1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-31 18:40:56 +00:00
Commit Graph

505 Commits

Author SHA1 Message Date
Andrew Kozlik
abb5ab74e3 feat(legacy): Strict path validation for NEM. 2022-05-03 21:50:50 +02:00
Andrew Kozlik
88efd74710 feat(legacy): Make Bitcoin path checks same as in core. 2022-05-03 21:50:50 +02:00
Andrew Kozlik
35151c6157 feat(legacy): Strict path validation for Stellar. 2022-05-03 21:50:50 +02:00
Andrew Kozlik
0af5cd18c2 feat(legacy): Strict path validation for Ethereum. 2022-05-03 21:50:50 +02:00
Andrew Kozlik
054ab48689 refactor(legacy): Factor out fsm_layoutPathWarning(). 2022-05-03 21:50:50 +02:00
Andrew Kozlik
1b9e575d3e refactor(legacy): Move path constants to crypto.h. 2022-05-03 21:50:50 +02:00
matejcik
540d3ebaab feat(legacy): report EMULATOR vendor in legacy 2022-05-03 19:00:04 +02:00
matejcik
64df33d8d8 feat(legacy): implement firmware dumping 2022-05-03 19:00:04 +02:00
Andrew Kozlik
d693b0c196 feat(legacy): Return fw_vendor in firmware Features message.
[no changelog]
2022-05-03 19:00:04 +02:00
Andrew Kozlik
bd8d9c9c6b feat(legacy): Show progress in GetFirmwareHash. 2022-05-03 19:00:04 +02:00
Andrew Kozlik
e9828a5b59 feat(legacy): Implement GetFirmwareHash message. 2022-05-03 19:00:04 +02:00
Andrew Kozlik
26d1fad2aa feat(legacy): Support Zcash version 5 transaction format. 2022-05-02 17:10:41 +02:00
Martin Milata
4f95ec25f9 chore(legacy/firmware): bump version to 1.11.1 2022-03-30 21:57:54 +02:00
Pavol Rusnak
334f7bbbe6 chore(common): defs cleanup
- drop Gamecredits - they became an ERC-20 token in 2020
- drop Nix - dead coin
- drop Polis - coin became a BEP-20 token and later Olympus network in 2021
2022-03-25 14:27:30 +01:00
Andrew Kozlik
d012f48ca5 feat(legacy): Guess weight of unverified external inputs. 2022-03-17 09:44:03 +01:00
Andrew Kozlik
82895b2cdb feat(legacy): Support unverified external inputs. 2022-03-17 09:44:03 +01:00
Andrew Kozlik
0dfbfefd2a refactor(legacy): Factor out multisig fingerprint processing. 2022-03-17 09:44:03 +01:00
Andrew Kozlik
8cb6d0709f feat(legacy): Ensure input's script type and path match the scriptPubKey. 2022-03-17 09:44:03 +01:00
Ondrej Mikle
28d282101e fix(legacy): cleanup of undesired states where USB processing should not happen 2022-02-22 00:49:31 +01:00
matejcik
45e5c18f06 fix(legacy): allow DebugLinkGetState while waiting for passphrase 2022-02-17 11:05:55 +01:00
matejcik
69eb09580d fix(legacy): clear crypto caches on device wipe 2022-02-17 11:05:55 +01:00
Pavol Rusnak
ea6b005003 feat(legacy): verify bip340 pubkeys used in p2tr addresses 2022-02-16 10:25:15 +01:00
Andrew Kozlik
b1706561cd fix(legacy): Remove Bitcoin Cash from BITCOIN_ONLY firmware. 2022-02-11 15:36:00 +01:00
Andrew Kozlik
cb21c7e415 feat(legacy): Support Electrum signatures in VerifyMessage. 2022-02-11 15:36:00 +01:00
Andrew Kozlik
b5c9f573b2 feat(legacy): Show "signature is valid" dialog when VerifyMessage succeeds. 2022-02-11 15:36:00 +01:00
matejcik
310b6c5217 fix(legacy): support Success and Failure for debuglink 2022-02-10 14:48:11 +01:00
matejcik
e81bb0f856 feat(legacy): enable DebugLinkReseedRandom 2022-02-10 14:48:11 +01:00
matejcik
658c50fc1f chore(legacy): drop support for RANDOM_DEV_FILE
Replacing it with trezor-crypto's na(t)ive RNG, which we can reseed over
debuglink.
2022-02-10 14:48:11 +01:00
Andrew Kozlik
d0c3a6a2fa chore(core): Add mac field to Address message.
[no changelog]
2022-01-31 18:00:22 +01:00
Andrew Kozlik
0959947a88 chore(common): Add GetNonce, Nonce and TxAckPaymentRequest message.
[no changelog]
2022-01-31 18:00:22 +01:00
Andrew Kozlik
ba4f046d6f feat(common): Add INFO button to DebugLinkDecision.
[no changelog]
2022-01-27 13:15:04 +01:00
Martin Milata
763a138d53 docs(legacy/firmware): fix date in changelog
[skip_ci]
2022-01-19 19:48:43 +01:00
Martin Milata
98b1159b0b Merge branch 'release/22.01'
Conflicts:
	core/src/apps/ethereum/tokens.py
2022-01-19 15:24:51 +01:00
Martin Milata
c127f6dd6e docs(legacy/firmware): fix date in changelog
[skip_ci]
2022-01-17 14:11:49 +01:00
Alois Klink
5c4703c9bb fix(core,legacy): Fix domain-only ethTypedData
When doing Ethereum signTypedData, and the primaryType="EIP712Domain",
we completely ignore the "message" part and only sign the domain.

