1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-19 21:08:07 +00:00
Commit Graph

741 Commits

Author SHA1 Message Date
matejcik
2f665c8f84 core: add exception to GetPublicKey for PSBT master fingerprint (fixes #999) 2020-05-21 13:26:53 +02:00
Tomas Susanka
a2f790167d core/bitcoin: fix step 1 and 2 comments in signing 2020-05-19 12:58:45 +00:00
Tomas Susanka
1ac0f60550 core: update isort config to place relative imports last 2020-05-18 14:31:51 +02:00
Tomas Susanka
aa115b6320 core: move decred writers to decred.py 2020-05-18 14:31:51 +02:00
Tomas Susanka
3084ee1eed core/bitcoin: move write_bitcoin_varint to common writers 2020-05-18 14:31:51 +02:00
Tomas Susanka
445f56d387 core/bitcoin: finalize bitcoin refactor
- core/bitcoin: move common files to the app's root
- core/bitcoin: use require_confirm instead of confirm
- core: move bitcoin unrelated functions from 'bitcoin' to a new 'misc' app
- core/bitcoin: use relative imports inside the app
- core: rename wallet app to bitcoin
- core/wallet: replace SigningErrors and the other exception classes with wire.Errors
2020-05-18 14:31:51 +02:00
matejcik
aa52fc3903 core/extmod: drop unused rfc6979 module 2020-05-18 14:31:00 +02:00
matejcik
123b07e3ad core: drop support for pre-registering keychain namespaces 2020-05-15 16:30:41 +02:00
matejcik
de9e73dcbc core/tests: update unit tests for new keychain API 2020-05-15 14:08:29 +02:00
matejcik
f3f6e2101a core/cardano: explanation about seed derivation 2020-05-15 14:08:29 +02:00
matejcik
a31b2cd1bc core/wallet: implement keychain for apps.wallet 2020-05-15 14:08:29 +02:00
matejcik
0dff3853a7 core/ethereum: introduce custom keychain decorators 2020-05-15 14:08:29 +02:00
matejcik
b594248ac2 core: use new keychain decorators where appropriate 2020-05-15 14:08:29 +02:00
matejcik
fd9e945308 core/cardano: use caching decorators and new Keychain API for Cardano as well 2020-05-15 14:08:29 +02:00
matejcik
7541d529a3 core: refactor keychain API, introduce SLIP44 decorator 2020-05-15 14:08:29 +02:00
matejcik
8c4cb58098 core: introduce caching decorators 2020-05-15 14:08:29 +02:00
matejcik
63dfcb17a7 core: make mypy happy about importing fatfs 2020-05-15 14:08:29 +02:00
Dusan Klinec
6b8fc9c894
xmr: major protocol upgrade, CLSAG support added
- CLSAG signature scheme added
  - type hints added

xmr: optimize protocol, send only required data
  - real_out_additional_tx_keys contains only one element as nothing more is needed during signature
  - only src_entr.outputs[index] is HMACed and always present. Other outputs are present only if needed which reduces comm and CPU overhead.
  - getting rid of subaddresses dictionary (memory requirements), now subaddr indices are present per source entry so keys are computed when needed

xmr: prepare for permutation sending removal, specify index
  - specify source entry ordering index prior sorting by key images as original HMAC keys are generated based on these.
