1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-01 19:10:58 +00:00
Commit Graph

669 Commits

Author SHA1 Message Date
Pavol Rusnak
fc7189f801
use Failure_PinMismatch where it makes sense (ChangePin, ResetDevice, RecoveryDevice) 2018-02-20 17:48:19 +01:00
Pavol Rusnak
909f158c84
vendor: update trezor-common 2018-02-20 17:31:45 +01:00
Saleem Rashid
e019ab5557 fsm: Abort layoutAddress on Initialize or Cancel
Fixes #247
2018-02-20 17:19:41 +01:00
Jochen Hoenicke
1bc1bb1e77 Less paranoid change outputs.
- Allow change to be on the main chain (see spesmilo/electrum#3920).
- Allow more than one output to the Trezor, but don't treat it as change.
2018-02-20 16:39:16 +01:00
Saleem Rashid
e3a0b6e7b4 setup: Switch to unprivileged execution 2018-02-13 19:31:36 +01:00
Saleem Rashid
1f8f08d48a setup: Enable MPU
Disable code execution from SRAM and reconfiguration of the MPU.

Prevents almost all code execution attacks.
2018-02-13 15:48:42 +01:00
Wampum
2391beb6f4 expand description of multisig label (#294) 2018-01-31 17:12:52 +01:00
Pavol Rusnak
bd660655ee
introduce and use memzero instead of explicit_bzero 2018-01-18 15:21:48 +01:00
Pavol Rusnak
4a2d68acb9
use explicit_bzero where possible; update trezor-crypto 2018-01-16 19:49:47 +01:00
Pavol Rusnak
cd763b979b
layout: fix last commit 2018-01-15 18:56:57 +01:00
Pavol Rusnak
f70772fb58
rework ConfirmOutput layout (fixes #289) 2018-01-15 18:40:54 +01:00
Pavol Rusnak
c4e3596803
update trezor-crypto, adapt firmware to to changes 2018-01-13 15:20:10 +01:00
Pavol Rusnak
7e382fb790
update to python3 2018-01-12 00:03:55 +01:00
Pavol Rusnak
94fcc8c9a4
add bip84 (native segwit) 2018-01-04 22:30:40 +01:00
Saleem Rashid
6a2b92c49e storage: Fix for Clang 2017-12-20 15:04:43 +01:00
Saleem Rashid
58d2079b56 transaction: Fix uninitialized read in compile_output 2017-12-20 15:04:43 +01:00
Saleem Rashid
fd57b89902 Makefile: Use $PYTHON 2017-12-19 14:11:51 +01:00
Saleem Rashid
bab8db9191 vendor: Update Nanopb to 0.3.9 2017-12-19 14:11:51 +01:00
Saleem Rashid
045ef22d98 storage: Do not use Nanopb 2017-12-19 14:11:51 +01:00
Saleem Rashid
b92a0d24b0 fsm: Include file and line in fsm_sendFailure for DEBUG_LINK 2017-12-18 20:13:00 +01:00
Saleem Rashid
ba5b44d0c5 emulator: Initial commit 2017-12-18 20:09:59 +01:00
Saleem Rashid
36eac04e61 protob: Increase Features.coins max_count 2017-12-18 19:43:19 +01:00
Pavol Rusnak
9732825e24
move ethereum_tokens-gen.py to trezor-common 2017-12-18 18:36:17 +01:00
Saleem Rashid
83a34ff925
util: Add MIN and MAX macros 2017-12-17 03:12:37 +01:00
Saleem Rashid
9401d2805a protob: Increase NEM payload max_size
See NemProject/NanoWallet#362
2017-12-16 21:26:32 +01:00
Saleem Rashid
f17a0a85e0 fsm: Add NEMDecryptMessage 2017-12-16 21:26:32 +01:00
Jochen Hoenicke
810443f197 Fix NULL pointer access
Fixes #269
2017-12-16 15:26:25 +01:00
Jochen Hoenicke
ded41c484c storage: Padding to multiple of 4 bytes 2017-12-15 14:22:17 +01:00
Saleem Rashid
cfc5fda603 storage: Compact old_storage_size logic 2017-12-15 14:22:17 +01:00
Saleem Rashid
a304b76d34 storage: Clean up old_storage_size
Note that OLD_STORAGE_SIZE(imported) != 460, because
OLD_STORAGE_SIZE does not include end padding