According to the community, this is technically allowed by the spec,
and may be used by ETH smart contracts to save on gas.

Test case generated by @MetaMask/eth-sig-util's library.

See: https://ethereum-magicians.org/t/eip-712-standards-clarification-primarytype-as-domaintype/3286
2022-01-14 14:22:46 +01:00
Pavol Rusnak
2880a2fa33
fix(crypto): refactor ethereum_address_checksum to prepend "0x" (#2029)
[no changelog]
2022-01-12 21:00:54 +01:00
matejcik
454a7ce301 fix(legacy/nem): remove checks for newly required protobuf attributes
[no changelog]
2022-01-07 21:41:17 +01:00
Pavol Rusnak
b0e0280465 chore: drop obsolete fw_vendor_keys field from Features
[no changelog]
2022-01-03 14:23:58 +01:00
Martin Milata
572f3eda20 chore(legacy/firmware): bump version to 1.10.6 2022-01-03 12:40:06 +01:00
Martin Milata
96378a15a8 docs(legacy): changelog for 1.10.5 2021-12-23 19:18:17 +01:00
Alisina Bahadori
77ab865386 feat(legacy): Implement EIP-712 signing 2021-12-19 20:36:30 +01:00
Carlosbogo
dd1240ef53
docs: update links in changelogs (#2013)
fixes #2011
2021-12-17 14:53:21 +01:00
Pavol Rusnak
30a77a76bc
chore(legacy): rename MEMORY_PROTECT flag to PRODUCTION to match core naming (#2003) 2021-12-12 15:45:10 +01:00
Martin Milata
ff5f965c44 Merge branch 'release/21.12'
Conflicts:
	tests/device_tests/test_msg_signtx_invalid_path.py
	tests/ui_tests/fixtures.json
2021-12-08 14:53:56 +01:00
Ondrej Mikle
199729e57a fix(legacy): prevent handling RebootToBootloader recursing by flushing USB write 2021-12-07 17:00:43 +01:00
Martin Milata
1e5e970fd1 fix(legacy/firmware): improve pin length bound check 2021-12-06 16:25:59 +01:00
Martin Milata
7336125cd3 chore(legacy/firmware): bump version to 1.10.5 2021-12-01 14:45:47 +01:00
Martin Milata
61164febf2 docs(legacy): changelog for 1.10.4 2021-11-23 14:57:25 +01:00
Andrew Kozlik
38134732dc fix(legacy): Ensure user is warned about non-standard paths. 2021-11-23 14:57:25 +01:00
Pavol Rusnak
ee4ef81039 fix(legacy): update account naming
[no changelog]
2021-11-23 13:00:43 +01:00
Pavol Rusnak
3488138285 chore(legacy): drop unused ECIES code
[no changelog]
2021-11-19 11:44:56 +01:00
Martin Milata
d656f88572 style(all): reformat with clang-format 13.0 2021-11-19 10:54:31 +01:00
Andrew Kozlik
f4b8dbefb6 fix(legacy): Fix testnet account label in GetAddress dialog. 2021-11-18 22:39:32 +01:00
Pavol Rusnak
274ccdc4c0 fix(legacy): add Taproot account handling to GetAddress dialog 2021-11-18 22:39:32 +01:00
Andrew Kozlik
cafc49fabd fix(legacy): Fix transaction weight calculation.
Fix size of multisig script length encoding in segwit (varint vs. OP_PUSH).
2021-11-18 22:39:32 +01:00
Andrew Kozlik
567cbd0250 feat(legacy): Support Taproot in weight calculation. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
e30ccabed3 feat(legacy): Show path warning for SignMessage. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
98ad54b7ee chore(legacy): Disable Taproot where it's not supported. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
fa4d74ad30 feat(legacy): Support Taproot signature verification. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
7597eb25ab feat(legacy): Disable prevtx streaming for Taproot. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
c9d1ff93f5 feat(legacy): Implement Taproot signing. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
9f65165887 feat(legacy): Introduce SIGHASH_ALL_TAPROOT. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
6fbbd14f8c refactor(legacy): Refactor compile_input_script_sig(). 2021-11-18 22:39:32 +01:00
Andrew Kozlik
9a051df127 chore(legacy): Support script_pubkey parameter for Bitcoin inputs. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
aed79eec65 chore(legacy): Recognize Taproot script types. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
6c9c727359 feat(legacy): Implement GetAddress for taproot. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
34e8284331 feat(legacy): Implement the BIP-341 common signature message computation. 2021-11-18 22:39:32 +01:00
Andrew Kozlik
78a9ab8123 feat(legacy): Add BIP86 paths to coin_path_check(). 2021-11-18 22:39:32 +01:00
Ondřej Vejpustek
