1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-21 05:48:23 +00:00
Commit Graph

1675 Commits

Author SHA1 Message Date
Martin Milata
01c1ae426f docs: add security fixes to changelogs 2021-06-30 18:32:58 +02:00
Andrew Kozlik
c067618828 fix(common): Fix incorrect SLIP-44 coin type for Bgold and SmartCash Testnets. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
3e9f8a32ac fix(core): Fix insufficient BIP-32 path checks.
- Disable testnet coins from accessing Bitcoin paths.

- Restrict BIP-45 paths to Bitcoin and coins with strong replay protection.
2021-06-30 18:25:58 +02:00
Martin Milata
e67b3ab214 docs(core): changelog for 2.4.1
[skip_ci]
2021-06-30 18:21:56 +02:00
Pavol Rusnak
8cfa5da1ce
docs: fix typos in comments
[skip_ci]
2021-06-30 15:41:55 +02:00
Ondřej Vejpustek
24200e7424 fixup! fix(legacy): make RDI work on T1 2021-06-24 17:34:24 +02:00
Ondrej Mikle
daa94ac941 fix(legacy): make RDI work on T1 2021-06-24 17:34:24 +02:00
gabrielkerekes
cc14ffb3e3 docs(core): add changelog entries for Cardano 2021-06-24 11:09:32 +02:00
gabrielkerekes
db657615f4 fix(cardano): use OrderedMap for output tokens and withdrawals 2021-06-24 08:24:47 +02:00
gabrielkerekes
4e5772662c fix(cardano): don't allow duplicate withdrawals 2021-06-24 08:24:42 +02:00
gabrielkerekes
3cd2182b69 feat(core): introduce OrderedMap into CBOR serialisation
Items of an OrderedMap are included in CBOR as they come without sorting them in any way.
2021-06-24 08:22:39 +02:00
Ondřej Vejpustek
b8b0ae09d9 fix(core): use unprivileged shutdown where needed 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
5984fd6ad7 feat(core): jump to unprivileged mode after shutdown 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
40b4f679f9 feat(core): implement wrapper for svc_shutdown 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
311288407e docs(core): document shutdown_privileged 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
4968d7da53 feat(core): implement svc shutdown 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
cca9d4b1c4 refactor(core): rename shutdown to shutdown_privileged 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
7686eb355a fix(core): fix import of random delays 2021-06-23 16:40:45 +02:00
matejcik
47c2be9f13 docs(core): add changelog entry for altcoin layouts 2021-06-23 11:51:18 +02:00
matejcik
015c47d564 chore(core): export PropertyType to fix mypy errors 2021-06-23 11:51:18 +02:00
matejcik
da4442bbd7 feat(core): auto-hexlify in confirm_properties 2021-06-23 11:51:18 +02:00
matejcik
41c5d773e2 refactor(core): put property key+value on the same screen 2021-06-23 11:51:18 +02:00
matejcik
3c4eb04346 feat(core/monero): cache Monero testing chain between runs 2021-06-23 11:51:18 +02:00
Martin Milata
178b575465 refactor(core): convert apps.nem to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
dd3b689ded refactor(core): convert apps.eos to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
3ffbae5d17 refactor(core): convert apps.binance to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ddac852acf refactor(core): convert apps.cardano to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ffb400180d refactor(core/ui): more consistent layout parameter names 2021-06-23 11:51:18 +02:00
Martin Milata
a143fe34d0 refactor(core): convert apps.lisk to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ebf6ef1666 refactor(core): convert apps.tezos to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
12478b1716 refactor(core): convert apps.stellar to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
6aeaadfe16 refactor(core): convert apps.ripple to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
16094df0c5 refactor(core): convert most of apps.monero to layouts
Progress popups are not ported yet as they're unlike anything else.

