arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-11 17:08:15 +00:00
Code Issues Releases Wiki Activity
11,024 Commits 364 Branches 206 Tags 247 MiB
48587d83fe
Commit Graph

982 Commits

Author SHA1 Message Date
Andrew Kozlik
64d9350de2 core/bitcoin: Implement GetOwnershipId message. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
712ec68c1b core/bitcoin: Add support for external inputs with proof of non-ownership. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d4317d1536 core/bitcoin: Implement generation and verification of SLIP-0019 proofs of ownership. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d52de28704 core/bitcoin: Implement BIP-322 SignatureProof container. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d48a372ca7 core/sign_tx: Implement support for signed external inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
78f14d286e core/sign_tx: Factor out get_legacy_tx_digest() from sign_nonsegwit_input(). 2020-07-03 11:17:19 +02:00
Andrew Kozlik
61e2d4d5e5 core/bitcoin: Implement signature verifier. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
5378e12ba2 core/bitcoin: Clarify hash_type vs. sighash_type terminology. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d1e043f417 core/bitcoin: Implement parsing of scripts and witnesses for signature verification. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
173bb7ed13 core/bitcoin: Replace TxInputType parameter in input_derive_script. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
a901573ea2 core/bitcoin: Move script types from helpers to common. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
3b6c1e5e6b core/crypto: Add functions for verifying DER encoded signatures. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
9459c5a5c2 core/common: Add BytearrayReader and basic reader functions. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
99f01cd316 core/sign_tx: Check script_pubkeys of inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
e7f230d66e core/sign_tx: Use varint length encoding for witness stack items. 2020-07-03 11:17:19 +02:00
Tomas Susanka
0f9a2459d3 core: make QR code smaller for Monero 2020-07-01 17:20:04 +00:00
matejcik
e6e3043096 all: implement support for pre-overwinter prevtx (fixes #1030) 2020-06-30 15:19:31 +02:00
Tomas Susanka
e534ae3ad7 legacy, core: rename Features.pin_cached to unlocked and unify 2020-06-19 21:26:36 +02:00
Tomas Susanka
a6acefbdf5 core: wipe before reset and recovery; introduce 'intialized' field 2020-06-16 11:31:29 +02:00
Andrey
1eeaa1e5cf Enable extra_data for Zcoin. Changed coininfo.py 2020-06-15 09:53:00 +02:00
Tomas Susanka
b67be7dd9e core: forbid all settings if not initialized 2020-06-11 18:47:01 +02:00
Tomas Susanka
981d079d7f core/signverify: add failsafe for an empty message header 2020-06-11 09:08:50 +02:00
Tomas Susanka
56fe5adcfc Merge branch 'release/2020-06' 2020-06-10 06:51:18 +00:00
Pavol Rusnak
5262ef84cf common/defs/fido: add aws and tutanota 2020-06-05 14:53:13 +02:00
matejcik
7579ac5274 core: fix rendering issues in homescreens 2020-06-04 16:18:46 +02:00
matejcik
872e0fb0e0 core: lower scheduler resolution to milliseconds 
This avoids problems with large timeouts causing the scheduler queue to
think the time counter has overflown, and ordering the autolock task before
immediate tasks.

The maximum reasonable time difference is 0x20000000, which in
microseconds is ~8 minutes, but in milliseconds a more reasonable ~6
days.
 2020-06-04 16:18:46 +02:00
matejcik
847691798b core: simplify homescreen and lockscreen implementations 2020-06-04 16:18:46 +02:00
matejcik
4bc865794f core: only unlock storage if it is locked (solves determinism issue in tests) 2020-06-04 16:18:46 +02:00
matejcik
70f67883c5 core: fix artifacts in click-based UI tests 2020-06-04 16:18:46 +02:00
matejcik
bc9247e18d core: add Cancel to a list of allowed messages while locked 2020-06-04 16:18:46 +02:00
matejcik
f32c2f9e23 core: replace workflow.kill_default with workflow.close_others 2020-06-04 16:18:46 +02:00
matejcik
01832d5ae9 core: call close_others() in place of ButtonRequest 
this makes sense, really: close_others() requests UI exclusivity, and
that is something that generally happens at the same places we emit a
ButtonRequest
 2020-06-04 16:18:46 +02:00
matejcik
6f53ca0ac6 core: rework wait_layout() 
The original wait_layout was unreliable, because there are no guarantees
re order of arrival of the respective events. Still, TT's event handling
is basically deterministic, so as long as the host sent its messages
close enough to each other, the order worked out.

This is no longer the case with the introduction of loop.spawn: TT's
behavior is still deterministic, but now ButtonAck is processed *before*
the corresponding wait_layout, so the waiting side waits forever.

In the new process, the host must first register to receive layout
events, and then receives all of them (so the number of calls to
wait_layout must match the number of layout changes).

DebugLinkWatchLayout message must be version-gated, because of an
unfortunate collection of bugs in previous versions wrt unknown message
handling; and this interests us because upgrade-tests are using
wait_layout feature.
 2020-06-04 16:18:46 +02:00
matejcik
5d823ff5ea core: use ButtonRequestType.PinEntry for PIN entry 2020-06-04 16:18:46 +02:00
matejcik
42e7c43c7c core: make sure that auto-lock shuts down running workflows 2020-06-04 16:18:46 +02:00
matejcik
2d0206c043 core: replace workflow.on_start/on_close with workflow.spawn 2020-06-04 16:18:46 +02:00
matejcik
a4f47ddd21 core/lockscreen: ignore exception when user taps "unlock" and then cancels 2020-06-04 16:18:46 +02:00
matejcik
7ff1251ee1 core: dim lockscreen (fixes #974) 2020-06-04 16:18:46 +02:00
matejcik
4035aad51b core: implement auto-lock after a configurable timeout (fixes #75) 2020-06-04 16:18:46 +02:00
Andrew Kozlik
5469acfabf core/webauthn: Cache user verification for 3 minutes. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
b867ac1d01 core/webauthn: Implement FIDO2 unlocking from softlock. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
0f81886c9f core/webauthn: Allow confirm_dialog() to return a new state as an alternative to the user response. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
c8ae5c157e core/webauthn: Implement U2F unlocking from softlock. 2020-06-04 16:18:46 +02:00
matejcik
06aed7135a core: do not prompt for PIN just to lock the device again 2020-06-04 16:18:46 +02:00
matejcik
246998910a core: refactor usage of input_signals 
this prevents a certain class of UI test failure. It also localizes the
use of debuglink signals into the layout classes instead of call sites,
which is a design we were already using for confirm_signals
 2020-06-04 16:18:46 +02:00
matejcik
afeeafd5cd core: hide some fields when softlocked 2020-06-04 16:18:46 +02:00
matejcik
b9bd9ea3d0 core: only softlock when PIN is set 2020-06-04 16:18:46 +02:00
matejcik
a9ddc2a8e2 core/boot: modify initial lockscreen label 2020-06-04 16:18:46 +02:00
matejcik
09af8aed4e core: consider lockscreen to be a separate homescreen 
this involves some changes to the workflow defaults:

* workflow.start_default() takes no arguments
* workflow.set_default() (originally replace_default) configures the
  default that will be started by next call to start_default().
  The intended usecase is to set_default() first and then start it
  separately.
* apps.base.set_homescreen() factors out the logic originally in
  main.py, that decides which homescreen should be launched. This uses
  set_default() call. start_default() is then used explicitly in main.py
 2020-06-04 16:18:46 +02:00
matejcik
d73480bc9d core: introduce PIN soft-locking 2020-06-04 16:18:46 +02:00
matejcik
04c8b2803d core: refactor homescreen app, include lockscreen in it 2020-06-04 16:18:46 +02:00
matejcik
9197623d83 core: factor out the decision whether to lock the device 2020-06-04 16:18:46 +02:00
matejcik
32fcc4ad9c core: make verify_user_pin accept a Context argument 2020-06-04 16:18:46 +02:00
matejcik
8ca7ffc3b8 core: use wire.PinCancelled/PinInvalid instead of custom versions 
also refactor show_pin_invalid and its usages so that it raises directly