  - permutation checked just by valid HMACs, size of the set, key image sort order
  - sending permutation is now deprecated, will be removed in the following protocol versions
  - more strict state transition checks, guard strict check with respect to steps ordering
2020-05-13 11:13:19 +02:00
Andrew Kozlik
3de565c33c core/sign_tx: In write_tx_header() rename has_segwit parameter to witness_marker and clarify usage. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
846116a666 core/sign_tx: Improve comments. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
7370077d0c core/sign_tx: Get rid of internal TxOutputBinType messages. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
9f9618944a core/sign_tx: Explicitly pass script to write_tx_input() instead of setting it in txi. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
04bdf1dc6c core/sign_tx: Remove unused index parameters. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c9814e50ba core/sign_tx: Set decred_script_version to 0 by default for decred coins. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
dccf415e0b core/sign_tx: Add write_tx_output() to signer class and override it in Decred. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
bdd1d25979 core/sign_tx: Require change-outputs to be for a non-zero amount. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
d5faeb3f51 core/sign_tx: Clarify sign_nonsegwit_input(). 2020-05-06 13:18:32 +02:00
matejcik
9005093435 core/sign_tx: improve documentation on MatchCheckers 2020-05-06 13:18:32 +02:00
matejcik
0209768ff2 core/sign_tx: improve type hints 2020-05-06 13:18:32 +02:00
matejcik
ff41e5c304 core/sign_tx: improve signer selection readability 2020-05-06 13:18:32 +02:00
Andrew Kozlik
8b89a30955 core/sign_tx: Remove get_prevouts_hash(), get_sequence_hash(), get_outputs_hash() methods from signer classes, because they are only used internally. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
22933587be core/sign_tx: Merge bip143 classes into signer classes. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
6ad3baeab2 core/sign_tx: Refactor BIP-143 signing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
d58cd3987b core/sign_tx: Minor updates based on code review. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
be39f271b0 core/sign_tx: Rework transaction footer writing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
b60f267da9 core/sign_tx: Rework transaction header writing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c1effcc374 core/sign_tx: Updates based on code review. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c2a0f83558 core/sign_tx: Move script derivation to scripts module. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
d0b80bddc8 core/tests: Fix unit tests after sign_tx refactor. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
be7e98aa47 core/sign_tx: Move Bitcoin class to bitcoin.py. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
a07e125793 core/sign_tx: Consolidate wallet path and multisig fingerprint checking. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
27e6720f3d core/sign_tx: cleanup 2020-05-06 13:18:32 +02:00
Andrew Kozlik
987b70f1f5 core/sign_tx: Move header prepending up by one level. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
2ceb091d68 core/sign_tx: Use a preallocated buffer for transaction serialization. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
555259d6a9 core/sign_tx: Remove last_output_bytes in Decred, which is no longer needed. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
f1801764a1 core/sign_tx: Fix segwit/non-segwit input interleaving bug. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
514f2ac649 core/sign_tx: Refactor to use template method. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
95fad83024 core/sign_tx: Derive Zip143 and DecredPrefixHasher from Bip143. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
e9900df18d core/sign_tx: Move Overwintered class to zcash. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
60dbec95ac core/sign_tx: Reuse get_prevtx_output_value() in Decred. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
2b74513e49 core: Fix mypy. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
50c08274b9 core/sign_tx: Move overwintered functionality to separate class. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c190eed7fc core/sign_tx: Move non-Bitcoin functionality to Bitcoinlike class. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
613c81ea66 core/sign_tx: Refactor wallet_path functions and input_check_multisig_fingerprint. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
0d9984671e core/sign_tx: Fix typing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
79c60615de core: Fix typing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
ba8b34b2d7 core: Refactor signing. 2020-05-06 13:18:32 +02:00
Tomas Susanka
20d66adddd core: disable passphrase_always_on_device when turning off passphrase 2020-04-28 14:54:18 +02:00
matejcik
5885978c83 Merge branch 'release/2020-04' 2020-04-15 15:00:23 +02:00
Andrew Kozlik
9e4a8ca785 core/webauthn: Improve error codes for uninitialized device. Return ERR_OPERATION_DENIED only upon user decline or timeout, otherwise it cancels the operation on all connected authenticators. 2020-04-14 12:24:17 +02:00
Dusan Klinec
25b6e9058f xmr: proto - add fields for protocol optimization 2020-04-13 22:19:56 +02:00
Andrew Kozlik
bc4e8eaa16 core/webauth: Update readme with Ed25519 algorithm and certificates. 2020-04-09 21:05:28 +02:00
matejcik
eec0615444 core: drop sys.pyi from mocks (fixes #934)
A change introduced in mypy 0.770 disallows overriding some system
modules, including `sys`.

We only need the override for `sys.print_exception`, and the simplest
solution is to make mypy ignore that particular call.
