1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-17 11:58:13 +00:00
Commit Graph

8542 Commits

Author SHA1 Message Date
Jochen Hoenicke
e2dd0b8e8d Always check for validity in ecdsa_read_pubkey.
An invalid point may crash the implementation or, worse,
reveal information about the private key if used in a ECDH
context (e.g. cryptoMessageEn/Decrypt).

Therefore, check all user supplied points even if
USE_PUBKEY_VALIDATE is not set.

To improve speed, we don't check if the point lies in the
main group, since the secp256k1 curve does not have
any other subgroup.
2015-03-08 21:09:21 +01:00
Pavol Rusnak
66cf46d7c5 Merge pull request #29 from jhoenicke/master
Verify the localback.net certificate
2015-03-05 11:36:52 +01:00
Jochen Hoenicke
6f59de799a Verify the localback.net certificate 2015-03-05 11:15:53 +01:00
Pavol Rusnak
690702063c Merge pull request #28 from jhoenicke/master
Use right URL for bridge and keep-alive connection
2015-03-05 11:08:13 +01:00
Jochen Hoenicke
9107aab76a Use right URL for bridge and keep-alive connection
The bridge is using https with a certificate signed for localback.net.

Use a session object (self.conn) to keep connection alive and
prevent costly ssl handshakes for every call.
2015-03-05 11:00:18 +01:00
Pavol Rusnak
2451936f0e add posibility to override tag to be built in firmware-docker-build, make master as default 2015-03-04 18:12:33 +01:00
Pavol Rusnak
92ab7504b2 add one more bip32_cache test 2015-03-04 15:43:14 +01:00
Pavol Rusnak
e523d34596 Merge pull request #27 from nelisky/insight_tx-fixes
Insight tx fixes
2015-03-04 02:59:37 +01:00
nelisky
f3b7629a4f Prevent floating point issues when pushing output amount 2015-03-03 23:37:32 +00:00
nelisky
e4429242aa Allow insight_tx to be passed a dict object instead of an url 2015-03-03 23:36:51 +00:00
Pavol Rusnak
0ee02eb09a revert non-swiping dialogs 2015-03-03 18:35:04 +01:00
Pavol Rusnak
24660f3e2c fix port in signidentity dialog 2015-03-03 17:42:25 +01:00
Pavol Rusnak
65d734df58 add Darkcoin 2015-03-03 02:09:15 +01:00
Pavol Rusnak
d1c62659f7 make signidentity dialog nicer 2015-03-02 21:33:06 +01:00
Pavol Rusnak
1272046375 login -> sign in 2015-03-02 19:58:33 +01:00
Pavol Rusnak
6eb2933bfe rework signer to consume secexp format as well 2015-03-02 19:16:45 +01:00
Pavol Rusnak
6dd6deb2ad fix tabs/spaces 2015-03-02 19:08:46 +01:00
Pavol Rusnak
d3ccdb56bd Merge pull request #3 from Flavien/master
Add Coinprism to the URL whitelist
2015-03-02 19:07:20 +01:00
Flavien Charlon
19a807edda Add Coinprism to the URL whitelist 2015-03-02 17:48:30 +00:00
Pavol Rusnak
f74d31788c old PIN -> current PIN 2015-02-28 14:06:23 +01:00
Pavol Rusnak
402886e00d Merge pull request #16 from jhoenicke/master
PIN handling - constant time.
2015-02-26 11:38:53 +01:00
Pavol Rusnak
82308d8a38 make wording more verbose (in SignIdentity) 2015-02-25 20:26:21 +01:00
Pavol Rusnak
eefa689b33 call layout functions where needed to rewrite the display after dialog choice 2015-02-25 17:57:47 +01:00
Pavol Rusnak
45d9955bc2 speed up communication 2015-02-25 17:54:27 +01:00
Pavol Rusnak
137a60ce01 set multisig_fp_mismatch when non-multisig input is encountered 2015-02-25 17:03:46 +01:00
Pavol Rusnak
399d4d31b7 replace transaction check hashing 2015-02-25 17:03:46 +01:00
Pavol Rusnak
73c42402b9 implement SignIdentity workflow 2015-02-25 17:03:01 +01:00