note that we are now using PinCancelled instead of ActionCancelled where
appropriate
 2020-06-04 16:18:46 +02:00
matejcik
eabfcab9b9 core: add default messages to some error codes 2020-06-04 16:18:46 +02:00
matejcik
341c5b7d10 core/wire: make handler lookup pluggable 2020-06-04 16:18:46 +02:00
matejcik
d5e45c02bb core: move base functions from "homescreen" app to "base" 2020-06-04 16:18:46 +02:00
matejcik
bd5b3a3f21 common: drop Theta and VeChain ERC tokens, refresh market caps 
fixes #1022
fixes #1023
 2020-05-29 12:12:30 +02:00
matejcik
5209804fc3 core: relax path checks on GetPublicKey 
(cherry picked from commit 554d8949f5)
 2020-05-27 06:58:30 +00:00
matejcik
554d8949f5 core: relax path checks on GetPublicKey 2020-05-27 08:56:50 +02:00
matejcik
d59ffe553f make gen 2020-05-25 16:14:05 +02:00
Andrew Kozlik
42eddf8e04 core/sign_tx: validate prevout amount in all cases 2020-05-24 14:36:38 +00:00
Andrew Kozlik
7db3e930d4 core/sign_tx: Add further message sanitization checks. 2020-05-24 14:36:37 +00:00
matejcik
72ef86d79a all: enable extra_data for komodo 2020-05-24 14:36:37 +00:00
matejcik
7a3637d5b0 core/sign_tx: add checks for version_group_id and branch_id fields 2020-05-24 14:36:37 +00:00
Tomas Susanka
9dfc08ca61 core/bitcoin: drop decred_script_version 2020-05-21 19:14:39 +02:00
matejcik
eeb46eabca common: refresh token list 2020-05-21 13:29:13 +02:00
matejcik
2f665c8f84 core: add exception to GetPublicKey for PSBT master fingerprint (fixes #999) 2020-05-21 13:26:53 +02:00
Tomas Susanka
a2f790167d core/bitcoin: fix step 1 and 2 comments in signing 2020-05-19 12:58:45 +00:00
Tomas Susanka
1ac0f60550 core: update isort config to place relative imports last 2020-05-18 14:31:51 +02:00
Tomas Susanka
aa115b6320 core: move decred writers to decred.py 2020-05-18 14:31:51 +02:00
Tomas Susanka
3084ee1eed core/bitcoin: move write_bitcoin_varint to common writers 2020-05-18 14:31:51 +02:00
Tomas Susanka
445f56d387 core/bitcoin: finalize bitcoin refactor 
- core/bitcoin: move common files to the app's root
- core/bitcoin: use require_confirm instead of confirm
- core: move bitcoin unrelated functions from 'bitcoin' to a new 'misc' app
- core/bitcoin: use relative imports inside the app
- core: rename wallet app to bitcoin
- core/wallet: replace SigningErrors and the other exception classes with wire.Errors
 2020-05-18 14:31:51 +02:00
matejcik
de9e73dcbc core/tests: update unit tests for new keychain API 2020-05-15 14:08:29 +02:00
matejcik
f3f6e2101a core/cardano: explanation about seed derivation 2020-05-15 14:08:29 +02:00
matejcik
a31b2cd1bc core/wallet: implement keychain for apps.wallet 2020-05-15 14:08:29 +02:00
matejcik
0dff3853a7 core/ethereum: introduce custom keychain decorators 2020-05-15 14:08:29 +02:00
matejcik
b594248ac2 core: use new keychain decorators where appropriate 2020-05-15 14:08:29 +02:00
matejcik
fd9e945308 core/cardano: use caching decorators and new Keychain API for Cardano as well 2020-05-15 14:08:29 +02:00
matejcik
7541d529a3 core: refactor keychain API, introduce SLIP44 decorator 2020-05-15 14:08:29 +02:00
Dusan Klinec
6b8fc9c894
xmr: major protocol upgrade, CLSAG support added 
- CLSAG signature scheme added
  - type hints added

xmr: optimize protocol, send only required data
  - real_out_additional_tx_keys contains only one element as nothing more is needed during signature
  - only src_entr.outputs[index] is HMACed and always present. Other outputs are present only if needed which reduces comm and CPU overhead.
  - getting rid of subaddresses dictionary (memory requirements), now subaddr indices are present per source entry so keys are computed when needed

