mismatch function 2017-12-12 01:48:07 +01:00
Saleem Rashid
7cd9945905 fsm: Use coin->curve_name 2017-12-10 20:53:44 +01:00
Saleem Rashid
6e25e0b363 coins: Use curve_info instead of HasherType 2017-12-10 20:53:44 +01:00
Saleem Rashid
268e7de109 Update trezor-crypto 2017-12-10 20:53:44 +01:00
Saleem Rashid
dc781725c6 hasher: Move to trezor-crypto
This reverts commit dd7b21a6ca.
2017-12-10 20:53:44 +01:00
Saleem Rashid
0e60ba54b7 crypto: Use Hasher for message signing 2017-12-10 20:53:44 +01:00
Saleem Rashid
a1e911aa4c transaction: Do not hardcode HASHER_SHA2 2017-12-10 20:53:44 +01:00
Saleem Rashid
54b0869535 signing: Use Hasher instead of SHA256_CTX 2017-12-09 16:28:40 +01:00
Saleem Rashid
dd7b21a6ca hasher: Initial commit 2017-12-09 16:28:40 +01:00
Pavol Rusnak
bc7c66aa76
add Features.model field (set to "1") 2017-12-04 22:30:11 +01:00
Pavol Rusnak
f44635a9ca
vendor: update trezor-common 2017-11-29 23:04:59 +01:00
Tomas Susanka
a82bbbb30d layout: encode -> encrypt typo
updates #252
2017-11-29 13:48:29 +01:00
Tomas Susanka
cfe8a98c68 signing segwit change output typo 2017-11-25 01:06:46 +01:00
Pavol Rusnak
723cf295a7
device label -> device name 2017-11-16 20:03:26 +01:00
Pavol Rusnak
4770df8912
update version to 1.6.0 2017-11-16 19:50:42 +01:00
Pavol Rusnak
3386b16a1c
GetAddress: detect mismatched coin and path, show warning 2017-11-16 19:22:55 +01:00
Pavol Rusnak
a713fca857
layout: recognize known bip44/bip49 paths in GetAddress dialog 2017-11-16 18:34:59 +01:00
Pavol Rusnak
cc0896c334
add bip44 coin_type to CoinInfo 2017-11-16 18:34:50 +01:00
Pavol Rusnak
54659d49d8
layout: op_return now requires confirmation by user 2017-11-15 15:42:56 +01:00
Pavol Rusnak
de3b78bd0b
layout: print bip32 path in GetAddress dialog 2017-11-14 17:53:17 +01:00
Pavol Rusnak
61044b3fc3
u2f: add u2f.bin.coffee 2017-11-14 14:29:46 +01:00
Saleem Rashid
e3460b9f00 reset: Call storage_commit after initialization
Fixes #230
2017-11-14 13:42:44 +01:00
Jochen Hoenicke
e1fa7af1da Byte-precise size estimate for fees
Fixes issue #232.