2020-04-08 11:19:26 +02:00
Andrew Kozlik
fca92d7344 core/webauthn: Update attestation certificate to comply with WebAuthn requirements. 2020-04-06 18:29:05 +02:00
Andrew Kozlik
25a39ea729 core/webauthn: Fix handling of interleaving frames to comply with the U2F HID specification. 2020-04-06 09:53:42 +02:00
jagdeep sidhu
e58c5f63d5
common/defs: update SYS (#928) 2020-04-02 00:22:47 +02:00
Tomas Susanka
0b7a8449f8 core: style 2020-03-30 16:04:05 +00:00
Tomas Susanka
bf20537f41 core: add option to omit cancel button in HoldToConfirm; add it to reset 2020-03-30 16:00:12 +00:00
Andrew Kozlik
8ae0535e69 core/webauthn: Fix attestation statement format to use a list in the x5c field. 2020-03-24 16:18:37 +01:00
Tomas Susanka
aa71c20f2c core: require hold to confirm 2020-03-24 09:20:10 +00:00
Tomas Susanka
f786d75a6f core: drop obsolete check for ANYONECANSPEND segwit outputs 2020-03-20 14:19:31 +00:00
Tomas Susanka
d0d41c884e legacy: move script type checks to separate functions and unify with core 2020-03-20 14:19:31 +00:00
matejcik
da89a17ce5 all: add checks for prev_hash size 2020-03-20 14:19:31 +00:00
matejcik
c15519f707 core/sign_tx: modify get_tx_header to avoid writing unchecked bytes 2020-03-20 14:19:31 +00:00
matejcik
9cab61fbd3 core/sign_tx: remove write_bytes_unchecked where appropriate 2020-03-20 14:19:31 +00:00
matejcik
27f6306e1d core: introduce safer write_bytes functions 2020-03-20 14:19:30 +00:00
matejcik
9a5f6b025a core/tezos: factor out writing Michelson instructions 2020-03-20 14:19:30 +00:00
matejcik
694f714719 core/ripple: rename write_bytes to avoid name collision 2020-03-20 14:19:30 +00:00
Tomas Susanka
64584e271c legacy, core: add and unify validation checks 2020-03-20 14:19:30 +00:00
matejcik
ffdb299c61 all: drop Capricoin support [NO BACKPORT] 2020-03-20 14:19:30 +00:00
matejcik
adea7d6b35 all: make timestamp mandatory on timestamp-enabled coins 2020-03-20 14:19:07 +00:00
matejcik
e2035b4972 all: drop Horizen and BIP-115 support [NO BACKPORT] 2020-03-20 14:19:07 +00:00
matejcik
6f9c6361ea core: remove negative_fee and cashaddr_prefix from bitcoin-only fw 2020-03-20 14:18:27 +00:00
matejcik
7d5771911c core: flip condition for force_bip143
this should be equivalent because Bitcoin does not have force_bip143 set
2020-03-20 14:18:27 +00:00
matejcik
ed464f3d47 all: ensure expiry, timestamp and extra_data are blocked as appropriate 2020-03-20 14:18:27 +00:00
matejcik
27803ee8c1 all: drop overwintered field from transaction 2020-03-20 14:18:27 +00:00
matejcik
c9fd3f77a5 all: add overwintered field to coin specification 2020-03-20 14:18:27 +00:00
Pavol Rusnak
817b922850 all: add extra_data and timestamp fields to coin specification 2020-03-20 14:18:27 +00:00
matejcik
136307bcae core: propagate coin info to all sanitize functions 2020-03-20 14:17:44 +00:00
matejcik
303c05aba7 core/sign_tx: check if prev_tx has enough outputs to match prev_index 2020-03-20 14:17:44 +00:00
Andrew Kozlik
a34637c0f2 core/sign_tx: Check multisig fingerprint before signing inputs. 2020-03-20 14:17:44 +00:00
Tomas Susanka
163220e4b7 core/wallet: properly check decred input 2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
6274cfdf8b core: remove unreachable zcash code 2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
d61181d7e8 core: fix transaction header for mixed segwit inputs 2020-03-20 14:17:44 +00:00
Tomas Susanka
f0a39df75d core/wallet: check inputs and outputs right after receiving them 2020-03-20 14:17:44 +00:00
Tomas Susanka
0903159d9b core, legacy: make sure OPRETURN ouput is not marked as change 2020-03-20 14:17:44 +00:00
Tomas Susanka
4af9aa547e core: forbid unnecessary fields in OPRETURN output 2020-03-20 14:17:44 +00:00
Andrew Kozlik
d800fcbf9f core/sign_tx: If there is a non-multisig input, then change output cannot be multisig.