xmr: prepare for permutation sending removal, specify index
  - specify source entry ordering index prior sorting by key images as original HMAC keys are generated based on these.
  - permutation checked just by valid HMACs, size of the set, key image sort order
  - sending permutation is now deprecated, will be removed in the following protocol versions
  - more strict state transition checks, guard strict check with respect to steps ordering
 2020-05-13 11:13:19 +02:00
Andrew Kozlik
3de565c33c core/sign_tx: In write_tx_header() rename has_segwit parameter to witness_marker and clarify usage. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
846116a666 core/sign_tx: Improve comments. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
7370077d0c core/sign_tx: Get rid of internal TxOutputBinType messages. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
9f9618944a core/sign_tx: Explicitly pass script to write_tx_input() instead of setting it in txi. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
04bdf1dc6c core/sign_tx: Remove unused index parameters. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c9814e50ba core/sign_tx: Set decred_script_version to 0 by default for decred coins. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
dccf415e0b core/sign_tx: Add write_tx_output() to signer class and override it in Decred. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
bdd1d25979 core/sign_tx: Require change-outputs to be for a non-zero amount. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
d5faeb3f51 core/sign_tx: Clarify sign_nonsegwit_input(). 2020-05-06 13:18:32 +02:00
matejcik
9005093435 core/sign_tx: improve documentation on MatchCheckers 2020-05-06 13:18:32 +02:00
matejcik
0209768ff2 core/sign_tx: improve type hints 2020-05-06 13:18:32 +02:00
matejcik
ff41e5c304 core/sign_tx: improve signer selection readability 2020-05-06 13:18:32 +02:00
Andrew Kozlik
8b89a30955 core/sign_tx: Remove get_prevouts_hash(), get_sequence_hash(), get_outputs_hash() methods from signer classes, because they are only used internally. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
22933587be core/sign_tx: Merge bip143 classes into signer classes. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
6ad3baeab2 core/sign_tx: Refactor BIP-143 signing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
d58cd3987b core/sign_tx: Minor updates based on code review. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
be39f271b0 core/sign_tx: Rework transaction footer writing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
b60f267da9 core/sign_tx: Rework transaction header writing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c1effcc374 core/sign_tx: Updates based on code review. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c2a0f83558 core/sign_tx: Move script derivation to scripts module. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
be7e98aa47 core/sign_tx: Move Bitcoin class to bitcoin.py. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
a07e125793 core/sign_tx: Consolidate wallet path and multisig fingerprint checking. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
27e6720f3d core/sign_tx: cleanup 2020-05-06 13:18:32 +02:00
Andrew Kozlik
987b70f1f5 core/sign_tx: Move header prepending up by one level. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
2ceb091d68 core/sign_tx: Use a preallocated buffer for transaction serialization. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
555259d6a9 core/sign_tx: Remove last_output_bytes in Decred, which is no longer needed. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
f1801764a1 core/sign_tx: Fix segwit/non-segwit input interleaving bug. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
514f2ac649 core/sign_tx: Refactor to use template method. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
95fad83024 core/sign_tx: Derive Zip143 and DecredPrefixHasher from Bip143. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
e9900df18d core/sign_tx: Move Overwintered class to zcash. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
60dbec95ac core/sign_tx: Reuse get_prevtx_output_value() in Decred. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
2b74513e49 core: Fix mypy. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
50c08274b9 core/sign_tx: Move overwintered functionality to separate class. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
c190eed7fc core/sign_tx: Move non-Bitcoin functionality to Bitcoinlike class. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
613c81ea66 core/sign_tx: Refactor wallet_path functions and input_check_multisig_fingerprint. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
0d9984671e core/sign_tx: Fix typing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
79c60615de core: Fix typing. 2020-05-06 13:18:32 +02:00
Andrew Kozlik
ba8b34b2d7 core: Refactor signing. 2020-05-06 13:18:32 +02:00
matejcik
5885978c83 Merge branch 'release/2020-04' 2020-04-15 15:00:23 +02:00
Andrew Kozlik
9e4a8ca785 core/webauthn: Improve error codes for uninitialized device. Return ERR_OPERATION_DENIED only upon user decline or timeout, otherwise it cancels the operation on all connected authenticators. 2020-04-14 12:24:17 +02:00
Andrew Kozlik
bc4e8eaa16 core/webauth: Update readme with Ed25519 algorithm and certificates. 2020-04-09 21:05:28 +02:00
Andrew Kozlik
fca92d7344 core/webauthn: Update attestation certificate to comply with WebAuthn requirements. 2020-04-06 18:29:05 +02:00
Andrew Kozlik
25a39ea729 core/webauthn: Fix handling of interleaving frames to comply with the U2F HID specification. 2020-04-06 09:53:42 +02:00
jagdeep sidhu
e58c5f63d5
common/defs: update SYS (#928) 2020-04-02 00:22:47 +02:00
Tomas Susanka
0b7a8449f8 core: style 2020-03-30 16:04:05 +00:00
Tomas Susanka
bf20537f41 core: add option to omit cancel button in HoldToConfirm; add it to reset 2020-03-30 16:00:12 +00:00
Andrew Kozlik
8ae0535e69 core/webauthn: Fix attestation statement format to use a list in the x5c field. 2020-03-24 16:18:37 +01:00
Tomas Susanka
aa71c20f2c core: require hold to confirm 2020-03-24 09:20:10 +00:00
Tomas Susanka
f786d75a6f core: drop obsolete check for ANYONECANSPEND segwit outputs 2020-03-20 14:19:31 +00:00
Tomas Susanka
d0d41c884e legacy: move script type checks to separate functions and unify with core 2020-03-20 14:19:31 +00:00
matejcik
da89a17ce5 all: add checks for prev_hash size 2020-03-20 14:19:31 +00:00
matejcik
c15519f707 core/sign_tx: modify get_tx_header to avoid writing unchecked bytes 2020-03-20 14:19:31 +00:00
matejcik
9cab61fbd3 core/sign_tx: remove write_bytes_unchecked where appropriate 2020-03-20 14:19:31 +00:00
matejcik
27f6306e1d core: introduce safer write_bytes functions 2020-03-20 14:19:30 +00:00
matejcik
9a5f6b025a core/tezos: factor out writing Michelson instructions 2020-03-20 14:19:30 +00:00
matejcik
694f714719 core/ripple: rename write_bytes to avoid name collision 2020-03-20 14:19:30 +00:00
Tomas Susanka
64584e271c legacy, core: add and unify validation checks 2020-03-20 14:19:30 +00:00
matejcik
ffdb299c61 all: drop Capricoin support [NO BACKPORT] 2020-03-20 14:19:30 +00:00
matejcik
adea7d6b35 all: make timestamp mandatory on timestamp-enabled coins 2020-03-20 14:19:07 +00:00
matejcik
e2035b4972 all: drop Horizen and BIP-115 support [NO BACKPORT] 2020-03-20 14:19:07 +00:00
matejcik
6f9c6361ea core: remove negative_fee and cashaddr_prefix from bitcoin-only fw 2020-03-20 14:18:27 +00:00
matejcik
7d5771911c core: flip condition for force_bip143 
this should be equivalent because Bitcoin does not have force_bip143 set
 2020-03-20 14:18:27 +00:00
matejcik
ed464f3d47 all: ensure expiry, timestamp and extra_data are blocked as appropriate 2020-03-20 14:18:27 +00:00
matejcik
27803ee8c1 all: drop overwintered field from transaction 2020-03-20 14:18:27 +00:00
matejcik
c9fd3f77a5 all: add overwintered field to coin specification 2020-03-20 14:18:27 +00:00
Pavol Rusnak
817b922850 all: add extra_data and timestamp fields to coin specification 2020-03-20 14:18:27 +00:00
matejcik
136307bcae core: propagate coin info to all sanitize functions 2020-03-20 14:17:44 +00:00
matejcik
303c05aba7 core/sign_tx: check if prev_tx has enough outputs to match prev_index 2020-03-20 14:17:44 +00:00
Andrew Kozlik
a34637c0f2 core/sign_tx: Check multisig fingerprint before signing inputs. 2020-03-20 14:17:44 +00:00
Tomas Susanka
163220e4b7 core/wallet: properly check decred input 2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
6274cfdf8b core: remove unreachable zcash code 2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
d61181d7e8 core: fix transaction header for mixed segwit inputs 2020-03-20 14:17:44 +00:00
Tomas Susanka
f0a39df75d core/wallet: check inputs and outputs right after receiving them 2020-03-20 14:17:44 +00:00
Tomas Susanka
0903159d9b core, legacy: make sure OPRETURN ouput is not marked as change 2020-03-20 14:17:44 +00:00
Tomas Susanka
4af9aa547e core: forbid unnecessary fields in OPRETURN output 2020-03-20 14:17:44 +00:00
Andrew Kozlik
d800fcbf9f core/sign_tx: If there is a non-multisig input, then change output cannot be multisig. 
(cherry picked from commit 8eb6ce0899)
 2020-03-20 14:17:44 +00:00
Andrew Kozlik
b3cd760df0 core/webauthn: Disable CTAPHID_WINK function. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
e5008eb332 core/webauthn: Remove indistinguishable credentials from the allow list. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
cda9de8dd1 core/webauthn: Add maxCredentialCountInList and maxCredentialIdLength to authenticatorGetInfo response. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
0af0e06d5b core/webauthn: Truncate names in credential data to at most 100 bytes. 2020-03-20 15:07:06 +01:00
matejcik
f6f041e269 core/sdcard: also catch OSError in the formatting phase 2020-03-20 14:03:28 +01:00
matejcik
3a71a5a05c core/sdcard: show "Wrong SD card" when unlocking SD protect with unformatted card 2020-03-20 14:03:28 +01:00
matejcik
3789a3372b core/sdcard: modify exception handling in fatfs 
expose ff.c constants, raise them as arguments to FatFSError

introduce NotMounted and NoFilesystem as subclasses of FatFSError with
the appropriate error code set
 2020-03-20 14:03:28 +01:00
Andrew Kozlik
8ee0026637 core: Allow PIN entry even when SD protect is enabled and the card is not present. 2020-03-19 15:04:33 +01:00
Konnor Klashinsky
70a1f957ed
Fix BackupDevice layout on 18-word seed wallets 2020-03-13 13:41:04 +13:00
Andrew Kozlik
2f905a1157 core/webauthn: Add algorithm and curve to WebAuthnListResidentCredentials response. 2020-03-12 15:45:26 +01:00
Andrew Kozlik
f610787f8d core/webauthn: Clean up bytes/bytearray typing around uctypes. 2020-03-12 15:45:26 +01:00
Andrew Kozlik
e378820f7f core/webauthn: Implement support for Ed25519 signatures in FIDO2. 2020-03-12 15:45:26 +01:00
Dusan Klinec
2658e253fa xmr/bp: memory optimizations and improvements 
- different approach to vector manipulation - more on the fly operations. Prepared for fully offloaded operations, BP on Trezor with constant memory.
- memory requirements reduced from (4MN + const) to (2MN + const)
- more raw methods to avoid unnecessary encoding/decoding
- chunking improved, chunk size set as a constant, changed from 64 to 32, missing pieces implemented to cover also BP 16
- proof_v8 support discontinued, old hardfork, not needed anymore
- get_exponent register clash fixed (for large vectors)
- reduced heap fragmentation by removing some temporary allocations
- hashing with len and offset to reduce heap fragmentation by creating a sliced arrays
- use to() wherever possible to avoid allocations and return of mutable private object
- global functions start with _ prefix, reduce import footprint
- use __slots__ in classes to minimize footprint
 2020-03-02 12:17:03 +01:00
Tomas Susanka
21676a0662 ore/tezos: better wording in delegation cancel 2020-03-02 08:49:34 +00:00
matejcik
7f91bc571c core: ensure default task restarts after a passphrase workflow (fixes #883) 2020-02-28 15:55:40 +01:00
Tomas Susanka
5ee6e56f56
Merge pull request #880 from trezor/tsusanka/sign-verify-ui 
Unify sign/verify message dialogs and fix text overflow
 2020-02-28 15:47:48 +01:00
matejcik
bd9663af79 common/defs: update token reference, add new tokens to 2.3.0/1.9.0, regenerate coins_details 2020-02-27 19:13:17 +01:00
Tomas Susanka
86b010a18b
Merge pull request #878 from trezor/matejcik/fatfs-corruption 
FatFS API rework
 2020-02-27 15:58:38 +01:00
Tomas Susanka
a8af9feebe core: fix text overflow in some dialogs 2020-02-27 12:43:33 +00:00
Tomas Susanka
744c32991f core: unify sign/verify functions 
The UI records are modified because of two changes:
- Added a coin name to the Sign/Verify screen (ETH/Lisk).
- Unified to use mono.
 2020-02-27 12:43:33 +00:00
Tomas Susanka
495a59c282 core: use wire errors instead of ValueErrors where applicable 2020-02-27 10:46:01 +00:00
matejcik
18ac4fc9ca core: update Python facing APIs 2020-02-27 10:56:23 +01:00
matejcik
d7b9582386 core/sdcard: add ensure_filesystem option (fixes #868) 
It is possible to call `ensure_sdcard` in a way that requires only SD
card be inserted, but not necessarily formatted.