2017-12-15 14:22:17 +01:00
Jochen Hoenicke
5812f9865d
Fix size of version 9 storage 2017-12-14 19:31:29 +01:00
Pavol Rusnak
2c63d51580
u2f: avoid using hdnode_private_ckd_cached in order not to constantly invalidate cache 2017-12-13 18:04:22 +01:00
Pavol Rusnak
106642bd44
fix last commit 2017-12-13 17:56:46 +01:00
Jochen Hoenicke
73edc7cb74 Added U2F root key to storage.
Fixes #251.
2017-12-13 17:54:27 +01:00
Jochen Hoenicke
88563ebaa5 Fix compile problem, fix clearing single byte 2017-12-12 19:36:34 +01:00
Pavol Rusnak
f22c849767 storage: rework storage_commit into storage_update 2017-12-12 16:28:42 +01:00
Pavol Rusnak
70843c9059 storage: introduce storageRam and storageRom 2017-12-12 16:28:42 +01:00
Pavol Rusnak
57bbcc754a storage: make storage accessible only via functions
add calls also for debug build and use them in fsm
2017-12-12 16:28:42 +01:00
Pavol Rusnak
41901a8056 firmware: rework protectChangePin
bootloader: wait for flash operation to finish
2017-12-12 12:51:08 +01:00
Pavol Rusnak
36f3b7fe09 firmware: mark usb buffer variables confidential 2017-12-12 12:51:08 +01:00
Pavol Rusnak
14d15dab99
fsm: refactor path checking code into path_mismatch function 2017-12-12 01:48:07 +01:00
Saleem Rashid
7cd9945905 fsm: Use coin->curve_name 2017-12-10 20:53:44 +01:00
Saleem Rashid
6e25e0b363 coins: Use curve_info instead of HasherType 2017-12-10 20:53:44 +01:00
Saleem Rashid
268e7de109 Update trezor-crypto 2017-12-10 20:53:44 +01:00
Saleem Rashid
dc781725c6 hasher: Move to trezor-crypto
This reverts commit dd7b21a6ca.
2017-12-10 20:53:44 +01:00
Saleem Rashid
0e60ba54b7 crypto: Use Hasher for message signing 2017-12-10 20:53:44 +01:00
Saleem Rashid
a1e911aa4c transaction: Do not hardcode HASHER_SHA2 2017-12-10 20:53:44 +01:00
Saleem Rashid
54b0869535 signing: Use Hasher instead of SHA256_CTX 2017-12-09 16:28:40 +01:00
Saleem Rashid
dd7b21a6ca hasher: Initial commit 2017-12-09 16:28:40 +01:00
Pavol Rusnak
bc7c66aa76
add Features.model field (set to "1") 2017-12-04 22:30:11 +01:00
Pavol Rusnak
f44635a9ca
vendor: update trezor-common 2017-11-29 23:04:59 +01:00
Tomas Susanka
a82bbbb30d layout: encode -> encrypt typo
updates #252
2017-11-29 13:48:29 +01:00
Tomas Susanka
cfe8a98c68 signing segwit change output typo 2017-11-25 01:06:46 +01:00
Pavol Rusnak
723cf295a7
device label -> device name 2017-11-16 20:03:26 +01:00
Pavol Rusnak
4770df8912
update version to 1.6.0 2017-11-16 19:50:42 +01:00
Pavol Rusnak
3386b16a1c
GetAddress: detect mismatched coin and path, show warning 2017-11-16 19:22:55 +01:00
Pavol Rusnak
a713fca857
layout: recognize known bip44/bip49 paths in GetAddress dialog 2017-11-16 18:34:59 +01:00
Pavol Rusnak
cc0896c334
add bip44 coin_type to CoinInfo 2017-11-16 18:34:50 +01:00
Pavol Rusnak
54659d49d8
layout: op_return now requires confirmation by user 2017-11-15 15:42:56 +01:00
Pavol Rusnak
de3b78bd0b
layout: print bip32 path in GetAddress dialog 2017-11-14 17:53:17 +01:00
Pavol Rusnak
61044b3fc3
u2f: add u2f.bin.coffee 2017-11-14 14:29:46 +01:00
Saleem Rashid
e3460b9f00 reset: Call storage_commit after initialization
Fixes #230
2017-11-14 13:42:44 +01:00
Jochen Hoenicke
e1fa7af1da Byte-precise size estimate for fees
Fixes issue #232.