(cherry picked from commit 8eb6ce0899)
2020-03-20 14:17:44 +00:00
Andrew Kozlik
b3cd760df0 core/webauthn: Disable CTAPHID_WINK function. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
e5008eb332 core/webauthn: Remove indistinguishable credentials from the allow list. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
cda9de8dd1 core/webauthn: Add maxCredentialCountInList and maxCredentialIdLength to authenticatorGetInfo response. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
0af0e06d5b core/webauthn: Truncate names in credential data to at most 100 bytes. 2020-03-20 15:07:06 +01:00
matejcik
ccffefd667 core/boot: do not catch OSError in boot wait 2020-03-20 14:03:28 +01:00
matejcik
f6f041e269 core/sdcard: also catch OSError in the formatting phase 2020-03-20 14:03:28 +01:00
matejcik
3a71a5a05c core/sdcard: show "Wrong SD card" when unlocking SD protect with unformatted card 2020-03-20 14:03:28 +01:00
matejcik
3789a3372b core/sdcard: modify exception handling in fatfs
expose ff.c constants, raise them as arguments to FatFSError

introduce NotMounted and NoFilesystem as subclasses of FatFSError with
the appropriate error code set
2020-03-20 14:03:28 +01:00
Andrew Kozlik
8ee0026637 core: Allow PIN entry even when SD protect is enabled and the card is not present. 2020-03-19 15:04:33 +01:00
Konnor Klashinsky
70a1f957ed
Fix BackupDevice layout on 18-word seed wallets 2020-03-13 13:41:04 +13:00
Andrew Kozlik
2f905a1157 core/webauthn: Add algorithm and curve to WebAuthnListResidentCredentials response. 2020-03-12 15:45:26 +01:00
Andrew Kozlik
f610787f8d core/webauthn: Clean up bytes/bytearray typing around uctypes. 2020-03-12 15:45:26 +01:00
Andrew Kozlik
e378820f7f core/webauthn: Implement support for Ed25519 signatures in FIDO2. 2020-03-12 15:45:26 +01:00
Pavol Rusnak
624b639ba8
Merge pull request #886 from trezor/onvej-sl/monero-optimizations-squashed
xmr/bp: memory optimizations and improvements, fixed style
2020-03-02 17:54:30 +01:00
Tomas Susanka
f8de140271 core: add cancel to hold to confirm dialogs 2020-03-02 13:58:41 +00:00
Dusan Klinec
2658e253fa xmr/bp: memory optimizations and improvements
- different approach to vector manipulation - more on the fly operations. Prepared for fully offloaded operations, BP on Trezor with constant memory.
- memory requirements reduced from (4MN + const) to (2MN + const)
- more raw methods to avoid unnecessary encoding/decoding
- chunking improved, chunk size set as a constant, changed from 64 to 32, missing pieces implemented to cover also BP 16
- proof_v8 support discontinued, old hardfork, not needed anymore
- get_exponent register clash fixed (for large vectors)
- reduced heap fragmentation by removing some temporary allocations
- hashing with len and offset to reduce heap fragmentation by creating a sliced arrays
- use to() wherever possible to avoid allocations and return of mutable private object
- global functions start with _ prefix, reduce import footprint
- use __slots__ in classes to minimize footprint
2020-03-02 12:17:03 +01:00
Tomas Susanka
21676a0662 ore/tezos: better wording in delegation cancel 2020-03-02 08:49:34 +00:00
matejcik
7f91bc571c core: ensure default task restarts after a passphrase workflow (fixes #883) 2020-02-28 15:55:40 +01:00
Tomas Susanka
5ee6e56f56
Merge pull request #880 from trezor/tsusanka/sign-verify-ui
Unify sign/verify message dialogs and fix text overflow
2020-02-28 15:47:48 +01:00
matejcik
bd9663af79 common/defs: update token reference, add new tokens to 2.3.0/1.9.0, regenerate coins_details 2020-02-27 19:13:17 +01:00
Tomas Susanka
86b010a18b
Merge pull request #878 from trezor/matejcik/fatfs-corruption
FatFS API rework
2020-02-27 15:58:38 +01:00
Tomas Susanka
a8af9feebe core: fix text overflow in some dialogs 2020-02-27 12:43:33 +00:00
Tomas Susanka
744c32991f core: unify sign/verify functions
The UI records are modified because of two changes:
- Added a coin name to the Sign/Verify screen (ETH/Lisk).
- Unified to use mono.