This is useful for SD-protect and possibly other use-cases where the SD
card is read-only, and "not formatted" is identical to "not containing
the right files".
 2020-02-24 13:28:44 +01:00
Tomas Susanka
6c47bf8230 core: store multiple sessions/caches at the same time 2020-02-21 14:40:42 +01:00
Pavol Rusnak
562671401e
Merge pull request #860 from trezor/prusnak/multisig-show-yours-others 
core: show yours/others in get_address for multisig
 2020-02-20 13:49:13 +01:00
matejcik
ddee77ecb6 core: add SD clearing via debuglink 2020-02-20 12:51:48 +01:00
matejcik
1e9352b9e0 core: add SD format dialog, generalize sdcard usage 2020-02-20 12:51:48 +01:00
Pavol Rusnak
7944c1a837
core/monero: add confirmation dialog for unlock_time 2020-02-19 14:31:45 +00:00
Pavol Rusnak
a808cc9190
core/apps: await require_confirm should be called without return 2020-02-19 14:31:45 +00:00
Pavol Rusnak
b9486c0b33
core: show yours/others in get_address for multisig 2020-02-18 22:39:55 +00:00
Tomas Susanka
f947fe97cc core: fix style 2020-02-11 16:41:43 +01:00
Tomas Susanka
0a13f7a441 core: properly limit passphrase to 50 bytes 2020-02-11 15:39:08 +00:00
Tomas Susanka
2c0504ad1c
Merge pull request #803 from trezor/passphrase 
Passphrase Redesign
 2020-02-11 16:01:59 +01:00
matejcik
05a1d6f771 core/debug: add "show arbitrary screen" capability, for easier prototyping 2020-02-11 11:53:34 +01:00
Tomas Susanka
15ed5cd19e
core: do not clear cache on ClearSession 2020-02-07 11:41:03 +00:00
Tomas Susanka
fd0dc8ed66
core/passphrase: merge 'get from user' functions 2020-02-07 11:41:03 +00:00
Tomas Susanka
7d7ffe3b67
cardano: derive the root and then cache 2020-02-07 11:41:02 +00:00
matejcik
938f347514
core: use DUMMY_CONTEXT constant instead of own instance 2020-02-07 11:41:02 +00:00
matejcik
1f50a13edf
core: use cache for Monero live refresh confirmation 2020-02-07 11:41:02 +00:00
Tomas Susanka
b96d7cafbb
core: rework cache and fix cardano caching 2020-02-07 11:41:01 +00:00
Tomas Susanka
aa6988a556
core/ui: introduce draw_simple 2020-02-07 11:41:01 +00:00
Tomas Susanka
d5763d9cab
all: implement code review comments 2020-02-07 11:41:01 +00:00
Tomas Susanka
c65b57affb
core, legacy: remove passphrase_cached 2020-02-07 11:41:00 +00:00
Tomas Susanka
8fa0d8f098
core/passphrase: show dialog to enter the passphrase on host 2020-02-07 11:41:00 +00:00
Tomas Susanka
a3f3d4fcdb
remove ping.passphrase/pin 2020-02-07 11:41:00 +00:00
Tomas Susanka
b5d6aaf77c
tests: test PassphraseAck options 2020-02-07 11:41:00 +00:00
Tomas Susanka
ece351c5e5
core: do not prompt for passphrase if 'always' setting is enabled 2020-02-07 11:40:59 +00:00
Tomas Susanka
466dc4732d
core/passphrase: add button requests 2020-02-07 11:40:59 +00:00
Tomas Susanka
4a0f727f13
core: fix monero 2020-02-07 11:40:59 +00:00
Tomas Susanka
cd09f9ce94
all: modify passphrase source to always on device 2020-02-07 11:40:59 +00:00
Tomas Susanka
eafd57c301
common, core: add passphrase entry capability 2020-02-07 11:40:58 +00:00
Tomas Susanka
90d5cdfd5b
all: rework passphrase 
The `on_device` field is being moved to PassphraseAck, State messages
are removed. Features newly contain `session_id`.
 2020-02-07 11:40:58 +00:00
Tomas Susanka
277e494ffa core/recovery: end dry run before showing success 
updates #815
 2020-02-03 12:12:49 +00:00
EtherCore Contributor
c03caaf76a
common/defs: switch ERE logo (#808) 2020-01-29 10:49:21 +01:00
Tomas Susanka
0053511c66 utils: introduce format_plural and move format functions to strings.py 2020-01-24 16:25:14 +01:00
matejcik
2294fb0453 core: drop unused env variables (TREZOR_TEST, TREZOR_SAVE_SCREEN) 2020-01-23 18:43:20 +01:00
matejcik
29e883ab59 core/monero: fix usage of ctx.wait in pagination 2020-01-23 15:46:09 +01:00
matejcik
a79279115e core: move confirm_signal evaluation into concrete Layout implementations 
Apart from making the code more correct for its users in
apps.common.confirm and elsewhere, this fixes a problem where the
confirm_signal would be scheduled before the dialog is rendered.
By making sure that handle_rendering is scheduled (i.e., listed in
create_tasks) before confirm_signal, we can be sure to render at least
once and thus appear in the UI test results.
 2020-01-23 15:45:10 +01:00
Pavol Rusnak
8a36ead915
common/defs: add Faceboook to recognized apps 2020-01-16 15:35:45 +00:00
Andrew Kozlik
289d8276eb core/fido2: check for HID timeout in send_cmd() (#791) 2020-01-11 14:33:24 +01:00
Tomas Susanka
7c41b40dff
tests: introduce UI tests for core with diffs (#784) 
tests: introduce UI tests for core with diffs
 2020-01-10 20:39:31 +01:00
Tomas Susanka
30858c4969 tests/ui: omit the red square from screenshots 
except the first one on homescreen because it gets rendered only once
 2020-01-10 08:25:12 +00:00
matejcik
f90ba10af3 core: modify function signatures to match python-shamir-mnemonic 2020-01-09 16:00:33 +01:00
Tomas Susanka
51ef963738 tests: introduce UI tests for core 2020-01-03 14:28:27 +00:00
Tomas Susanka
d8e956fc6d core/recovery: change exceptions types; modifications in tests 2019-12-30 11:35:56 +00:00
Tomas Susanka
7f730cb6f9 core/recovery: refactor to exceptions 2019-12-27 19:02:30 +00:00
Tomas Susanka
f4e11a9176 core/recovery: rework arguments 2019-12-27 18:46:22 +00:00
Tomas Susanka
faa9078c2b core/recovery: refactor word checks and add a test 2019-12-23 13:40:45 +01:00
Tomas Susanka
6594ee9368 core/recovery: correctly inform about share already entered inside first group 2019-12-19 17:07:44 +00:00
Pavol Rusnak
d6a3725955
common: remove coins with no trezor compatible wallets 2019-12-15 18:19:36 +00:00
Pavol Rusnak
e5bdf0d51b
Merge pull request #742 from trezor/language 
common: change language field to IETF BCP 47 language tag
 2019-12-12 18:07:54 +01:00
Andrew Kozlik
0432f5e801 webauthn: Add use_self_attestation flag to FIDO apps. 2019-12-11 15:29:52 +01:00
Andrew Kozlik
2e9db44434 core/webauthn: Add AAGUID to README.md. 2019-12-10 15:56:41 +01:00
Pavol Rusnak
7646b97dca
common: divisibility -> decimals 2019-12-09 17:43:47 +01:00
matejcik
3a132e594e core/stellar: make sure function that awaits is async 2019-12-09 16:31:46 +01:00
matejcik
ac6e23fb87 mako: improve local variable name 2019-12-09 16:31:46 +01:00
matejcik
558020be01 common: drop lastpass from FIDO apps 
as it doesn't actually support FIDO/U2F
 2019-12-09 16:31:46 +01:00
matejcik
67b2ba558b core: auto-generate list of FIDO known apps 
and improve code for loading icons
 2019-12-09 16:31:46 +01:00
matejcik
a46fd6f508 core: auto-generate FIDO icons 2019-12-09 16:31:46 +01:00
Pavol Rusnak
bb8d809a6d
common: change language field to IETF BCP 47 language tag 2019-12-08 11:27:10 +01:00
Tomas Susanka
61430d800e core/stellar: add screen for timebounds 2019-12-05 14:31:28 +00:00
Pavol Rusnak
3d50bb5ed8
common: add Peercoin, regenerate coins 2019-12-05 09:43:32 +00:00
Pavol Rusnak
5301c03607
common: add coin.divisibility attribute 
legacy: remove has_address_type/has_address_type_p2sh
 2019-12-05 04:30:51 +01:00
Andrew Kozlik
6ca0288092
Merge pull request #720 from trezor/andrewkozlik/wipe-code 
Implement wipe code feature.
 2019-12-04 15:24:49 +01:00
Andrew Kozlik
420a4b8ba7 core/webauthn: Close U2F confirmation screen if browser stops polling for more than 3 seconds. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
0b851d6959 core/webauthn: Reply with ERR_CHANNEL_BUSY once a U2F request has been declined to stop Chrome from polling. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
4d3c634732 core/webauthn: Use different return code when user verification is requested but PIN is not set to get better browser behavior. Related to cf6949332f. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
a63ff8f9b4 core/webauthn: Add bogus app ID used by Firefox to indicate error in U2F. Figure out which error to display based on past U2F_AUTHENTICATE check-only requests on the same channel. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
a704bfe184 core/webauthn: Allow only one CTAPHID_WINK command at a time on any given channel ID to fix continuous display blinking with Android. 2019-12-03 14:18:43 +01:00
Andrew Kozlik
3a4e9bd25c core/ui: Ignore any new alert requests if an alert is already in progress in order to avoid multiple alerts overlapping. 2019-12-03 14:18:43 +01:00
Andrew Kozlik
7c39e2f142 core/webauthn: Specify the exception raised by res.load(). 2019-11-26 15:44:05 +01:00
Andrew Kozlik
790178a442 fixup! core/webauthn: Allow new workflow to be set after a command response is sent, so that in device tests the next test doesn't fail with ERR_CHANNEL_BUSY while the previous workflow is closing. 2019-11-26 15:18:14 +01:00
Andrew Kozlik
c463069895 core/webauthn: Don't log an exception when a relying party is not listed in knownapps. 2019-11-26 15:18:14 +01:00
Andrew Kozlik
203853faed core/webauthn: Allow new workflow to be set after a command response is sent, so that in device tests the next test doesn't fail with ERR_CHANNEL_BUSY while the previous workflow is closing. 2019-11-26 15:18:14 +01:00
Andrew Kozlik
1bc8226a50 common, core: Add wipe_code_protection to the Features message. 2019-11-25 12:32:20 +01:00
Andrew Kozlik
a3b608d8dd storage, core: Reveal the wipe code status after the device is unlocked. 2019-11-25 12:32:20 +01:00
Andrew Kozlik
a168d661cf core: Add support for ChangeWipeCode message. 2019-11-25 12:32:20 +01:00
Andrew Kozlik
2ae1d9a935 webauthn: Disable signature counter in FIDO2 for dropbox.com, gandi.net, secure.login.gov. 2019-11-21 13:59:45 +01:00
matejcik
1f6cc77dec upgrade black to 19.10b0 2019-11-20 16:02:47 +01:00
matejcik
34913a328a all: disallow most RecoveryDevice fields in dry-run (fixes #666) 2019-11-20 12:27:57 +01:00
Pavol Rusnak
d029920540
core/webauthn: update metadata 2019-11-16 10:53:10 +00:00
Pavol Rusnak
e1e081fb7a
core/webauthn: fix metadata 2019-11-13 17:16:23 +01:00
matejcik
09962708d3 core: move load_device to the debug app 2019-11-13 16:48:35 +01:00
matejcik
fd8aed6105 all: drop XPRV feature of LoadDevice 2019-11-13 16:48:35 +01:00
Pavol Rusnak
16af7f1353 common: add {needs,no}_backup flags to LoadDevice, make it debug only 2019-11-13 16:48:35 +01:00
Pavol Rusnak
cde944b565
Merge branch 'reorder-usb' 2019-11-13 16:23:07 +01:00
Pavol Rusnak
df273bf836
core/usb: reorder endpoints 2019-11-13 13:21:39 +01:00
Tomas Susanka
a8b82975a1 core/management: get next u2f counter 2019-11-13 10:55:52 +00:00
matejcik
c96d5ab1bc core/sd_salt: check if sd_salt is enabled before asking for SD card 2019-11-11 16:16:42 +01:00
matejcik
0c4fa03575 core/sd_salt: properly await ensure_sd_card 2019-11-11 16:14:43 +01:00
matejcik
75622d92d2 Merge branch 'master' into matejcik/storage-relocation 2019-11-11 14:39:00 +01:00
matejcik
dee47a06f2 core/sd_salt: ensure ProcessErrors are propagated properly 2019-11-11 14:37:20 +01:00
Tomas Susanka
597277725e core/recovery: end progress before showing success 
This fixes #695. This was the default behaviour but we have changed it
because of Wallet, which was doing the polling. Since Wallet can now
send RecoveryDevice again and acquire Context this is no more needed.
 2019-11-11 10:39:07 +00:00
matejcik
18ab677124 core/webauthn: rename storage.webauthn to storage.resident_credentials 2019-11-08 12:47:54 +01:00
matejcik
f03562cca0 core/sd_salt: decorate sd_salt functions to ensure proper finalization and power-off 2019-11-08 12:42:30 +01:00
matejcik
33bd4d3ba9 Merge branch 'master' into matejcik/storage-relocation 2019-11-07 12:51:02 +01:00
matejcik
7cb125d1cb core/recovery: properly replace homescreens 2019-11-07 11:27:45 +01:00
matejcik
a3930d4bdb core: rename close_default to a more appropriate kill_default 2019-11-07 11:27:45 +01:00
Tomas Susanka
ca484b2c06 core: remove persistence boot and set recovery as a default workflow 2019-11-07 11:27:45 +01:00
matejcik
28d30ffd2f core/webauthn: unify signatures of Credential.from_bytes and friends 2019-11-06 13:56:52 +01:00
Pavol Rusnak
0040b916d2
common/defs: remove inactive coins 2019-11-03 10:44:22 +00:00
Pavol Rusnak
2d8f70d49a
common/defs: add mojeid.cz definition to webauthn 2019-11-01 12:54:28 +00:00
apollo
18c926a34b common/defs: fix zcore signing (#669) 2019-11-01 00:18:03 +01:00
matejcik
5c93ecd53a core: create top-level storage module 
This is to avoid including app-specific functionality in storage and
avoid circular imports. The following policy is now in effect: modules
from `storage` namespace must not import from `apps` namespace.