Pavol Rusnak
acb8305ced Merge pull request #17 from jhoenicke/speedsigning
Faster signing, smoother progressbar.
2015-02-25 16:52:04 +01:00
Jochen Hoenicke
5d8135be1a Faster signing, smoother progressbar.
Most time in signing transaction on the Trezor side is spent
in layoutProgress.  This patch reduces the calls to this functions.
We also compute the progress differently, reserving 50 % for downloading
input transactions and 50 % for the signing process.  This gives a
smoother experience if the input transactions are large.
2015-02-25 16:37:08 +01:00
Pavol Rusnak
e95f7016be add trezor.github.io to whitelist 2015-02-23 12:16:28 +01:00
Jochen Hoenicke
286ee0525c PIN handling - constant time.
This diff contains three changes.
1. Make timing isPinCorrect independent of storage.pin, to avoid timing attacks
2. Only update failed PIN counter if the user entered a PIN.
   Of course, the fail counter is still incremented, before the PIN is checked.
3. Don't cache the PIN, but just the fact that the PIN was entered.  The
   cache should be in sync with storage.pin in any case.
2015-02-22 15:42:31 +01:00
Pavol Rusnak
049166d6c9 disable filecache by default 2015-02-22 14:40:21 +01:00
Pavol Rusnak
3358906c65 add trezorctl to package and bump version 2015-02-22 14:28:47 +01:00
Pavol Rusnak
06ed6a27a7 rename cmdtr.py to trezorctl (but keep symlink for now) 2015-02-22 14:23:39 +01:00
Pavol Rusnak
109cca5ab3 fix _customPrintFieldValue 2015-02-21 12:52:01 +01:00
Pavol Rusnak
ad6fc7b5a7 update protobuf 2015-02-20 19:01:45 +01:00
Pavol Rusnak
68ef2d2262 implement SignIdentity/SignedIdentity 2015-02-20 18:50:53 +01:00
Pavol Rusnak
a996573c81 update pb 2015-02-20 16:47:23 +01:00
Pavol Rusnak
69d476a3ba add SignIdentity, SignedIdentity messages 2015-02-20 16:45:59 +01:00
Pavol Rusnak
2f5e520345 add description to layoutAddress 2015-02-19 14:11:27 +01:00
Pavol Rusnak
812184ecec add kocicka.png 2015-02-17 00:06:49 +01:00
Pavol Rusnak
f2f50aa188 bump version to 1.3.1 2015-02-16 15:23:30 +01:00
Pavol Rusnak
870da7aa17 don't try to change 2 things using apply_settings in unit test 2015-02-15 21:19:07 +01:00
Pavol Rusnak
94531f264e speed up public ckd (used in multisig) 2015-02-15 20:47:53 +01:00
Pavol Rusnak
07c8c4963a use const char * const * for wordlist 2015-02-14 12:40:32 +01:00
Pavol Rusnak
d814f58a3b Merge pull request #22 from jhoenicke/master
Make word list const
2015-02-14 12:38:36 +01:00
Pavol Rusnak
c369683dc9 Merge pull request #14 from jhoenicke/master
Disable assertion checking
2015-02-14 12:38:15 +01:00
Jochen Hoenicke
7e7b40b434 Make word list const
This makes the pointers to the words constant.  It moves 8kb from ram
to flash.  It changes the return type of mnemonic_wordlist() to reflect
this change.  Everyone calling it should also change the type to
`const char * const *`.
2015-02-14 12:00:44 +01:00
Jochen Hoenicke
2a28680d6e Disable assertion checking
The trezor-crypto has some assertions, which are enabled unless
compiled with -DNDEBUG.  This does not make much sense for the Trezor
as could not write the assertion errors to stderr anyway.

This simple patch removes the dependency to assert, printf, etc. It
saves about 11kb flash and 2.2kb ram.
2015-02-14 11:50:12 +01:00
Pavol Rusnak
873c0ec11a one more edit of 'c' letter in font 2015-02-13 20:59:47 +01:00