It assumes largest possible signature size for all inputs.  For segwit
multisig it can be .25 bytes off due to difference between segwit
encoding (varint) vs. non-segwit encoding (op_push) of the multisig script.
2017-11-14 13:39:17 +01:00
Pavol Rusnak
a4d46b7ae1
vendor: update trezor-common, increase coins count 2017-11-13 22:32:11 +01:00
Jochen Hoenicke
b8bca1c444 Fix segwit forkid signatures 2017-11-13 22:20:08 +01:00
Jochen Hoenicke
8da2770051 Increase coin count 2017-11-13 22:20:08 +01:00
Jochen Hoenicke
a8bc3cb6bd Remove add_hash_type fields.
The 4 byte hash_type/forkid is part of the signed message, but not
part of the transaction.  Instead of hacking it into the transaction,
add it after the transaction when computing the signature.
2017-11-13 22:20:08 +01:00
Saleem Rashid
d39e4be1c8 signing: Use force_bip143 instead of has_forkid 2017-11-13 22:20:08 +01:00
Saleem Rashid
c6246b5fba coins: Add force_bip143 2017-11-13 22:20:08 +01:00
Saleem Rashid
b6f11c9f93 signing: Add signing_hash_type function
This also enables SIGHASH_FORKID for SegWit
2017-11-13 22:20:08 +01:00
Pavol Rusnak
892bb8501a
fsm: ignore case for NEM addresses 2017-11-05 19:30:33 +01:00
Jochen Hoenicke
bbf6b1b097
Implemented VerifyMessage for bech32 2017-11-05 19:28:07 +01:00
Jochen Hoenicke
0f50b816e6
Wrap long addresses in three lines 2017-11-05 19:28:07 +01:00
Jochen Hoenicke
97581928de
Enable Segwit Bech32 addresses
Increase the size of the addresses in protobuf.
Fix layout2.c to handle longer addresses.
Add a field bech32_prefix to coins.h
Adapted the coins-gen script.
Added bech32 support in signing.c and transaction.c
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
cf3dc6051c Omit leading space in shortcut in GetFeatures 2017-11-05 19:23:34 +01:00
Jochen Hoenicke
1566631023 Improved backwards compatibility of GetFeatures
Set all CoinType fields except signed_message_header.
Move static assert into the function where it is needed.
2017-11-05 19:23:34 +01:00
Jochen Hoenicke
b5fa8a266a New CoinInfo separated from protobuf structures
Having CoinType using the protobuf structures has several disadvantages.
- We always need to change trezor-common if we need a new field (like
  bech32 prefix)
- Every time Trezor initializes it sends all this information out and
  nobody cares.
- The protobuf structures add storage overhead due to their fixed size.

I also removed most of the `has_` fields except for forkid:
- `has_segwit` was merged with segwit
- `has_coin_shortcut` can be replaced by test for NULL if necessary.

The fields were reordered for better padding.
2017-11-05 19:23:34 +01:00
Pavol Rusnak
18d8cb3c56
add project website (trezor.io) to license header 2017-11-05 17:47:23 +01:00
Jochen Hoenicke
a24e8a0484 Remove magic constants
Use defines for wallet depth and change chain.  Updated some comments
to clarify what is checked.
2017-11-03 19:12:41 +01:00
Jochen Hoenicke
4805f27e8c Fix checking change address
There was a signed/unsigned problem: size_t is unsigned, but we use
-1 to indicate mismatch.  The problem was that when checking the input
address path, it still did this unintentionally when a mismatch was
detected, forbidding to sign with mismatched inputs, even when there
is no change address.

We now use 1 for mismatch.  Also we don't allow change address anymore
if the inputs have a path of length 1.  This simplifies the code a bit.
2017-11-03 19:12:41 +01:00
Jochen Hoenicke
5e98b0ffd6 Added U2F entry for Bitfinex (#237) 2017-11-03 18:57:50 +01:00
Pavol Rusnak
fa02dec704
layout2: use macro for layoutSwipe 2017-11-03 18:56:55 +01:00
Saleem Rashid
eebd53fd09 layout2: Disable oledSwipeLeft with DEBUG_LINK (#239)
This greatly reduces time for device tests
2017-11-03 18:54:02 +01:00
Saleem Rashid
d006ef6bf7 Makefile.include: Generate dependency files before build (#225)
* Makefile.include: Generate .d files before build