9b1c5df451 feat(legacy): use secp256k1-zkp where possible 2021-11-18 19:05:40 +01:00
Ondřej Vejpustek
a22e6a688f build(legacy): build with secp256k1-zkp library 2021-11-18 19:05:40 +01:00
Andrew Kozlik
0737deedc4 fix(legacy): Fix split_message() to correctly handle strings that are not null-terminated. 2021-11-10 17:35:57 +01:00
Andrew Kozlik
d8de95767d feat(legacy): Use fixed font in SignMessage and VerifyMessage. 2021-11-10 17:35:57 +01:00
Andrew Kozlik
c60305d8f0 feat(legacy): Implement pagination in SignMessage and VerifyMessage. 2021-11-10 17:35:57 +01:00
Andrew Kozlik
5e6e56ac4d feat(legacy): Show address confirmation in SignMessage. 2021-11-10 17:35:57 +01:00
Andrew Kozlik
4146ab7f9e feat(legacy): Support no_script_type option in SignMessage. 2021-11-10 17:35:57 +01:00
Martin Milata
a01516389a chore(vendor): update QR-code-generator 2021-11-05 14:09:11 +01:00
Jun Luo
62b649ef5d refactor(common & core & legacy): Stellar, rename StellarCreatePassiveOfferOp to StellarCreatePassiveSellOfferOp. 2021-11-04 13:16:29 +01:00
Jun Luo
d064aae3f9 feat(common & core & legacy): Stellar, add support for StellarPathPaymentStrictSendOp. 2021-11-04 13:16:29 +01:00
Jun Luo
1dcb8e4913 feat(common & core & legacy): Stellar, add support for StellarManageBuyOfferOp. 2021-11-04 13:16:29 +01:00
Jun Luo
3a5768c4bf refactor(common & core & legacy): Stellar, rename StellarManageOfferOp to StellarManageSellOfferOp and rename StellarPathPaymentOp to StellarPathPaymentStrictReceiveOp. 2021-11-04 13:16:29 +01:00
grdddj
9d643808c1 chore(legacy): fix build after adding EthereumSignTypedData [no changelog] 2021-11-02 14:27:01 +01:00
Andrew Kozlik
eb90efd914 chore(crypto,core,legacy): Add return code to hdnode_fill_public_key().
[no changelog]
2021-11-01 16:39:53 +01:00
Andrew Kozlik
34621a6b6d fix(crypto,core,legacy): Check private key validity when deriving public key.
[no changelog]
2021-11-01 16:39:53 +01:00
Martin Milata
fa3c6140a6 feat(legacy/ethereum): support access lists in EIP-1559 transactions 2021-10-26 17:20:20 +02:00
Martin Milata
076c5b9cbe feat(legacy/ethereum): support for EIP-1559 transactions 2021-10-26 17:20:20 +02:00
Pavol Rusnak
b2ff86ff3a
fix(common): drop unusable coins BELL and ZNY (#1872)
there are no wallets that support Trezor and these coins
2021-10-26 13:09:34 +02:00
Andrew Kozlik
13cbb59082 feat(common): Add script_pubkey field to TxInput message. 2021-10-18 19:58:56 +02:00
Andrew Kozlik
926365b64e fix(legacy): Fix compile-time check of maximum protobuf message size. 2021-10-18 16:31:40 +02:00
Pavol Rusnak
60bd59fbad feat(crypto): update segwit_addr to support Bech32m 2021-10-18 13:36:05 +02:00
Pavol Rusnak
ac4cb88184 feat(common): add taproot field to coin definitions
enable for Bitcoin Testnet and Bitcoin Regtest
2021-10-18 13:36:05 +02:00
Pavol Rusnak
2035ff4569 feat(legacy): add support for Taproot descriptors 2021-10-18 13:36:05 +02:00
amadejpapez
85ba7c12ba style(all): use f-strings for formatting
[no changelog]
2021-10-13 11:53:17 +02:00
Martin Milata
83a81da37d fix(legacy): don't mention decred in btconly fw 2021-10-07 15:26:49 +02:00
Ondrej Mikle
a85d2483ff chore(legacy & core): changelogs added 2021-09-27 15:42:29 +02:00
Ondrej Mikle
6ea4b7b211 fix(core & legacy): better styled compiler checks 2021-09-27 15:42:29 +02:00
Ondrej Mikle
6b849b1d4d fix(core & legacy): avoid accidental build with broken stack protector 2021-09-27 15:42:29 +02:00
matejcik
1dcfdebf7a feat(all): make Stellar timebounds required 2021-09-24 10:30:19 +02:00
matejcik
4b8f52cd2f refactor(legacy): update to new Stellar protobuf usage
[no changelog]
2021-09-24 10:30:19 +02:00
Martin Milata
53e2573691 docs(core): fix dates in changelog 2021-09-16 18:41:06 +02:00
Martin Milata
35a41fd957 Merge branch 'release/21.09' into master
Conflicts:
	core/src/apps/ethereum/tokens.py
2021-09-16 17:28:36 +02:00
matejcik
d318a29343 fix(legacy/ethereum): set correct limit for SignTxEIP1559.to 2021-09-10 15:09:03 +02:00
matejcik
2ce0c8f188 fix(legacy): make use of Ethereum required fields 2021-09-10 15:09:03 +02:00
matejcik
96ed53cc1c refactor(core,legacy): remove Wanchain special handling
now that Wanchain has proper chainID and we don't need to detect it by
magic.