Introduces paginate_paragraphs.
2021-06-23 11:51:18 +02:00
Martin Milata
6c926ad82e refactor(core): convert apps.ethereum to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
b7cab90e3c refactor(core/ui): use new_lines=False in layouts 2021-06-23 11:51:18 +02:00
matejcik
1012ee8497 feat(core): send ButtonRequests for paging events 2021-06-22 11:25:12 +02:00
Pavol Rusnak
69d1465e08
refactor(core): pass invert_colors to send_init_seq_ST7789V as argument
to make the call more flexible
2021-06-19 19:57:42 +02:00
Pavol Rusnak
18e103bb94
style(core): refactor style of display-stm32_T 2021-06-19 19:54:19 +02:00
Martin Milata
bc7fb32db9 docs(core): Fix dates in changelog 2021-06-11 20:22:42 +02:00
matejcik
52c34c7364 fix(core): allow caching empty values (fixes #1659) 2021-06-11 12:32:13 +02:00
gabrielkerekes
ae831abb75 docs(core): add changelog entries for cardano updates 2021-06-08 15:02:24 +02:00
gabrielkerekes
b2de8909d1 fix(core/cardano): reintroduce max tx output size
Output size is currently limited to 4000 bytes at protocol level. Given the maximum transaction size Trezor can handle (~9kB), we also want to enforce this size limit here so that when the limit is raised at protocol level again, Trezor would still not be able to produce larger outputs than it could reliably spend. Once Cardano-transaction signing is refactored to be completely streamed and maximum supported transaction size is thus raised, this limit can be lifted.
2021-06-08 15:02:24 +02:00
gabrielkerekes
a92b5fc333 fix(core/cardano): forbid tx outputs with both address and address parameters 2021-06-08 15:02:24 +02:00
gabrielkerekes
597402eab8 refactor(core/cardano): decouple address parameters validation 2021-06-08 15:02:24 +02:00
matejcik
d6776d988e docs(core): add changelog entry for Rust protobuf 2021-06-08 09:55:19 +02:00
matejcik
aa4227fa84 ci: update coverage exclusion list 2021-06-08 09:55:19 +02:00
matejcik
cbe4e0e725 fix(core): properly exclude altcoins from all_modules 2021-06-08 09:55:19 +02:00
matejcik
729414e606 fix(core): exclude get/set U2F counter from BITCOIN_ONLY 2021-06-08 09:55:19 +02:00
matejcik
c06a93cba5 feat(core/rust): propagate bitcoin_only flag to Rust build 2021-06-08 09:55:19 +02:00
matejcik
1382246977 fix(core/tests): fix equality testing for new message types 2021-06-08 09:55:19 +02:00
matejcik
da2ef8ed41 refactor(core): create and use protobuf uvarint writer 2021-06-08 09:55:19 +02:00
Jan Pochyla
a8623c4b59 refactor(core): fix imports and use new protobuf API in apps 2021-06-08 09:55:19 +02:00
Martin Milata
72557614c4 build(core): update build process for new protobuf
- properly exclude in the trezor/enums folder
- generate Rust protobuf blobs in scons

Split from "tools: Generate special Protobuf blobs for the Rust codec"
2021-06-08 09:55:19 +02:00
Jan Pochyla
02aa14fc04 refactor(core): Switch to new Protobuf API 2021-06-08 09:55:19 +02:00
matejcik
8a5cb41060 chore(core): regenerate with new templates 2021-06-08 09:55:19 +02:00
matejcik
d42bc8a4c0 refactor(core): prepare new templates for enums and messages 2021-06-08 09:55:19 +02:00
matejcik
266955ba65 refactor: rework pb2py generator
This also includes the capability to build Rust protobuf blobs.
2021-06-08 09:55:19 +02:00
Jan Pochyla
8a21e3fc73 feat(core): Add Rust Protobuf codec 2021-06-08 09:55:19 +02:00
Pavol Rusnak
23aa69caea fix(core): unify Features.revision reporting with legacy 2021-06-04 12:50:49 +02:00
matejcik
2fac964a29 chore(common): disable Firo support 2021-06-04 11:38:18 +02:00
Pavol Rusnak
fce3640848 fix(common): remove dead coin Hatch 2021-06-04 10:10:26 +02:00
Martin Milata
767e7b8e8d fix(core): spaces in Shamir info texts 2021-06-03 16:54:42 +02:00
Martin Milata
ca836b2e45 chore(core): bump version to 2.4.1 2021-06-02 12:50:22 +02:00
matejcik
86089fa5ad feat(core): avoid restarting session for select messages (fixes #1631) 2021-06-01 14:07:29 +02:00
Martin Milata
e77082f34f docs(core): changelog for 2.4.0 2021-05-24 20:46:41 +02:00
Martin Milata
8c6b93e0bd build(core): account for ARM unwinding info in memory layout
Currently the 8-byte section is inserted under semi-random name like
.ARM.exidx.text._ZN50_$LT$T$u20$as$u20$core..convert..Into$LT$U$GT$$GT$4into17h79ccbc4bdfe3f200E.
This makes it hard to include it in _codelen that is later baked into
firmware header. This change adds new section because including it in
.flash causes linker error due to mixing "ordered" and "unordered"
sections.