* Makefile.include: Generate .small.d files before build
2017-10-10 20:54:21 +02:00
Pavol Rusnak
5831e53854
layout2: refactor and fix layoutCosiCommitSign 2017-10-09 23:02:42 +02:00
Pavol Rusnak
ca30449d07
build: add rebuild dep 2017-10-09 21:23:18 +02:00
Pavol Rusnak
b56da1e4b4
layout: show path for CoSi commit/sign if following SLIP-0018 2017-10-09 21:16:39 +02:00
Saleem Rashid
296c120528 nem_mosaics: Refactor and use Python 2 2017-10-09 18:06:02 +01:00
Saleem Rashid
128742d113 nem2: Update copyright header for consistency 2017-10-09 17:49:13 +01:00
Saleem Rashid
c87c16adc9 firmware: Generate nem_mosaics.[ch] at build time 2017-10-09 17:48:30 +01:00
Saleem Rashid
a90acf8b62 nem_mosaics: Remove generated files 2017-10-09 17:47:56 +01:00
Saleem Rashid
12c541f872 nem2: Handle Importance Transfer transactions 2017-10-07 22:07:56 +01:00
Pavol Rusnak
83db3c098f
fsm: implement CoSi messages 2017-10-03 13:26:38 +02:00
Saleem Rashid
5b0c0b1bfd nem_mosaics: Add PacNEM 2017-10-01 13:24:13 +01:00
Saleem Rashid
d0e89db9fa nem_mosaics: Add Breeze Token 2017-10-01 13:24:13 +01:00
Saleem Rashid
1d83eee3b3 nem2: Canonicalize mosaics in transfer transactions
NIS deserializes then serializes transactions in order to verify the
signature. This means that transactions must be serialized canonically,
otherwise the signature will not match. Due to [1], mosaics are sorted
and deduplicated in transfer transactions.

[1]: 4231550ddf
2017-10-01 13:24:13 +01:00
Saleem Rashid
1f20625bbc nem2: Refactor for new bn_format 2017-10-01 13:24:13 +01:00
Saleem Rashid
2aeeb3f978 nem2: Handle Aggregate Modification transactions 2017-10-01 13:24:13 +01:00
Saleem Rashid
a10e131ecd nem2: Handle Mosaic Supply Change transactions 2017-10-01 13:24:13 +01:00
Saleem Rashid
327736ca96 nem_mosaics: Whitelist networks 2017-10-01 13:24:13 +01:00
Saleem Rashid
17e33d5517 nem2: Handle Mosaic Definition Creation transactions 2017-10-01 13:24:13 +01:00
Saleem Rashid
b0394622a3 nem2: Warn on unknown mosaics 2017-10-01 13:24:13 +01:00
Saleem Rashid
3a303087ae nem_mosaics: Add DIM TOKEN 2017-10-01 13:24:13 +01:00
Saleem Rashid
9f41ee39ba nem_mosaics: Add DIMCOIN 2017-10-01 13:24:13 +01:00
Saleem Rashid
8dbd6182fb nem_mosaics: Initial commit 2017-10-01 13:24:13 +01:00
Saleem Rashid
4a55dd89e6 nem2: Handle Provision Namespace transactions 2017-10-01 13:24:13 +01:00
Saleem Rashid
b559e5fb6d fsm: Add NEM_CHECK_PARAM macros 2017-10-01 13:24:13 +01:00
Saleem Rashid
563723a55f nem2: Handle multisig transactions 2017-10-01 13:24:13 +01:00
Saleem Rashid
19033a459d fsm: Add NEMSignTx 2017-10-01 13:24:13 +01:00
Saleem Rashid
3057f78837 fsm: Add NEMGetAddress 2017-10-01 13:24:13 +01:00
Saleem Rashid
c331d7e8f0 vendor: Update trezor-crypto 2017-10-01 13:24:13 +01:00
Saleem Rashid
da1262cf4a vendor: Update trezor-common 2017-10-01 13:24:13 +01:00
Jason Zavaglia
8983a346d9 Have coins.h and coins.c generated at build time (#220) 2017-09-30 11:09:11 +02:00
Pavol Rusnak
4b8ac90d10
travis: fix build for old protobuf 2017-09-29 21:12:56 +02:00
Pavol Rusnak
8a6dd3c764
build: use python2 for messages_map.py 2017-09-29 20:48:26 +02:00
Pavol Rusnak
53f5d5c147
u2f: add gandi to known apps 2017-09-29 18:19:13 +02:00
Pavol Rusnak
1072369bc4
firmware: need extra cast for nanopb call in message.c 2017-09-28 13:20:04 +02:00
Pavol Rusnak
1f1c3bf35f
firmware/protob: remove generated stuff 2017-09-28 13:16:15 +02:00
Jason Zavaglia
5cc299facd Generate the protobuf files at build time (#219)
Improve the build reliability by ensuring protobuf files are
generated at build time.
2017-09-28 13:10:32 +02:00
Pavol Rusnak
30367bfad1
reset: refactor code into layoutResetWord 2017-09-04 08:12:33 +02:00
Pavol Rusnak
ef89fc4e89
ethereum: refactor hash_rlp_number 2017-08-31 13:38:50 +02:00
Jochen Hoenicke
5f9cd15b02 Support multi-byte chain-id. (#212) 2017-08-31 13:28:50 +02:00
Pavol Rusnak
07f6e495b7
fsm: fix race condition in GetAddress 2017-08-23 16:36:38 +02:00
Pavol Rusnak
e4cc08775f
vendor: update trezor-common, enable Bitcoin segwit manually 2017-08-16 14:28:21 +02:00
Pavol Rusnak
3e9ebe6c10
changelog: add 1.5.2
+ update vendor/trezor-crypto
2017-08-16 13:59:40 +02:00
Jochen Hoenicke
98e617d874
startup: use custom reset_handler
+ group confidential data in one place
+ zero all SRAM where needed
2017-08-16 13:52:01 +02:00
Pavol Rusnak
a01ba51a2a
storage: copy only required bytes from old storage, bump storage version
+ backup_device: ask for pin, always use correct number of words
2017-08-16 13:11:31 +02:00
Saleem Rashid
9c25e03d98 vendor: Update trezor-crypto 2017-08-14 16:45:11 +02:00
Saleem Rashid
c121627a06 Travis CI: Test matrix of DEBUG_LINK and FASTFLASH
This should catch inconsistencies with Features.coins or if there is a
build configuration that makes the firmware too large.