It assumes largest possible signature size for all inputs.  For segwit
multisig it can be .25 bytes off due to difference between segwit
encoding (varint) vs. non-segwit encoding (op_push) of the multisig script.
2017-11-14 13:39:17 +01:00
Pavol Rusnak
a4d46b7ae1
vendor: update trezor-common, increase coins count 2017-11-13 22:32:11 +01:00
Jochen Hoenicke
b8bca1c444 Fix segwit forkid signatures 2017-11-13 22:20:08 +01:00
Jochen Hoenicke
8da2770051 Increase coin count 2017-11-13 22:20:08 +01:00
Jochen Hoenicke
a8bc3cb6bd Remove add_hash_type fields.
The 4 byte hash_type/forkid is part of the signed message, but not
part of the transaction.  Instead of hacking it into the transaction,
add it after the transaction when computing the signature.
2017-11-13 22:20:08 +01:00
Saleem Rashid
d39e4be1c8 signing: Use force_bip143 instead of has_forkid 2017-11-13 22:20:08 +01:00
Saleem Rashid
c6246b5fba coins: Add force_bip143 2017-11-13 22:20:08 +01:00
Saleem Rashid
b6f11c9f93 signing: Add signing_hash_type function
This also enables SIGHASH_FORKID for SegWit
2017-11-13 22:20:08 +01:00
Pavol Rusnak
892bb8501a
fsm: ignore case for NEM addresses 2017-11-05 19:30:33 +01:00
Jochen Hoenicke
bbf6b1b097
Implemented VerifyMessage for bech32 2017-11-05 19:28:07 +01:00
Jochen Hoenicke
0f50b816e6
Wrap long addresses in three lines 2017-11-05 19:28:07 +01:00
Jochen Hoenicke
97581928de
Enable Segwit Bech32 addresses
Increase the size of the addresses in protobuf.
Fix layout2.c to handle longer addresses.
Add a field bech32_prefix to coins.h
Adapted the coins-gen script.
Added bech32 support in signing.c and transaction.c
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
cf3dc6051c Omit leading space in shortcut in GetFeatures 2017-11-05 19:23:34 +01:00
Jochen Hoenicke
1566631023 Improved backwards compatibility of GetFeatures
Set all CoinType fields except signed_message_header.
Move static assert into the function where it is needed.
2017-11-05 19:23:34 +01:00
Jochen Hoenicke
b5fa8a266a New CoinInfo separated from protobuf structures
Having CoinType using the protobuf structures has several disadvantages.
- We always need to change trezor-common if we need a new field (like
  bech32 prefix)
- Every time Trezor initializes it sends all this information out and
  nobody cares.
- The protobuf structures add storage overhead due to their fixed size.

I also removed most of the `has_` fields except for forkid:
- `has_segwit` was merged with segwit
- `has_coin_shortcut` can be replaced by test for NULL if necessary.

The fields were reordered for better padding.
2017-11-05 19:23:34 +01:00
Pavol Rusnak
18d8cb3c56
add project website (trezor.io) to license header 2017-11-05 17:47:23 +01:00
Jochen Hoenicke
a24e8a0484 Remove magic constants
Use defines for wallet depth and change chain.  Updated some comments
to clarify what is checked.
2017-11-03 19:12:41 +01:00
Jochen Hoenicke
4805f27e8c Fix checking change address
There was a signed/unsigned problem: size_t is unsigned, but we use
-1 to indicate mismatch.  The problem was that when checking the input
address path, it still did this unintentionally when a mismatch was
detected, forbidding to sign with mismatched inputs, even when there
is no change address.

We now use 1 for mismatch.  Also we don't allow change address anymore
if the inputs have a path of length 1.  This simplifies the code a bit.
2017-11-03 19:12:41 +01:00
Jochen Hoenicke
5e98b0ffd6 Added U2F entry for Bitfinex (#237) 2017-11-03 18:57:50 +01:00
Pavol Rusnak
fa02dec704
layout2: use macro for layoutSwipe 2017-11-03 18:56:55 +01:00
Saleem Rashid
eebd53fd09 layout2: Disable oledSwipeLeft with DEBUG_LINK (#239)
This greatly reduces time for device tests
2017-11-03 18:54:02 +01:00
Saleem Rashid
d006ef6bf7 Makefile.include: Generate dependency files before build (#225)
* Makefile.include: Generate .d files before build

* Makefile.include: Generate .small.d files before build
2017-10-10 20:54:21 +02:00
Pavol Rusnak
5831e53854
layout2: refactor and fix layoutCosiCommitSign 2017-10-09 23:02:42 +02:00
Pavol Rusnak
ca30449d07
build: add rebuild dep 2017-10-09 21:23:18 +02:00
Pavol Rusnak
b56da1e4b4
layout: show path for CoSi commit/sign if following SLIP-0018 2017-10-09 21:16:39 +02:00
Saleem Rashid
296c120528 nem_mosaics: Refactor and use Python 2 2017-10-09 18:06:02 +01:00
Saleem Rashid
128742d113 nem2: Update copyright header for consistency 2017-10-09 17:49:13 +01:00
Saleem Rashid
c87c16adc9 firmware: Generate nem_mosaics.[ch] at build time 2017-10-09 17:48:30 +01:00
Saleem Rashid
a90acf8b62 nem_mosaics: Remove generated files 2017-10-09 17:47:56 +01:00
Saleem Rashid
12c541f872 nem2: Handle Importance Transfer transactions 2017-10-07 22:07:56 +01:00