By renaming .exidx to /DISCARD/ we'd drop this info, there may also
exist compiler flag to do that.
2021-05-21 13:49:42 +02:00
Martin Milata
20fe8552ca build(core/rust): use correct architecture for T1
TT is Cortex-M4 is Armv7E-M while T1 is Cortex-M3 is Armv7-M:
https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/armv6-m-vs-armv7-m---unpacking-the-microcontrollers
2021-05-21 13:49:42 +02:00
Ondřej Vejpustek
6fd4739c5c feat(core): make random delays use chacha_drbg 2021-05-21 13:42:53 +02:00
Ondřej Vejpustek
e1a5f42c81 feat(core): make chacha_drbg more robust 2021-05-21 13:42:53 +02:00
Ondřej Vejpustek
8ee17f69b3 refactor(core): move wait_random and rdi into separate file 2021-05-21 13:42:53 +02:00
matejcik
e015bc0856 build(core/rust): disable nightly-only features
When we need them, we will re-enable.
2021-05-21 13:42:10 +02:00
Pavol Rusnak
155fc7ac67
fix(core): remove tcDisplay from metadata/trezor-ctap2.json 2021-05-19 14:49:54 +02:00
Pavol Rusnak
d358503676
fix(core): remove txAuthSimple from metadata/trezor-ctap2.json 2021-05-19 14:45:02 +02:00
Martin Milata
c54077a714 fix(core): imports needed for T1 startup
Now debug build booted on wiped T1 connects to USB and shows square in
top right corner.
2021-05-17 18:03:07 +02:00
matejcik
1e0a23c133 fix(core/paths): make sure containers are copied along with the numbers they contain 2021-05-06 13:14:21 +02:00
matejcik
f05215f4ff chore(core): add changelog entry 2021-05-06 13:14:21 +02:00
matejcik
ed5c357b78 fix(core): properly cache last successful unlock time 2021-05-06 13:14:21 +02:00
matejcik
959cf7d515 fix(core/homescreen): properly redraw when an outside process kills homescreen
This happens with FIDO which does not use the normal workflow management
and so `workflow.close_others()` is never called.
2021-05-06 13:14:21 +02:00
matejcik
411a7bb802 fix(core/wire): handle codec errors better 2021-05-06 13:14:21 +02:00
matejcik
231a1fe229 refactor(core): do not cache reverse-mapping of message types in RAM
Instead, walk the module for every message.

Also remove the custom wire type registration facility, which is not
used.
2021-05-06 13:14:21 +02:00
matejcik
f1a54f2108 refactor(core): remove more global imports 2021-05-06 13:14:21 +02:00
matejcik
2cb379108c refactor(core/homescreen): load homescreen image on-demand 2021-05-06 13:14:21 +02:00
matejcik
f61d7fffa8 fix(core): fix top-level imports in apps.common.passphrase 2021-05-06 13:14:21 +02:00
matejcik
93db39ad70 fix(core/wire): drop unused reader, clarify writer usage 2021-05-06 13:14:21 +02:00
matejcik
1c32cbcc1c ci(core): exclude more things from coverage report 2021-05-06 13:14:21 +02:00
matejcik
5ee85b6ed9 refactor(core): improve clarity in main.py 2021-05-06 13:14:21 +02:00
matejcik
25385af159 feat(core/emu.py): erase profile when running emu.py -e 2021-05-06 13:14:21 +02:00
matejcik
94521a2065 feat(core): presize some modules to account for their sub-imports 2021-05-06 13:14:21 +02:00
matejcik
5f4240d93c feat(core): preallocate sys.modules to an appropriate size 2021-05-06 13:14:21 +02:00
matejcik
b5c1b37a56 chore(core/tests): bump heap size for core unit tests 2021-05-06 13:14:21 +02:00
matejcik
b1e4246b46 refactor(core/webauthn): make sure KEY_AGREEMENT_*KEY is generated once per power-up
This is what the spec recommends and it has been the case before
workflow-restarts, when `apps.webauthn.fido2` was imported exactly once
per lifetime.

With workflow-restarts, `fido2` is being imported repeatedly and the
keys regenerated. This does not seem to be a problem per the spec -- a
FIDO workflow will retain the same keys, and non-FIDO workflows can be
seen as unplugs/replugs as far as the FIDO functionality is concerned.

However, regenerating the keys is slow, which is a problem for the
hardware-based unit tests. We can avoid the slowness by returning to the
spec-mandated behavior and generating once per power-up.
2021-05-06 13:14:21 +02:00
matejcik
f6f3c7ffcf fix(core): prevent flickering when homescreen does not need to redraw 2021-05-06 13:14:21 +02:00
matejcik
5d12b943b3 feat(core): ensure all module names are interned 2021-05-06 13:14:21 +02:00
matejcik
96fd347ca8 fix(core): keep value of experimental_features cached across workflow restarts 2021-05-06 13:14:21 +02:00
matejcik
aaa3ce6117 fix(core/bitcoin): fix CoinJoin authorization with new cache 2021-05-06 13:14:21 +02:00
matejcik
dd655422f1 refactor(core/wire): simplify the message handling loop 2021-05-06 13:14:21 +02:00
matejcik
b387970468 refactor(core/debug): move "wipe with debug build" to boot.py
otherwise it gets wiped after every workflow
2021-05-06 13:14:21 +02:00
matejcik
1822aebdb4 feat(core): prefill field_cache in bitcoin app 2021-05-06 13:14:21 +02:00
matejcik
f3db4f2dd3 refactor(core): defragment PathSchema memory usage 2021-05-06 13:14:21 +02:00
matejcik
b1ca6ca848 refactor(core/debug): offload debug configuration from apps.debug 2021-05-06 13:14:21 +02:00