In most files, the change only involves changing import paths.

A minor refactor was needed in case of webauthn: basic get/set/delete
functionality was left in storage.webauthn, and more advanced logic on
top of it was moved to apps.webauthn.resident_credentials.

A significant refactor was needed for sd_salt, where application (and
UI) logic was tightly coupled with the IO code. This is now separated,
and storage.sd_salt deals exclusively with the IO side, while the app/UI
logic is implemented on top of it in apps.common.sd_salt and
apps.management.sd_protect.
 2019-10-31 16:21:56 +01:00
Pavol Rusnak
39a532c8b1
core/webauthn: increase limit for resident credentials to 100 2019-10-31 14:27:46 +00:00
Pavol Rusnak
4979e17e86
core/webauthn: improve metadata 2019-10-30 17:53:09 +01:00
Tomas Susanka
809b30ddcf core/webauthn: set webauthn interface in its app not in main.py 
This way the other messages (WebAuthnListResidentCredentials etc.) get
registered in device debug build and can be tested.

Updates #591
 2019-10-30 14:38:04 +01:00
Pavol Rusnak
727b7f8cd3
core/webauthn: add u2f/ctap2 metadata 2019-10-28 21:33:15 +01:00
Tomas Susanka
64a218eea0 bitcoin: simplify if expression 2019-10-28 15:35:58 +00:00
Pavol Rusnak
0f1e30b235
core: fix typo in get_address 2019-10-24 11:42:40 +02:00
Pavol Rusnak
9a3d8ef2c4
core: show xpubs in GetAddress for multisig 
also fix not showing MultisigRedeemScriptType.nodes correctly
 2019-10-24 09:11:01 +00:00
Pavol Rusnak
322417d9ed
core/tezos: refactor bytes constants 2019-10-23 16:29:21 +00:00
Adrian Nagy
384275ac73
core/tezos: support the new protocol update (005-BABYLON) 2019-10-23 17:53:10 +02:00
matejcik
a5ccf95260 core: fix mypy problems 2019-10-22 17:06:49 +02:00
matejcik
8d2ae142f3 core/debug: at start, wait for first layout to show up 2019-10-22 17:06:49 +02:00
matejcik
a8fc569016 debug: add support for general layout waiting 2019-10-22 17:06:49 +02:00
matejcik
97525654bb core/debug: avoid running a handler when waiting for layout change 
otherwise a running handler would prevent the default task from
starting, which would deadlock a test waiting for the default task
 2019-10-22 17:06:49 +02:00
matejcik
3664a5f06f core/debug: reading layouts, inserting synthetic events 2019-10-22 17:06:49 +02:00
matejcik
d17f879d97 mypy: use GenericContext protocol to work-around DummyContext 2019-10-22 14:36:25 +00:00
matejcik
ed190c772c core: avoid circular import in sd_salt 2019-10-22 14:36:25 +00:00
Tomas Susanka
0511cc8b8c core: add final mypy fixes! 2019-10-22 14:36:25 +00:00
Tomas Susanka
8f34b4c5de
Merge pull request #628 from trezor/tsusanka/sdprotect-fix 
Skip sd protect test on device
 2019-10-22 15:40:03 +02:00
Pavol Rusnak
ddd9bee059
common/defs: regenerate coins 2019-10-22 09:03:32 +00:00
Pavol Rusnak
c2aa8a04c0
common/defs: update tokens 2019-10-22 10:59:52 +02:00
Pavol Rusnak
178d58c763
common/defs: remove BTDX as it has no Trezor compatible wallet 2019-10-21 09:48:19 +00:00
Pavol Rusnak
4e5b60ec2b
common/defs: remove BITC per maintainer request 2019-10-20 17:11:43 +00:00
Pavol Rusnak
3ebc79f9b2
common/defs: remove MEC per maintainer request 2019-10-19 17:14:32 +00:00
Andrew Kozlik
60f6ab9087 core: Fix mypy warnings. 2019-10-18 14:36:40 +02:00
Andrew Kozlik
39b4376b65 core/sd-protect: If writing to the SD card fails in request_sd_salt(), inform the user and allow them to retry or abort. 2019-10-18 14:34:43 +02:00
Pavol Rusnak
9b7a2095b3
common/defs: update coins info 2019-10-18 10:14:33 +00:00
Tomas Susanka
0f34b50c05 core/features: add sd card and protection 2019-10-17 16:04:11 +02:00
Pavol Rusnak
d17ced9305
common/defs: remove ZCL as per maintainer request 2019-10-16 20:50:45 +00:00
Pavol Rusnak
d28bc3c3a6
common/defs: remove BSD - website does not exist, maintainer not reachable 2019-10-16 10:18:33 +00:00
Pavol Rusnak
3e20c51dbf
common/defs: remove MTNS - maintainer not reachable 
website does not exist, backends don't work
 2019-10-16 10:15:19 +00:00
apollo
74bcc05e2e common/defs: add ZCR (#611) 2019-10-11 21:01:11 +02:00
Pavol Rusnak
ab534c18d3
Merge pull request #612 from trezor/andrewkozlik/sd-protect-ui 
SD-protect error handling
 2019-10-10 15:48:27 +02:00
Andrew Kozlik
564b24191e debug: Add left and right swipe direction to DebugLinkDecision message and unify terminology around swipe direction. 2019-10-10 14:56:49 +02:00
Andrew Kozlik
9a641b6b01 core/sd-protect: Allow user to retry if write fails. 2019-10-10 12:17:36 +02:00
Andrew Kozlik
795fa07822 core/sd-protect: Add SD_CARD_HOT_SWAPPABLE option and improve error handling. 2019-10-10 12:17:36 +02:00
Andrew Kozlik
710866074b core/webauthn: Fix mypy warnings. 2019-10-09 18:13:48 +02:00
Andrew Kozlik
c25a41aa57 core: Fix mypy warnings in FatFS and SD salt code. 2019-10-09 17:07:25 +02:00
Andrew Kozlik
5401f88d52 core/webauthn: Fix user input timeout bug. 2019-10-09 15:18:25 +02:00
Tomas Susanka
a2fed79f7e
Merge pull request #603 from trezor/tsusanka/groups-info 
Small refactor in Info dialog
 2019-10-09 10:15:34 +02:00
Andrew Kozlik
e385eae433 core/webauthn: Use popups for webauthn error messages instead of confirmation dialogs to simplify device testing. 2019-10-08 13:29:15 +02:00
Andrew Kozlik
8ce8916beb core/webauthn: Remove AUTOCONFIRM option. 2019-10-08 13:29:04 +02:00
Sirak Ghazaryan
8317774e06 common/defs: enable CRW (#600) 2019-10-07 14:39:37 +02:00
Tomas Susanka
29bb2dcb95
Add unit test for process_slip39 function (#601) 
Add unit test for process_slip39 function
 2019-10-04 21:57:37 +02:00
Tomas Susanka
74a283c271 core/recovery: small refactor in Info dialog 2019-10-04 15:21:39 +02:00
Andrew Kozlik
ba9eee3b8f core, legacy: Don't allow change_pin if device is not initialized. 2019-10-04 13:54:43 +02:00
Tomas Susanka
75dfcacc21 core/tests: add unit test for process_slip39 function 
updates #542
 2019-10-03 16:54:35 +02:00
Tomas Susanka
07b4f6e399 core/recovery: remove unused get/set_slip39_threshold 2019-10-03 09:57:35 +00:00
Pavol Rusnak
adbec13779
core/sd_salt: fix bug introduced in ede1a0bae3 2019-10-02 16:46:42 +00:00
Pavol Rusnak
04466402ce
core/monero: use const where possible 2019-10-02 15:45:36 +00:00
Pavol Rusnak
ed0336c0a9
core/monero: add gc.collect before large allocations in bulletproof code 2019-10-02 15:45:33 +00:00
Pavol Rusnak
5f980b50a0
