arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-23 13:51:00 +00:00
Code Issues Releases Wiki Activity
12,049 Commits 391 Branches 206 Tags 194 MiB
74246150e5
Commit Graph

60 Commits

Author SHA1 Message Date
Andrew Kozlik
4cd88e16f7 feat(core): Introduce use_compact option for FIDO2. 
When use_compact is set to true, Trezor creates smaller credential IDs.
 2023-04-05 15:49:27 +02:00
Andrew Kozlik
edeccde9f3 fix(core): Show app icon in Fido2ConfirmNoCredentials. 
[no changelog]
 2023-03-09 14:51:22 +01:00
Andrew Kozlik
00dde0e312 feat(core): Handle .dummy RP ID in Chrome FIDO2. 2023-02-23 13:02:33 +01:00
Andrew Kozlik
2ee5b0aa15 fix(core): Fix FIDO2 falling back to U2F. 
[no changelog]
 2023-02-23 13:02:33 +01:00
Andrew Kozlik
deb38a2db5 feat(core): Ignore channel ID in U2F. 
Safari browser changes the CID for every single operation. We need to
keep up the same U2F dialog for different CIDs as long as the dialog
corresponds to the same request data.
 2023-02-23 13:02:33 +01:00
grdddj
996fec5aae chore(core): delete newlines in strings where they do not delimit useful info 
Done so we can use the same strings for both TT and TR

[no changelog]
 2023-02-07 12:26:33 +01:00
grdddj
61277bd80a feat(core/ui): implement webauthn layouts for UI2 
[no changelog]
 2022-11-24 13:03:34 +01:00
grdddj
0c3423b1c7 chore(core): decrease webauthn size by 1270 bytes 2022-11-10 14:08:28 +01:00
Martin Milata
2f987c3c5e refactor(core/ui): remove dependencies on old layouts 
[no changelog]
 2022-04-07 17:58:41 +02:00
grdddj
9fc5bb546b style(core): full pyright-based type-checking 
Changes many fields to required -- as far as we were able to figure out,
signing would fail if these fields aren't provided anyway, so this
should not pose a compatibility problem.

Co-authored-by: matejcik <ja@matejcik.cz>
 2022-01-07 21:41:17 +01:00
amadejpapez
85ba7c12ba style(all): use f-strings for formatting 
[no changelog]
 2021-10-13 11:53:17 +02:00
Martin Milata
2a91052b02 refactor(core/ui): move altcoin and webauthn layouts to separate file 
Also fix types.
 2021-08-04 15:03:11 +02:00
Martin Milata
875cc0cb1a refactor(core): convert apps.webauthn to layouts 2021-08-04 15:03:11 +02:00
Andrew Kozlik
97ca1e3341 chore(core): Add offset parameter to cbor.decode(). 2021-07-22 10:54:49 +02:00
matejcik
b1e4246b46 refactor(core/webauthn): make sure KEY_AGREEMENT_*KEY is generated once per power-up 
This is what the spec recommends and it has been the case before
workflow-restarts, when `apps.webauthn.fido2` was imported exactly once
per lifetime.

With workflow-restarts, `fido2` is being imported repeatedly and the
keys regenerated. This does not seem to be a problem per the spec -- a
FIDO workflow will retain the same keys, and non-FIDO workflows can be
seen as unplugs/replugs as far as the FIDO functionality is concerned.

However, regenerating the keys is slow, which is a problem for the
hardware-based unit tests. We can avoid the slowness by returning to the
spec-mandated behavior and generating once per power-up.
 2021-05-06 13:14:21 +02:00
Martin Milata
ac711fb8ee style(core): use more recent type annotation syntax 
https://www.python.org/dev/peps/pep-0585/ - Type Hinting Generics In Standard Collections
https://www.python.org/dev/peps/pep-0604/ - Allow writing union types as X | Y
 2021-04-01 11:12:30 +02:00
Martin Milata
f1382bf892 refactor(core): model-dependent UI component directories 
They now live under trezor.ui.components.tt. Later
trezor.ui.components.t1 will be added and application code will be
rewritten to not use them directly in order to work on both TT and T1.
 2021-02-10 13:57:19 +01:00
Pavol Rusnak
1e8673bf5f style(core/apps): use new syntax for typing 2020-12-01 15:52:29 +01:00
Martin Milata
ee64b65b26 refactor(core): call super().__init__() in subclasses 2020-11-30 14:48:08 +01:00
Pavol Rusnak
952adc5961
style(core): use PEP515 Underscores in Numeric Literals 2020-11-23 14:30:16 +01:00
matejcik
4ca8f7b0d6 style(core): use relative imports everywhere 
except Monero, which has a rather complex structure and I don't want to
search&replace mess with it in case some of the things break memory
layout
 2020-11-05 14:30:11 +01:00
Pavol Rusnak
d8534b5ee6
perf(core/extmod): replace HMAC Python implementation with C 
We keep Python implementation of HMAC for Monero in
core/src/apps/monero/xmr/crypto/__init__.py
 2020-10-12 16:33:13 +02:00
Tomas Susanka
a6acefbdf5 core: wipe before reset and recovery; introduce 'intialized' field 2020-06-16 11:31:29 +02:00
matejcik
872e0fb0e0 core: lower scheduler resolution to milliseconds 
This avoids problems with large timeouts causing the scheduler queue to
think the time counter has overflown, and ordering the autolock task before
immediate tasks.

