Pavol Rusnak
70843c9059
storage: introduce storageRam and storageRom
2017-12-12 16:28:42 +01:00
Pavol Rusnak
57bbcc754a
storage: make storage accessible only via functions
...
add calls also for debug build and use them in fsm
2017-12-12 16:28:42 +01:00
Pavol Rusnak
41901a8056
firmware: rework protectChangePin
...
bootloader: wait for flash operation to finish
2017-12-12 12:51:08 +01:00
Pavol Rusnak
36f3b7fe09
firmware: mark usb buffer variables confidential
2017-12-12 12:51:08 +01:00
Jochen Hoenicke
2387f71813
bootloader: Check that erasing flash worked
2017-12-12 12:51:08 +01:00
Jochen Hoenicke
b4a61d60c3
bootloader: Delay flashing firmware magic.
...
Only flash firmware magic at the end. Also simplified the code a bit.
2017-12-12 12:51:08 +01:00
Pavol Rusnak
6deb9fde32
setup: avoid usb host mode
2017-12-12 12:51:08 +01:00
Pavol Rusnak
14d15dab99
fsm: refactor path checking code into path_mismatch function
2017-12-12 01:48:07 +01:00
Pavol Rusnak
d822e1f19e
fix typo
2017-12-10 23:40:47 +01:00
Pavol Rusnak
8c02b50414
add installation info to readme
2017-12-10 23:40:06 +01:00
Saleem Rashid
7cd9945905
fsm: Use coin->curve_name
2017-12-10 20:53:44 +01:00
Saleem Rashid
6e25e0b363
coins: Use curve_info instead of HasherType
2017-12-10 20:53:44 +01:00
Saleem Rashid
268e7de109
Update trezor-crypto
2017-12-10 20:53:44 +01:00
Saleem Rashid
dc781725c6
hasher: Move to trezor-crypto
...
This reverts commit dd7b21a6ca
.
2017-12-10 20:53:44 +01:00
Saleem Rashid
0e60ba54b7
crypto: Use Hasher for message signing
2017-12-10 20:53:44 +01:00
Saleem Rashid
a1e911aa4c
transaction: Do not hardcode HASHER_SHA2
2017-12-10 20:53:44 +01:00
Saleem Rashid
54b0869535
signing: Use Hasher instead of SHA256_CTX
2017-12-09 16:28:40 +01:00
Saleem Rashid
dd7b21a6ca
hasher: Initial commit
2017-12-09 16:28:40 +01:00
Pavol Rusnak
bc7c66aa76
add Features.model field (set to "1")
2017-12-04 22:30:11 +01:00
Pavol Rusnak
f44635a9ca
vendor: update trezor-common
2017-11-29 23:04:59 +01:00
Tomas Susanka
a82bbbb30d
layout: encode -> encrypt typo
...
updates #252
2017-11-29 13:48:29 +01:00
Tomas Susanka
cfe8a98c68
signing segwit change output typo
2017-11-25 01:06:46 +01:00
Pavol Rusnak
723cf295a7
device label -> device name
2017-11-16 20:03:26 +01:00
Pavol Rusnak
4770df8912
update version to 1.6.0
2017-11-16 19:50:42 +01:00
Pavol Rusnak
3386b16a1c
GetAddress: detect mismatched coin and path, show warning
2017-11-16 19:22:55 +01:00
Pavol Rusnak
a713fca857
layout: recognize known bip44/bip49 paths in GetAddress dialog
2017-11-16 18:34:59 +01:00
Pavol Rusnak
cc0896c334
add bip44 coin_type to CoinInfo
2017-11-16 18:34:50 +01:00
Pavol Rusnak
54659d49d8
layout: op_return now requires confirmation by user
2017-11-15 15:42:56 +01:00
Pavol Rusnak
de3b78bd0b
layout: print bip32 path in GetAddress dialog
2017-11-14 17:53:17 +01:00
Pavol Rusnak
61044b3fc3
u2f: add u2f.bin.coffee
2017-11-14 14:29:46 +01:00
Saleem Rashid
e3460b9f00
reset: Call storage_commit after initialization
...