[no changelog]
2021-09-10 15:09:03 +02:00
matejcik
639406b01f feat(all): make chain_id mandatory 2021-09-10 15:09:03 +02:00
arbitrarylink
f051225730 feat(core,legacy): add support for Ethereum 64-bit chain_id
* Changes from original PR

* Now that we are rejecting chain_ids of 0, we need to have the tests set the chain_ids to at least 1.

* Ran 'make gen' and uploaded changed files.

* Ran make style_check and fixed reported errors

* Added changelog files

* Reverted changes concerning chain_id 0 being rejected.

* Adds tests for MAX_CHAIN_ID and MAX_CHAIN_ID+1.  Also reverts MAX_CHAIN_ID to the previous value.

* Added missing whitespace around arithmetic operator.

Co-authored-by: Michael Hatton <michaelhatton@Michaels-Mini.fios-router.home>
2021-09-10 15:09:03 +02:00
Tomas Susanka
cec1f39a90 chore(core, legacy): bump versions
[no changelog]
2021-08-31 12:55:37 +02:00
Tomas Susanka
1f5800a966 chore(legacy): generate Changelog 2021-08-26 14:54:27 +02:00
Andrew Kozlik
dd65780610 fix(legacy): Stricter protobuf field handling in Stellar. 2021-08-24 13:46:08 +02:00
matejcik
7aed8d535d feat(all): re-enable Firo (fixes #1767) 2021-08-23 11:43:57 +02:00
matejcik
becf5dcc53 chore(legacy): remove Lisk 2021-08-19 10:25:41 +02:00
matejcik
a39870449f fix(legacy): recognize SignTXEIP1559 on legacy build
[no changelog]
2021-08-10 11:00:29 +02:00
matejcik
9ab1891b22 feat(common): more required fields in messages-management
[no changelog]
2021-08-04 15:03:11 +02:00
matejcik
33a9a14eab feat(legacy/emulator): avoid busy loop when waiting for messages 2021-08-04 10:58:15 +02:00
Pavol Rusnak
397a2ab18e feat(legacy): make sure that known_bootloader check contains the hash of our bundled bootloader 2021-07-23 13:46:06 +02:00
Andrew Kozlik
c1843f9f9f style(legacy): Remove nested conditional operators. 2021-07-22 10:54:49 +02:00
Andrew Kozlik
7277a49047 fix(common): Add new rpId to Binance's FIDO definition. 2021-07-21 13:19:16 +02:00
Martin Milata
0d251fc01a Merge branch 'release/21.07' 2021-07-16 14:34:20 +02:00
Andrew Kozlik
24bb401638 fix(legacy,core): Fix operation source account encoding in Stellar. 2021-07-13 17:24:16 +02:00
Martin Milata
478bc81b86 chore(legacy): bump version to 1.10.3 2021-07-08 13:38:09 +02:00
Martin Milata
01c1ae426f docs: add security fixes to changelogs 2021-06-30 18:32:58 +02:00
Andrew Kozlik
5fb0f9a6c5 feat(legacy): Distinguish between known path checks and script type checks in coin_path_check(). 2021-06-30 18:25:58 +02:00
Andrew Kozlik
b8cb531098 feat(legacy): Check presence of multisig parameters in coin_known_path_check() for consistency with core checks. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
c067618828 fix(common): Fix incorrect SLIP-44 coin type for Bgold and SmartCash Testnets. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