The maximum reasonable time difference is 0x20000000, which in
microseconds is ~8 minutes, but in milliseconds a more reasonable ~6
days.
 2020-06-04 16:18:46 +02:00
matejcik
2d0206c043 core: replace workflow.on_start/on_close with workflow.spawn 2020-06-04 16:18:46 +02:00
Andrew Kozlik
5469acfabf core/webauthn: Cache user verification for 3 minutes. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
b867ac1d01 core/webauthn: Implement FIDO2 unlocking from softlock. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
0f81886c9f core/webauthn: Allow confirm_dialog() to return a new state as an alternative to the user response. 2020-06-04 16:18:46 +02:00
Andrew Kozlik
c8ae5c157e core/webauthn: Implement U2F unlocking from softlock. 2020-06-04 16:18:46 +02:00
matejcik
8ca7ffc3b8 core: use wire.PinCancelled/PinInvalid instead of custom versions 
also refactor show_pin_invalid and its usages so that it raises directly

note that we are now using PinCancelled instead of ActionCancelled where
appropriate
 2020-06-04 16:18:46 +02:00
Andrew Kozlik
9e4a8ca785 core/webauthn: Improve error codes for uninitialized device. Return ERR_OPERATION_DENIED only upon user decline or timeout, otherwise it cancels the operation on all connected authenticators. 2020-04-14 12:24:17 +02:00
Andrew Kozlik
fca92d7344 core/webauthn: Update attestation certificate to comply with WebAuthn requirements. 2020-04-06 18:29:05 +02:00
Andrew Kozlik
25a39ea729 core/webauthn: Fix handling of interleaving frames to comply with the U2F HID specification. 2020-04-06 09:53:42 +02:00
Andrew Kozlik
b3cd760df0 core/webauthn: Disable CTAPHID_WINK function. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
e5008eb332 core/webauthn: Remove indistinguishable credentials from the allow list. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
cda9de8dd1 core/webauthn: Add maxCredentialCountInList and maxCredentialIdLength to authenticatorGetInfo response. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
0af0e06d5b core/webauthn: Truncate names in credential data to at most 100 bytes. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
f610787f8d core/webauthn: Clean up bytes/bytearray typing around uctypes. 2020-03-12 15:45:26 +01:00
Andrew Kozlik
e378820f7f core/webauthn: Implement support for Ed25519 signatures in FIDO2. 2020-03-12 15:45:26 +01:00
matejcik
a79279115e core: move confirm_signal evaluation into concrete Layout implementations 
Apart from making the code more correct for its users in
apps.common.confirm and elsewhere, this fixes a problem where the
confirm_signal would be scheduled before the dialog is rendered.
By making sure that handle_rendering is scheduled (i.e., listed in
create_tasks) before confirm_signal, we can be sure to render at least
once and thus appear in the UI test results.
 2020-01-23 15:45:10 +01:00
Andrew Kozlik
289d8276eb core/fido2: check for HID timeout in send_cmd() (#791) 2020-01-11 14:33:24 +01:00
Andrew Kozlik
0432f5e801 webauthn: Add use_self_attestation flag to FIDO apps. 2019-12-11 15:29:52 +01:00
matejcik
67b2ba558b core: auto-generate list of FIDO known apps 
and improve code for loading icons
 2019-12-09 16:31:46 +01:00
Andrew Kozlik
420a4b8ba7 core/webauthn: Close U2F confirmation screen if browser stops polling for more than 3 seconds. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
0b851d6959 core/webauthn: Reply with ERR_CHANNEL_BUSY once a U2F request has been declined to stop Chrome from polling. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
4d3c634732 core/webauthn: Use different return code when user verification is requested but PIN is not set to get better browser behavior. Related to cf6949332f. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
a63ff8f9b4 core/webauthn: Add bogus app ID used by Firefox to indicate error in U2F. Figure out which error to display based on past U2F_AUTHENTICATE check-only requests on the same channel. 2019-12-03 14:48:59 +01:00
Andrew Kozlik
a704bfe184 core/webauthn: Allow only one CTAPHID_WINK command at a time on any given channel ID to fix continuous display blinking with Android. 2019-12-03 14:18:43 +01:00
Andrew Kozlik
3a4e9bd25c core/ui: Ignore any new alert requests if an alert is already in progress in order to avoid multiple alerts overlapping. 2019-12-03 14:18:43 +01:00
Andrew Kozlik
790178a442 fixup! core/webauthn: Allow new workflow to be set after a command response is sent, so that in device tests the next test doesn't fail with ERR_CHANNEL_BUSY while the previous workflow is closing. 2019-11-26 15:18:14 +01:00