Also, add MAKEFLAGS and only build STM32F2 support in libopencm3 to
speed up build time
2017-08-14 16:44:44 +02:00
Saleem Rashid
fa7e32fadf protob: Fix Features.coins max_count for DEBUG_LINK=1 2017-08-14 14:49:27 +02:00
Saleem Rashid
7e56a62e8b coins: Add _Static_assert for Features.coins max_count 2017-08-14 14:49:27 +02:00
Pavol Rusnak
e69ef2e75a
coins: include testnet coins just in debug builds
+ add more ethereum tokens
2017-08-13 21:15:34 +02:00
Pavol Rusnak
dd9f7cd926
fix typos in changelog 2017-08-09 15:18:31 +02:00
Pavol Rusnak
1d6329b1bf
changelog: make last release mandatory 2017-07-31 23:00:21 +02:00
Pavol Rusnak
f0d2e7a371
storage: bump version 2017-07-31 22:43:28 +02:00
Pavol Rusnak
ace1d84265
recovery: don't reset storage on typos during dry-run recovery 2017-07-31 20:49:34 +02:00
Pavol Rusnak
a9a414df08
fix typo 2017-07-31 19:40:35 +02:00
Pavol Rusnak
c2c3debd01
changelog: fix typos 2017-07-31 16:31:33 +02:00
Pavol Rusnak
b1838d6867
ethereum: add more tokens 2017-07-31 14:15:10 +02:00
Jochen Hoenicke
33ed08ec32 Fix check for max try and add another check before 2017-07-31 13:13:49 +02:00
Pavol Rusnak
4ee52ab95f
changelog: add more entries 2017-07-31 02:39:24 +02:00
Pavol Rusnak
45ca9bd583
protect: change wording 2017-07-31 02:35:53 +02:00
Pavol Rusnak
82a06ce342
firmware: mark more strings with gettext 2017-07-31 02:31:30 +02:00
Pavol Rusnak
c778d7b9c3
storage: wipe storage after 15 wrong pins 2017-07-31 02:26:28 +02:00
Pavol Rusnak
fa2f5fb33f
update coins 2017-07-30 23:38:01 +02:00
Jochen Hoenicke
3440ead4c9
Fix multisig for BCC 2017-07-30 22:58:26 +02:00
Jochen Hoenicke
5f6948e66b
Remove progress update 2017-07-30 22:57:44 +02:00
Jochen Hoenicke
3c75d28c78 Check input bip32 path again on second pass. 2017-07-30 22:51:18 +02:00
Jochen Hoenicke
6b615ce405 No quadratic hashing for hardfork
Don't hash the whole transaction if forkid is set.  Instead use the
same codepath as for segwit.

Rename segwit_to_spend to authorized_amount and use it for forkid
amount and segwit amount validity checks.

Removed some duplicated code.
2017-07-30 22:51:18 +02:00
Saleem Rashid
979a6ef266 signing: Skip TX_META with SIGHASH_FORKID 2017-07-30 22:51:18 +02:00