28421594c9 fix(legacy): Use short-circuit evaluation in coin_known_path_check(). 2021-06-30 18:25:58 +02:00
Andrew Kozlik
9b0e980c44 fix(legacy): Don't allow unknown paths in GetAddress. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
3884232f74 feat(legacy): Restrict path ranges for account, change and address index. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
a6390e4b82 fix(legacy): Allow known non-standard paths in GetAddress and SignTx. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
18f4a47173 fix(legacy): Disable spending testnet coins from Bitcoin paths. 2021-06-30 18:25:58 +02:00
Martin Milata
a2d2405a11 docs(legacy/firmware): changelog for 1.10.2 2021-06-30 18:17:09 +02:00
Pavol Rusnak
8cfa5da1ce
docs: fix typos in comments
[skip_ci]
2021-06-30 15:41:55 +02:00
Andrew Kozlik
9ebfa936c0 docs(legacy/firmware): Fix dates in changelog. 2021-06-11 20:22:42 +02:00
Martin Milata
362504dfcd docs(legacy/firmware): changelog for blake256 fix 2021-06-11 20:22:42 +02:00
matejcik
97f49cf336 fix(legacy): fix protobuf build [no changelog] 2021-06-08 09:55:19 +02:00
matejcik
2fac964a29 chore(common): disable Firo support 2021-06-04 11:38:18 +02:00
Pavol Rusnak
fce3640848 fix(common): remove dead coin Hatch 2021-06-04 10:10:26 +02:00
Martin Milata
3976ef7261 chore(legacy/firmware): bump version to 1.10.2
[skip_ci]
2021-06-02 12:50:22 +02:00
Martin Milata
5f2b7b231b docs(legacy/firmware): changelog for 1.10.1 2021-05-24 18:58:48 +02:00
Andrew Kozlik
2dbde040c4 feat(legacy): Add safety_checks setting. 2021-05-24 17:47:43 +02:00
Ondřej Vejpustek
34f5d508b0 refactor(legacy): move wait_random into separate file 2021-05-21 13:42:53 +02:00
Pavol Rusnak
e09a74a79e refactor(legacy): rename check_bootloader to check_and_replace_bootloader 2021-05-13 17:59:39 +02:00
Martin Milata
ca5d173071 docs(legacy/firmware): changelog for 1.10.0 2021-05-13 14:35:54 +02:00
Martin Milata
97aa0fb517 docs(legacy/firmware): use towncrier for generating CHANGELOG.md 2021-05-04 14:18:01 +02:00
Martin Milata
f58c1634c6 docs(core): use towncrier for generating CHANGELOG.md 2021-05-04 14:18:01 +02:00
Tomas Susanka
300c27abb8 chore(legacy): bump version to 1.10.1; add soft-reset to changelog 2021-04-23 15:47:17 +02:00
Tomas Susanka
e82aacbc7c docs(legacy/changelog): add note on bootloader 2021-04-22 09:41:58 +02:00
Pavol Rusnak
f93a8514e8
fix(legacy): update embedded bootloader hash 2021-04-21 16:00:09 +02:00
Pavol Rusnak
73ae44f500 fix(legacy): rebuild bundled bootloader (deterministically) 2021-04-19 18:32:47 +02:00
Pavol Rusnak
0d37824b01 fix(legacy): show dialog before rebooting to bootloader 2021-04-15 18:01:09 +02:00
Alexis Hernandez
bb1c638d3b legacy: Update op_return max size to 150 bytes
The goal is to allow Trezor 1 to create TPoS contracts for Stakenet.