Fixes #230
2017-11-14 13:42:44 +01:00
Jochen Hoenicke
e1fa7af1da
Byte-precise size estimate for fees
...
Fixes issue #232 .
It assumes largest possible signature size for all inputs. For segwit
multisig it can be .25 bytes off due to difference between segwit
encoding (varint) vs. non-segwit encoding (op_push) of the multisig script.
2017-11-14 13:39:17 +01:00
Pavol Rusnak
a4d46b7ae1
vendor: update trezor-common, increase coins count
2017-11-13 22:32:11 +01:00
Jochen Hoenicke
b8bca1c444
Fix segwit forkid signatures
2017-11-13 22:20:08 +01:00
Jochen Hoenicke
8da2770051
Increase coin count
2017-11-13 22:20:08 +01:00
Jochen Hoenicke
a8bc3cb6bd
Remove add_hash_type fields.
...
The 4 byte hash_type/forkid is part of the signed message, but not
part of the transaction. Instead of hacking it into the transaction,
add it after the transaction when computing the signature.
2017-11-13 22:20:08 +01:00
Saleem Rashid
d39e4be1c8
signing: Use force_bip143 instead of has_forkid
2017-11-13 22:20:08 +01:00
Saleem Rashid
c6246b5fba
coins: Add force_bip143
2017-11-13 22:20:08 +01:00
Saleem Rashid
b6f11c9f93
signing: Add signing_hash_type function
...
This also enables SIGHASH_FORKID for SegWit
2017-11-13 22:20:08 +01:00
Pavol Rusnak
892bb8501a
fsm: ignore case for NEM addresses
2017-11-05 19:30:33 +01:00
Jochen Hoenicke
600c61b3dc
Updated trezor-crypto.
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
bbf6b1b097
Implemented VerifyMessage for bech32
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
0f50b816e6
Wrap long addresses in three lines
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
97581928de
Enable Segwit Bech32 addresses
...
Increase the size of the addresses in protobuf.
Fix layout2.c to handle longer addresses.
Add a field bech32_prefix to coins.h
Adapted the coins-gen script.
Added bech32 support in signing.c and transaction.c
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
cf3dc6051c
Omit leading space in shortcut in GetFeatures
2017-11-05 19:23:34 +01:00
Jochen Hoenicke
1566631023
Improved backwards compatibility of GetFeatures
...
Set all CoinType fields except signed_message_header.
Move static assert into the function where it is needed.
2017-11-05 19:23:34 +01:00
Jochen Hoenicke
b5fa8a266a
New CoinInfo separated from protobuf structures
...
Having CoinType using the protobuf structures has several disadvantages.
- We always need to change trezor-common if we need a new field (like
bech32 prefix)
- Every time Trezor initializes it sends all this information out and
nobody cares.
- The protobuf structures add storage overhead due to their fixed size.
I also removed most of the `has_` fields except for forkid:
- `has_segwit` was merged with segwit
- `has_coin_shortcut` can be replaced by test for NULL if necessary.
The fields were reordered for better padding.
2017-11-05 19:23:34 +01:00
Pavol Rusnak
18d8cb3c56
add project website (trezor.io) to license header
2017-11-05 17:47:23 +01:00
Jochen Hoenicke
a24e8a0484
Remove magic constants
...
Use defines for wallet depth and change chain. Updated some comments
to clarify what is checked.
2017-11-03 19:12:41 +01:00
Jochen Hoenicke
4805f27e8c
Fix checking change address
...
There was a signed/unsigned problem: size_t is unsigned, but we use
-1 to indicate mismatch. The problem was that when checking the input
address path, it still did this unintentionally when a mismatch was
detected, forbidding to sign with mismatched inputs, even when there
is no change address.
We now use 1 for mismatch. Also we don't allow change address anymore
if the inputs have a path of length 1. This simplifies the code a bit.
2017-11-03 19:12:41 +01:00