Pavol Rusnak
aa6405e23c
firmware: reintroduce dep into Makefile
2018-05-03 17:42:47 +02:00
Pavol Rusnak
fb3e468ea2
fsm: split fsm_msg functions into various topic include files
2018-05-03 16:48:47 +02:00
Tomas Susanka
c4beba839b
nem: mosaics are generated from nem_mosaics.json in trezor-common
...
closes #344
2018-05-02 17:32:47 +02:00
Peter van Mourik
78ece6631f
Wanchain support ( #313 )
2018-05-02 15:33:22 +01:00
Pavol Rusnak
a1cde6e0ce
vendor: update trezor-common (disable Lisk messages for now)
2018-05-02 15:24:37 +01:00
ZuluCrypto
8e8749dc68
Add support for Stellar
2018-05-02 15:19:05 +01:00
Pavol Rusnak
2c56c4de1b
firmware: use -Os except for crypto/nanopb parts
2018-05-02 13:15:12 +01:00
Pavol Rusnak
783f1c0323
storage: refactor default/minimum lock storage, change default values
2018-04-10 23:46:41 +02:00
mcudev
e907cb87bc
check_bootloader: depend on MEMORY_PROTECT
2018-04-10 14:19:27 +02:00
mcudev
56ff88a08f
update bootloader padding/alignment and integrate build process for bootloader and firmware
2018-04-10 14:19:27 +02:00
Saleem Rashid
63a549aefb
coin_info: Prepend space to coin_shortcut
2018-04-09 12:43:26 +02:00
Pavol Rusnak
27702ea26a
fix build after cashaddr merge
2018-04-05 11:56:25 +02:00
Jochen Hoenicke
059555039c
cashaddr: Don't show coin prefix on the display.
...
While technically part of the address, the coin prefix, e.g., bitcoincash:
is implicit and doesn't need to be checked by the user. We still
include it in the QR-code though.
Also set case-insensitive flag for QR-code.
2018-04-05 11:28:06 +02:00
Jochen Hoenicke
1e91f92271
Increased address size to 130.
2018-04-05 11:28:06 +02:00
Jochen Hoenicke
cb6022ce04
Added support for cashaddr.
2018-04-05 11:28:05 +02:00
Jochen Hoenicke
e1ad1512d0
Avoid division by zero.
...
Check that there is no overflow in `inputs_count + outputs_count`.
Check that previous transaction contains at least the spent output.
2018-04-05 09:23:23 +02:00
Jochen Hoenicke
f216328987
Fix initialisation of word_pincode
2018-04-05 09:23:23 +02:00
Pavol Rusnak
9c9b4bf5cb
messages: code cleanup after emulator change
2018-04-04 16:49:04 +02:00
matejcik
8851863f81
emulator: open a second socket for debuglink, same as T2
2018-04-04 16:21:43 +02:00
Pavol Rusnak
5633207a43
bump bootloader version to 1.5.0, firmware version to 1.7.0
2018-04-04 15:04:46 +02:00
Tomas Susanka
7b1b9d3069
nem: IV is not copied
...