Last year, Stakenet introduced a hard-fork [1] to change the way TPoS contracts
are created, instead of a custom signature method, now it works with the
output from the signMessage method, while this works for Trezor T, it doesn't
work for Trezor 1 due to the 80 bytes limit on the OP_RETURN output while
Stakenet allows up to 150 bytes [2], in a gitter discussion [3] we concluded that
the change should be fine.

The hard-fork was introduced because we couldn't got our TPoS contracts PR accepted [4],
the OP_RETURN still contains the same data, its just stored in a different way:
- The TPoS address, where the coins to stake are stored, and where rewards are received.
- The merchant address, where the merchant receives its commission.
- The contract commission.
- The TPoS collateral signature (this is what uses the signMessage now).

At last, there is an example transaction creating a TPoS contract [5].

[1]: https://github.com/X9Developers/XSN/pull/154
[2]: https://github.com/X9Developers/XSN/blob/master/src/script/standard.h#L34
[3]: https://gitter.im/trezor/community?at=6064c41e940f1d555e2ea670
[4]: https://github.com/trezor/trezor-firmware/pull/140
[5]: https://xsnexplorer.io/transactions/858feb31097501cf68d698cde104cf778ec51ff3668e943404b549a5dd2f5792
2021-04-06 10:15:59 +02:00
Andrew Kozlik
a755e99ccc feat(legacy): Display nLockTime in human-readable form. 2021-03-26 14:49:21 +01:00