core/monero: refactor bulletproof look-up-tables 2019-10-02 15:43:03 +00:00
Pavol Rusnak
ede1a0bae3
core/sd_salt: introduce _get_device_dir, _get_salt_path 
prefix dialog functions with underscore
 2019-10-02 15:39:42 +00:00
Pavol Rusnak
2e877b5762
core: refactor fido2 stuff into webauthn/fido2 2019-10-01 14:02:28 +00:00
matejcik
3c62db2696 stellar: fix ManageDataOp value padding 2019-10-01 15:12:37 +02:00
Andrew Kozlik
18998ff42f core/webauth: Remove "alg" parameter validation for key-agreement public keys to avoid compatibility issues. 2019-10-01 12:05:14 +02:00
Andrew Kozlik
4a81101c84 core/webauthn: Modify error handling to match fido2-tests. 2019-10-01 11:55:36 +02:00
Andrew Kozlik
9537bc40a5 core/webauthn: Use ECDH_ES_HKDF_256 instead of ES256 as the algorithm type for key-agreement keys. 
ECDH_ES_HKDF_256 is the wrong type to use, since the key-agreement does not use HKDF, but ES256 is even more wrong, because it is an ECDSA type rather than an ECDH type. Currently there is no correct algorithm type defined. ES256 is used by libfido2, whereas ECDH_ES_HKDF_256 is used by Chrome, YubiKey and SoloKey, so it has the majority.
 2019-09-30 19:37:46 +02:00
Andrew Kozlik
500401d81f core/webauthn: Place a 500 ms timeout on CTAP HID continuation packets. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
0495d18b1e core/webauthn: Fix CTAP HID protocol to correctly handle invalid channel IDs and interleaving packets from different channels. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
9ea8136545 u2f: Add keepersecurity.eu to knownapps. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
e4c13b6357 u2f: Store hashes of U2F application parameters instead of pre-images. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
6a33889706 common/webauthn: Add new URLs for gandi.net and Slush Pool. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
528ee9ccf1 core/webauthn: Ensure user-presence option is not present in MakeCredential requests. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
e341f133a3 core/webauthn: Add length checks in CTAPHID protocol. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
ae70741e48 core/webauthn: Add more type checking for CBOR command parameters and return CTAP2_ERR_CBOR_UNEXPECTED_TYPE. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
5ca4ed2347 core/webauth: Add _AUTOCONFIRM option for testing. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
7ad1467dbf core/webauthn: Process debuglink signals in Fido2ConfirmGetAssertion. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
3d91cb5c5b core/webauthn: Return ERR_MISSING_PARAMETER instead of generic error. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
eaf63fff45 core/webauthn: In GetAssertion do not return user ID for server resident credentials. 2019-09-26 19:02:29 +02:00
Andrew Kozlik
f54c968039 core/webauthn: Validate U2F key handle length. 2019-09-25 21:06:36 +02:00
Andrew Kozlik
638a861137 core/webauthn: Add U2F_V2 to authenticatorGetInfo supported versions. 2019-09-25 20:00:11 +02:00
Andrew Kozlik
cf6949332f core/webauthn: Claim that PIN is set even when it's not, because login.live.com shows an error, but doesn't instruct the user to set a PIN. 2019-09-25 20:00:11 +02:00
Andrew Kozlik
5e99058832 common/webauthn: Add webauthn RP ID for google.com. 2019-09-25 19:59:59 +02:00
Pavol Rusnak
40c66e6d85
core: handle removal of non-existing PIN in require_confirm_change_pin 2019-09-25 17:35:37 +00:00
Pavol Rusnak
6c14ee7ec0
core: initialize fatfs only after we know the SD card is powered 2019-09-25 12:13:52 +02:00
Pavol Rusnak
7394ecfa77
core: add exist_ok parameter to fatfs.mkdir 2019-09-25 12:13:52 +02:00
Tomas Susanka
f53694c3fe core/recovery: rename variable and add a comment in Info button 2019-09-24 16:12:19 +02:00
Tomas Susanka
6c6bd44ee8 core/recovery: fix Info button when the threshold was reached (#566) 2019-09-24 16:10:09 +02:00
matejcik
65d2a55bff core/recovery: improve comment 2019-09-24 14:07:46 +02:00
matejcik
02ee0b63c0 core/recovery: fix type signature of _process_words 2019-09-24 14:07:08 +02:00
matejcik
1c53c2bdf2 core/recovery: allow changing word count again (fixes #554) 2019-09-24 14:04:51 +02:00
Tomas Susanka
7f959250e7
Merge pull request #563 from trezor/tsusanka/562-fix-info-btn 
core/recovery: fix Info dialog
 2019-09-24 13:20:14 +02:00
ciny
1337ff97b7 core: fixed confirmation screen during advanced slip39 reset flow 2019-09-24 12:11:18 +02:00
Tomas Susanka
51bf0dde12 core/recovery: fix Info dialog 
closes #562
 2019-09-24 11:23:29 +02:00
Pavol Rusnak
78041d261b
crypto: refactor bip39 api 2019-09-23 17:56:36 +02:00
Andrew Kozlik
524a2ac721 core: Show success dialogs in sd-protect. 2019-09-23 10:38:58 +02:00
Andrew Kozlik
a7485c0840 core: In sd-salt and webauthn error dialogs replace "X" button with "Close" button. 2019-09-23 10:38:58 +02:00
Andrew Kozlik
de74750569 core: Show success and failure dialogs in change-pin. 2019-09-23 10:38:58 +02:00
matejcik
03f1403c93 core: clean up backup type handling in reset_device 2019-09-20 18:00:14 +02:00
matejcik
78ecc38b1b core: fix BIP39 backup 
Refers to #550. Not marking fixed because we need more tests.
 2019-09-20 17:14:59 +02:00
Pavol Rusnak
702f865e8d
core/webauthn: let's use Self Attestation for now 2019-09-20 12:07:49 +02:00
Andrew Kozlik
576a211c3d core: Clarify the messages on the screens and get rid of overflows. 2019-09-20 12:06:32 +02:00
Tomas Susanka
bf518665a0
Merge pull request #546 from trezor/tsusanka/1of1 
core: enable 1of1 in reset device
 2019-09-20 10:37:37 +02:00
Tomas Susanka
e25686e079 core: enable 1of1 in reset device 
updates #500
 2019-09-20 10:12:33 +02:00
Tomas Susanka
871e159bee core/recovery: remove group threshold from storage 2019-09-20 09:47:15 +02:00
Tomas Susanka
6731d1bbf2 core/recovery: remove word count and backup type 2019-09-20 09:46:49 +02:00
Tomas Susanka
cf5a794436 core/storage: swap arguments in recovery_shares.set 2019-09-20 09:22:30 +02:00
Tomas Susanka
6938d2b238
Merge pull request #541 from trezor/ciny/slip39_various_fixes 
core: various fixes to slip39
 2019-09-20 09:20:31 +02:00
Pavol Rusnak
39a1e308a0
core/webauthn: change the default icon 2019-09-20 00:33:48 +02:00
Andrew Kozlik
9efc3b4431
core/webauthn: Use basic attestation in FIDO2 MakeCredential responses. 2019-09-19 20:28:51 +02:00
