Pavol Rusnak
2e877b5762
core: refactor fido2 stuff into webauthn/fido2
2019-10-01 14:02:28 +00:00
Tomas Susanka
6b8f63c624
docs: improve tests documentation
2019-10-01 15:14:36 +02:00
matejcik
3c62db2696
stellar: fix ManageDataOp value padding
2019-10-01 15:12:37 +02:00
Andrew Kozlik
18998ff42f
core/webauth: Remove "alg" parameter validation for key-agreement public keys to avoid compatibility issues.
2019-10-01 12:05:14 +02:00
Andrew Kozlik
4a81101c84
core/webauthn: Modify error handling to match fido2-tests.
2019-10-01 11:55:36 +02:00
Andrew Kozlik
9537bc40a5
core/webauthn: Use ECDH_ES_HKDF_256 instead of ES256 as the algorithm type for key-agreement keys.
...
ECDH_ES_HKDF_256 is the wrong type to use, since the key-agreement does not use HKDF, but ES256 is even more wrong, because it is an ECDSA type rather than an ECDH type. Currently there is no correct algorithm type defined. ES256 is used by libfido2, whereas ECDH_ES_HKDF_256 is used by Chrome, YubiKey and SoloKey, so it has the majority.
2019-09-30 19:37:46 +02:00
Pavol Rusnak
69142e56e7
core/tests: don't use curl, use wget
2019-09-30 12:46:00 +00:00
Andrew Kozlik
500401d81f
core/webauthn: Place a 500 ms timeout on CTAP HID continuation packets.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
0495d18b1e
core/webauthn: Fix CTAP HID protocol to correctly handle invalid channel IDs and interleaving packets from different channels.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
9ea8136545
u2f: Add keepersecurity.eu to knownapps.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
e4c13b6357
u2f: Store hashes of U2F application parameters instead of pre-images.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
6a33889706
common/webauthn: Add new URLs for gandi.net and Slush Pool.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
528ee9ccf1
core/webauthn: Ensure user-presence option is not present in MakeCredential requests.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
e341f133a3
core/webauthn: Add length checks in CTAPHID protocol.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
ae70741e48
core/webauthn: Add more type checking for CBOR command parameters and return CTAP2_ERR_CBOR_UNEXPECTED_TYPE.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
5ca4ed2347
core/webauth: Add _AUTOCONFIRM option for testing.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
7ad1467dbf
core/webauthn: Process debuglink signals in Fido2ConfirmGetAssertion.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
3d91cb5c5b
core/webauthn: Return ERR_MISSING_PARAMETER instead of generic error.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
eaf63fff45
core/webauthn: In GetAssertion do not return user ID for server resident credentials.
2019-09-26 19:02:29 +02:00
Andrew Kozlik
f54c968039
core/webauthn: Validate U2F key handle length.
2019-09-25 21:06:36 +02:00
Andrew Kozlik
638a861137
core/webauthn: Add U2F_V2 to authenticatorGetInfo supported versions.
2019-09-25 20:00:11 +02:00
Andrew Kozlik
cf6949332f
core/webauthn: Claim that PIN is set even when it's not, because login.live.com shows an error, but doesn't instruct the user to set a PIN.
2019-09-25 20:00:11 +02:00
Andrew Kozlik
5e99058832
common/webauthn: Add webauthn RP ID for google.com.
2019-09-25 19:59:59 +02:00
Pavol Rusnak
40c66e6d85
core: handle removal of non-existing PIN in require_confirm_change_pin
2019-09-25 17:35:37 +00:00
Pavol Rusnak
ad76b5fb9f
core: regenerate mocks
2019-09-25 10:27:04 +00:00
Pavol Rusnak
dcff4ade01
core: use set_clr_card_detect to disable SD card pull-up resistor
2019-09-25 12:13:53 +02:00
Pavol Rusnak
6c14ee7ec0
core: initialize fatfs only after we know the SD card is powered
2019-09-25 12:13:52 +02:00
Pavol Rusnak
7394ecfa77
core: add exist_ok parameter to fatfs.mkdir
2019-09-25 12:13:52 +02:00
Pavol Rusnak
d393fc6e85
Revert "core: replace BITCOIN_ONLY with a constant only in src/trezor/utils.py"
...
This reverts commit b9e7e93bcf
.
Unfortunately this does not work, compiler cannot see it is a literal constant,
so it won't get optimized out, even when we use const(0). Also const(False)
is not supported at all.
2019-09-25 12:05:13 +02:00
Tomas Susanka
f53694c3fe
core/recovery: rename variable and add a comment in Info button
2019-09-24 16:12:19 +02:00
Tomas Susanka
6c6bd44ee8
core/recovery: fix Info button when the threshold was reached ( #566 )
2019-09-24 16:10:09 +02:00
matejcik
65d2a55bff
core/recovery: improve comment
2019-09-24 14:07:46 +02:00
matejcik
02ee0b63c0
core/recovery: fix type signature of _process_words
2019-09-24 14:07:08 +02:00
matejcik
1c53c2bdf2
core/recovery: allow changing word count again ( fixes #554 )
2019-09-24 14:04:51 +02:00
Tomas Susanka
7f959250e7
Merge pull request #563 from trezor/tsusanka/562-fix-info-btn
...
core/recovery: fix Info dialog
2019-09-24 13:20:14 +02:00
ciny
1337ff97b7
core: fixed confirmation screen during advanced slip39 reset flow
2019-09-24 12:11:18 +02:00
Tomas Susanka
51bf0dde12
core/recovery: fix Info dialog
...
closes #562
2019-09-24 11:23:29 +02:00
Pavol Rusnak
78041d261b
crypto: refactor bip39 api
2019-09-23 17:56:36 +02:00
Andrew Kozlik
524a2ac721
core: Show success dialogs in sd-protect.
2019-09-23 10:38:58 +02:00
Andrew Kozlik
a7485c0840
core: In sd-salt and webauthn error dialogs replace "X" button with "Close" button.
2019-09-23 10:38:58 +02:00
Andrew Kozlik
de74750569
core: Show success and failure dialogs in change-pin.
2019-09-23 10:38:58 +02:00
Pavol Rusnak
b9e7e93bcf
core: replace BITCOIN_ONLY with a constant only in src/trezor/utils.py
2019-09-22 15:07:04 +02:00
Pavol Rusnak
bb4dd3cf18
core: respect PYOPT in firmware build
2019-09-20 23:35:47 +02:00
matejcik
03f1403c93
core: clean up backup type handling in reset_device
2019-09-20 18:00:14 +02:00
matejcik
78ecc38b1b
core: fix BIP39 backup
...
Refers to #550 . Not marking fixed because we need more tests.
2019-09-20 17:14:59 +02:00
Tomas Susanka
eca0a719db
core: bump version to 2.1.7
2019-09-20 15:00:34 +02:00
Pavol Rusnak
702f865e8d
core/webauthn: let's use Self Attestation for now
2019-09-20 12:07:49 +02:00
Tomas Susanka
5d32fc37ae
core/changelog: complete 2.1.6 changelog
2019-09-20 12:07:11 +02:00
Andrew Kozlik
576a211c3d
core: Clarify the messages on the screens and get rid of overflows.
2019-09-20 12:06:32 +02:00
Tomas Susanka
bf518665a0
Merge pull request #546 from trezor/tsusanka/1of1
...
core: enable 1of1 in reset device
2019-09-20 10:37:37 +02:00