The IV copy was moved to trezor-crypto
(https://github.com/trezor/trezor-crypto/pull/140 ) so it is not needed
in trezor-mcu anymore
2018-04-04 15:02:39 +02:00
Pavol Rusnak
399706ae22
storage: implement unfinished_backup flag
2018-04-04 12:42:52 +02:00
Pavol Rusnak
27443a06c8
protob: add limit for DebugLinkDecision.input
2018-04-04 01:13:19 +02:00
Pavol Rusnak
3a908d7c7d
fsm: update storage after ApplyFlags
2018-04-04 01:08:39 +02:00
Roman Zeyde
159df8d24f
fsm: allow auto-lock delay configuration
2018-04-04 01:06:47 +02:00
Roman Zeyde
987b686f63
storage: allow auto-lock delay configuration
2018-04-04 01:06:26 +02:00
Saleem Rashid
8bdf338f32
coins-gen: Remove obsolete script
2018-04-03 18:40:41 +02:00
Saleem Rashid
95e5f15bde
vendor: Update trezor-crypto
2018-04-03 18:40:41 +02:00
Saleem Rashid
0df9404054
signing: Check decred_script_version for txinput
2018-04-03 18:40:41 +02:00
Saleem Rashid
f0875285b2
transaction: Fix Decred multisig
2018-04-03 18:40:41 +02:00
Saleem Rashid
e7703a16fe
crypto: Remove hardcoded instances of secp256k1
2018-04-03 18:40:41 +02:00
Saleem Rashid
77e76542bc
signing: Compute tx_weight for Decred
2018-04-03 18:40:41 +02:00
Saleem Rashid
d63e294c0b
signing: Document Decred signing
2018-04-03 18:40:41 +02:00
Saleem Rashid
057ec1227d
signing: Add Decred support
2018-04-03 18:40:41 +02:00
Saleem Rashid
3f51bc3628
signing: Use SignTx in signing_init
2018-04-03 18:40:41 +02:00
Saleem Rashid
9849321883
coins: Add Decred support
2018-04-03 18:40:41 +02:00
Saleem Rashid
b3f1d79821
coin_info: Refactor coins-gen.py
2018-04-02 21:47:15 +02:00
Saleem Rashid
69356e5f56
messages_map: Fix Flake8 warnings
2018-04-02 21:47:15 +02:00
Saleem Rashid
88230e33c4
nem_mosaics: Fix Flake8 warnings
2018-04-02 21:47:15 +02:00
Saleem Rashid
7092951a40
Makefile: Add GENERATE_CODE function
...
Fixes #281
2018-04-02 21:47:15 +02:00
Tomas Susanka
519c117e30
nem: SignTx instead of ConfirmOutput in mosaic creation
2018-03-30 14:01:59 +02:00
Jochen Hoenicke
ed7a8bfa6c
Fixes for emulator
2018-03-29 01:30:40 +02:00
Jochen Hoenicke
25e824aaa3
Supervisor Calls
...
Add Supervise interrupts to allow to do privileged operations like
flashing from application code.
2018-03-29 01:30:40 +02:00
Jochen Hoenicke
068f013bc6
Force size fields in storage to be 32 bit
...
Better storage compatibility between 64 bit and 32 bit builds.
2018-03-29 01:16:46 +02:00
Jochen Hoenicke
0127c1a374
Add function storage_getPinWait
2018-03-29 01:16:46 +02:00
Jochen Hoenicke
c09590b54d
Cleaner flash handling using FLASH_PTR
...
Use `FLASH_PTR` macro to convert a flash address to a const pointer.
For real hardware it is just a cast, for emulator we subtract the
`FLASH_ORIGIN` and use it as index into the memory mapped flash file.
Make write access to flash with volatile pointers
Also use FLASH_PTR in DebugMemory* for now. This allows for reading and
writing the flash in the emulator or just crash it by reading outside
the flash...
2018-03-29 01:16:46 +02:00
Jochen Hoenicke
2587e49843
Disable fastflash.
...
It doesn't make sense any more and doesn't work with newer bootloaders.
2018-03-29 01:03:58 +02:00
Jochen Hoenicke
4ebbe8c274
Fix compilation problems
2018-03-29 01:03:58 +02:00
Jochen Hoenicke
a7158f39a5
fix out-of-bounds read (for debug_link)
...
Pinmatrix should always be null-terminated for debug-link.
The memset overwrote the terminating nul character.
2018-03-27 15:00:25 +02:00
Jochen Hoenicke
c4e1c5953e
Fix shift overflow
...
Avoid undefined behavior by casting uint8_t to uint32_t before shifting
by 24 bits.