2020-02-27 12:43:33 +00:00
Tomas Susanka
495a59c282 core: use wire errors instead of ValueErrors where applicable 2020-02-27 10:46:01 +00:00
matejcik
18ac4fc9ca core: update Python facing APIs 2020-02-27 10:56:23 +01:00
matejcik
b916072389 common: restore PassphraseAck.state 2020-02-24 15:15:09 +01:00
matejcik
d7b9582386 core/sdcard: add ensure_filesystem option (fixes #868)
It is possible to call `ensure_sdcard` in a way that requires only SD
card be inserted, but not necessarily formatted.

This is useful for SD-protect and possibly other use-cases where the SD
card is read-only, and "not formatted" is identical to "not containing
the right files".
2020-02-24 13:28:44 +01:00
matejcik
e9c275c24f core/sdcard: fix invalid state when filesystem mounting fails 2020-02-24 13:28:44 +01:00
Tomas Susanka
6c47bf8230 core: store multiple sessions/caches at the same time 2020-02-21 14:40:42 +01:00
Pavol Rusnak
562671401e
Merge pull request #860 from trezor/prusnak/multisig-show-yours-others
core: show yours/others in get_address for multisig
2020-02-20 13:49:13 +01:00
matejcik
ddee77ecb6 core: add SD clearing via debuglink 2020-02-20 12:51:48 +01:00
matejcik
1e9352b9e0 core: add SD format dialog, generalize sdcard usage 2020-02-20 12:51:48 +01:00
matejcik
5bac85f260 core: use filesystem wrapper instead of the ensure_filesystem decorator 2020-02-20 12:51:48 +01:00
matejcik
d08942be4a core: introduce filesystem wrapper 2020-02-20 12:51:48 +01:00
Tomas Susanka
ff1bb67abc common: return the PasshraseType button request 2020-02-20 08:04:35 +00:00
Pavol Rusnak
581e46ff87
Merge pull request #845 from trezor/prusnak/webusb-popup
Don't show WebUSB popup in firmware, in bootloader only if no firmware present
2020-02-19 18:18:01 +01:00
Pavol Rusnak
7944c1a837
core/monero: add confirmation dialog for unlock_time 2020-02-19 14:31:45 +00:00
Pavol Rusnak
a808cc9190
core/apps: await require_confirm should be called without return 2020-02-19 14:31:45 +00:00
Pavol Rusnak
b9486c0b33
core: show yours/others in get_address for multisig 2020-02-18 22:39:55 +00:00
matejcik
e61b7d28e9 all: do not send state in PassphraseAck (not needed for compatibility) 2020-02-13 15:44:50 +01:00
Pavol Rusnak
07cd73ce57
core: show webusb popup only in bootloader and only if firmware is not installed 2020-02-12 20:47:05 +00:00
matejcik
d3b88a37be core: do not catch SystemExit in handle_session (#826) 2020-02-12 10:36:42 +01:00
Tomas Susanka
f947fe97cc core: fix style 2020-02-11 16:41:43 +01:00
Tomas Susanka
0a13f7a441 core: properly limit passphrase to 50 bytes 2020-02-11 15:39:08 +00:00
Tomas Susanka
2c0504ad1c
Merge pull request #803 from trezor/passphrase
Passphrase Redesign
2020-02-11 16:01:59 +01:00
matejcik
05a1d6f771 core/debug: add "show arbitrary screen" capability, for easier prototyping 2020-02-11 11:53:34 +01:00
matejcik
c01d04f26e common/protob: drop a default field declaration
which triggers nanopb bug https://github.com/nanopb/nanopb/issues/487
2020-02-11 11:53:34 +01:00
matejcik
4c9689d7a7 common: return deprecated fields to protobuf, to allow cross-version compatible code 2020-02-10 12:35:28 +01:00
Pavol Rusnak
e58225fe02
core/boot: don't call mkfs in emulator 2020-02-07 15:30:21 +00:00
Pavol Rusnak
fdfa64ac2a
core/ui: fix HoldToConfirm redraw 2020-02-07 15:21:16 +00:00
Tomas Susanka
56dc952495 common: fix PassphraseAck.on_device id 2020-02-07 14:19:01 +00:00
Pavol Rusnak
73ed2f3450
legacy: small nitpicks related to the new passphrase handling 2020-02-07 11:41:03 +00:00