Pavol Rusnak
8da121ff5c
core+python: regenerate coins 2019-09-19 20:17:35 +02:00
matejcik
e14edd77a9 core: simplify confirm_share_words 2019-09-19 17:34:02 +02:00
matejcik
e4ac47b0b3 core: simplify fetch_slip39_remaining_shares 2019-09-19 17:27:23 +02:00
Andrew Kozlik
8024f6d069 core/storage: Rename APP_FIDO2 to APP_WEBAUTHN. 2019-09-19 17:17:22 +02:00
Pavol Rusnak
68513a0b39
Merge pull request #538 from trezor/andrewkozlik/fido2-signcount 
Disable FIDO2 signature counter for some relying parties
 2019-09-19 17:00:51 +02:00
ciny
cb029fa905 core: various fixes to slip39 2019-09-19 16:42:10 +02:00
Tomas Susanka
cefb1cf4fd core: refactor slip39 2019-09-19 16:38:29 +02:00
Andrew Kozlik
315a30b42b core/webauthn: Disable FIDO2 signature counter for some relying parties 2019-09-19 16:16:58 +02:00
Andrew Kozlik
f5ea81f905 core: Move some PIN-related functions to apps.common.request_pin and implement verify_user_pin(). 2019-09-18 18:55:58 +02:00
Andrew Kozlik
6350b1c61c core: Implement SD card protection. 2019-09-18 18:55:58 +02:00
Tomas Susanka
5c9fd5875a core/recovery: inform about ToS 
updates #495
 2019-09-18 12:26:53 +02:00
Andrew Kozlik
b89a9dc590 core: Implement credential management. 2019-09-17 18:32:31 +02:00
Andrew Kozlik
5472499326 core/webauthn: Process debuglink signals in dialogs (#519) 2019-09-13 18:34:23 +02:00
Ciny
a0180d233e
Merge pull request #494 from notatestuser/improve-binance-ux 
Binance UX improvements
 2019-09-13 15:05:55 +02:00
Tomas Susanka
e4c8cb1315
core: move public_key_to_wif to helpers 2019-09-13 12:55:04 +02:00
Tomas Susanka
adedb7df97
core: remove underscores in symbols used externally 
closes #504
 2019-09-13 12:55:04 +02:00
Andrew Kozlik
6ee1ea0fde core/webauthn: Add README.md. 2019-09-12 12:04:01 +02:00
Andrew Kozlik
26193245d4 core/webauthn: Generate random part of U2F key handles with uniform distribution. 2019-09-12 12:04:01 +02:00
Andrew Kozlik
70fe14e84c core/webauthn: Implement CTAP2 protocol for FIDO2 support. 2019-09-12 12:04:01 +02:00
Andrew Kozlik
6366f3ac0d core/storage: Implement storage of FIDO2 resident credentials. 2019-09-12 11:46:19 +02:00
Andrew Kozlik
de183849b9 core/webauthn: Implement SLIP-0022 FIDO2 credential ID format. 2019-09-12 11:46:13 +02:00
Pavol Rusnak
6ad3294f31
core: fix visibility of apps.common.device.U2F_COUNTER 2019-09-11 09:51:51 +02:00
Tomas Susanka
c66a1e7780
Merge pull request #497 from romanz/segwit-multisig 
core/wallet: fix segwit multisig comment
 2019-09-05 10:59:21 +02:00
Roman Zeyde
cb04f5774b core/wallet: fix segwit multisig comment 2019-09-04 13:34:30 +03:00
Luke Plaster
9c2d911dcb core: improve binance ux 2019-09-04 12:21:25 +08:00
Luke Plaster
3eff86d17b core: fix the "coin" blueprint (#488) 2019-09-03 14:47:29 +02:00
ciny
ec4dd38888 core: #482 fix binance divisibility 2019-09-03 09:12:04 +02:00
Andrew Kozlik
c1f0c642df core: cache seed without passphrase (#478) 2019-09-02 12:09:03 +02:00
TheCreator
64034c6d7d common: enable UNO (#472) 2019-09-01 09:47:58 +02:00
Roman Zeyde
680e18a4ba core/seed: add SLIP-0077 derivation to Keychain (#398) 
Following #66 and #317, it would allow deriving confidential addresses and
unblinding confidential transactions' outputs.
 2019-08-31 19:04:00 +02:00
Pavol Rusnak
1a71c7a3e8
common: rename Features.features to Features.capabilities 2019-08-28 15:02:30 +02:00
Jan Pochyla
34ec1ed294 core/webauthn: fix bug introduced in bb2556 
Fixes #448
 2019-08-28 14:27:32 +02:00
Pavol Rusnak
dde4c12796
common: add Feature.ShamirGroups to features 2019-08-28 09:25:11 +02:00
Pavol Rusnak
74bc83726c
common: add Feature.Shamir to features 2019-08-27 17:17:26 +02:00
Andrew Kozlik
90bd453d0a core: Improve Super Shamir texts. 2019-08-27 16:03:11 +02:00
Tomas Susanka
fd53c72a3c
Merge pull request #428 from trezor/ciny/super_shamir 
UI for multi level Shamir reset and recovery
 2019-08-27 13:22:32 +02:00
ciny
9595800158 core: store correct backup type during recovery 2019-08-27 13:10:08 +02:00
Pavol Rusnak
c815bc410c
core: remove remaning Decred/Zcash code for Bitcoin only firmware 2019-08-27 12:38:28 +02:00
ciny
81f5cbef93 core + tests: Super shamir reset and recovery UI and tests 2019-08-27 11:50:42 +02:00
matejcik
6481316ac5 core/ethereum: fix typo in wanchain detection (in template also) 2019-08-26 14:43:43 +02:00
matejcik
b0b286aafe core/ethereum: fix typo in wanchain detection 
Reason it worked before: this function would fail to find a network
for wanchain, but the `network` value is only used to determine if
RSKIP60 should be used. That is almost never the case, so missing
network info did not cause an issue.
 2019-08-26 14:28:05 +02:00
matejcik
2022c39ef9 core/ethereum: add support for wanchain slip44 id (#440) 2019-08-25 16:36:14 +02:00
Pavol Rusnak
9ae319211f
core: fill in Features.features 2019-08-23 13:52:14 +02:00
Pavol Rusnak
07ef01f3e4
core: introduce BITCOIN_ONLY flag 2019-08-23 13:52:10 +02:00
Ryxor
2c709ee162 common/defs: add Umbru (#433) 2019-08-23 11:59:30 +02:00
matejcik
3467cbe236 core/cardano: do not force-show homescreen 2019-08-22 18:33:13 +02:00
Jan Pochyla
2c8b90f86e core/loop: properly cleanup task waiting on a chan 2019-08-22 17:29:21 +02:00
Jan Pochyla
6d1a315b0e core/homescreen: render homescreen in a layout 
FIxes a bug introduced in bb25562
 2019-08-22 16:08:38 +02:00
Tomas Susanka
d0ce2b9e39 core: fix initialized to be unrelated to recovery 
closes #387
 2019-08-21 14:10:36 +02:00
Tomas Susanka
4323b0ac2a core: rename recovery keyboards 
closes #301
 2019-08-21 13:48:24 +02:00
Tomas Susanka
ba74cc2880 core: change pubkeys to List 2019-08-21 11:14:11 +02:00
Pavol Rusnak
0f6e06e1e5
common/tools: reorder coins in coin_info.py so Regtest appears at the beginning 2019-08-21 11:06:02 +02:00
Tomas Susanka
debb8ec478
Merge pull request #422 from romanz/typing 
core/wallet: fix 'pubkeys' type to be list
 2019-08-21 10:48:00 +02:00
Roman Zeyde
5b3427a21d core: ensure multisig (m,n) parameters are valid (#423) 2019-08-20 19:18:34 +02:00
Pavol Rusnak
1eb823be03
core: fix permissions of apps/eos source files 2019-08-20 18:08:00 +02:00
Roman Zeyde
acfd6b7771 core/wallet: fix 'pubkeys' type to be list 2019-08-20 17:55:13 +03:00
Jan Pochyla
bb2556a22c
core: improve code documentation, simplify wire package 
* docs: improve loop.py, ui.init

* docs: improve trezor.loop, rename spawn to race

* docs: wire

* core/wire: simplify and document the session handler

* core/wire: improve documentation

* core/wire: improve docs

* core/docs: document ui.grid function

* core: decouple ui and workflow, document both

* core: improve docs


Co-authored-by: Tomas Susanka <tsusanka@gmail.com>
 2019-08-20 16:20:02 +02:00
Roman Zeyde
588998cb85 apps/wallet: support Signify Ed25519 signatures (#348) 2019-08-19 15:20:39 +02:00
omtns
1bb77b81c0 common/defs: enable MTNS (#415) 2019-08-16 17:29:50 +02:00
Tomas Susanka
e119e8de96 core/slip39: fix UI for 33 words 
closes #395
 2019-08-14 11:16:15 +02:00
Tomas Susanka
1b666804c0 core/shamir: fix EMS vs MS 
(cherry picked from commit cb94454618)
 2019-08-13 17:25:47 +02:00
Roman Zeyde
7210a2f56d common/defs: add 'confidential_assets' section to coin definitions (#399) 
Enable 'confidential_assets' for Elements (following #66 and #317) to allow
deriving confidential addresses and signing confidential transactions.

The following Python helper script was used to update the JSON files:
```
import json
import sys

for f in sys.argv[1:]:
    d = json.load(open(f))
    d["confidential_assets"] = None
    with open(f, "w") as o:
        json.dump(d, o, indent=2)
        o.write("\n")
```

Set it to `{'address_prefix': 4, 'blech32_prefix': 'el'}` for Elements.

`coins.json` and `coininfo.py` were re-generated using:
```
$ pipenv run make gen gen_check
```
 2019-08-12 12:52:20 +02:00
matejcik
c285bbba7a core: dispatch DebugLinkDecisions from a common queue 2019-08-09 16:53:12 +02:00
matejcik
f680f0c0d3 core: unify NEM pager confirm with rest of codebase 2019-08-09 16:53:12 +02:00
matejcik
0890f68c0c core: use channels to give feedback over debuglink 
all debug input signals are now channels, and DebugLinkDecision handler
waits until the input was consumed. This means that the input events are
queued; originally, if an input event arrived before the previous was
consumed, the previous input would be lost.

reset words and their positions are now also channels, and
DebugLinkGetState can wait for their updates, if required
 2019-08-09 16:53:12 +02:00
Pavol Rusnak
e23bb10ec4
core+legacy: fix KMD signing (introduce negative_fee coin field) 2019-08-09 16:47:24 +02:00
Tomas Susanka
024f4d64af core/reset: modify confirmation sentence 2019-08-09 15:50:56 +02:00
Tomas Susanka
35ecfbcb3d build 2019-08-09 13:34:46 +02:00
Andrew Kozlik
cb7bc8f410 core: Fix mypy warnings. 2019-08-09 12:52:55 +02:00