2018-03-27 15:00:25 +02:00
Pavol Rusnak
ceced152a8
docs: update changelogs
2018-03-21 12:29:38 +01:00
Pavol Rusnak
95dd254094
util: use shutdown from trezor-core instead of system_halt
2018-03-21 12:18:36 +01:00
Pavol Rusnak
9588e8f273
update bootloader to 1.4.0 via firmware, run unsigned firmware in unprivileged mode
2018-03-20 15:44:20 +01:00
Jochen Hoenicke
d6f41dba9e
messages: fix size of msg_tiny and add static_assert
2018-03-20 15:42:53 +01:00
Pavol Rusnak
559a700fb0
fsm: add for button before Recovery device
2018-03-20 15:41:16 +01:00
Pavol Rusnak
5ae04c17c5
firmware: set version to 1.6.1
2018-03-19 15:18:54 +01:00
Pavol Rusnak
b20336e82d
Revert WinUSB feature
...
This reverts the following range of commits:
68168393b9ea61328f4bb43bc3059ab32c4be2e9..ab76828e16b552c82f468e5d89f1af0645258995
Revert "update usb descriptors"
This reverts commit ab76828e16
.
Revert "trezorhal: reply with winusb guid just for the main interface (0)"
This reverts commit 6acfc5d1b3
.
Revert "winusb: fix WINUSB_EXTRA_STRING"
This reverts commit 966d8cb4ce
.
Revert "winusb: cleanup DeviceInterfaceGUIDs usage"
This reverts commit 56c5a46095
.
Revert "make winusb_string_descriptor const"
This reverts commit 132cc4b474
.
Revert "webusb: remove unused constants"
This reverts commit 38b4d507bc
.
Revert "bootloader: remove debug"
This reverts commit 56d3cbe2e9
.
Revert "Bootloader - Switch from HID to WebUSB"
This reverts commit a22abfe90b
.
Revert "Switch from HID to WebUSB"
This reverts commit cb067bd14c
.
Revert "Add WinUSB, WebUSB, USB2.1 to build"
This reverts commit 05e218bcb8
.
Revert "Add WebUSB descriptors"
This reverts commit a062127cef
.
Revert "Add WinUSB (WebUSB preparation)"
This reverts commit e6981e85cd
.
2018-03-14 00:37:08 +01:00
Roman Zeyde
e444dadbb2
storage: next firmware version would be 1.7.0
2018-03-13 21:49:29 +01:00
Pavol Rusnak
2a4a298d58
firmware: refactor fsm_getDerivedNode to include fingerprint
2018-03-07 14:04:37 +01:00
Jochen Hoenicke
d5e49556c5
Indicate own dest address in send dialog
...
If the destination address is controlled by the TREZOR (the wallet set
the address_n field), show the path to the address on the confirm output
dialog in the same format as the "show on Trezor" dialog indicates the
path.
2018-03-03 22:25:20 +01:00
Pavol Rusnak
e460c4fe17
session: rework get_state
2018-03-03 22:22:45 +01:00
Pavol Rusnak
7834eaba26
protect: passphrase is optional
2018-02-27 15:41:02 +01:00
Pavol Rusnak
7fa8ae136f
firmware: implement behaviour of state (still missing in PassphraseAck)
2018-02-24 17:26:57 +01:00
Pavol Rusnak
d7de064bde
bump version to 1.7.0; update firmware changelog
2018-02-21 15:40:56 +01:00
Pavol Rusnak
ab76828e16
update usb descriptors
2018-02-20 19:13:39 +01:00
Karel Bilek
cb067bd14c
Switch from HID to WebUSB
...
Also renaming varions functions from hid_ to webusb_ to actually reflect what they are doing
2018-02-20 19:13:38 +01:00
Jochen Hoenicke
c574c0a497
Updated confirmOutput dialog
...
Build it manually (to allow not indenting the address and using a
different font).
2018-02-20 18:23:14 +01:00
Jochen Hoenicke
63c6f95400
Fit 21 characters per line
2018-02-20 18:23:14 +01:00
Jochen Hoenicke
b9b36e0768
Remove duplicated code
2018-02-20 18:22:47 +01:00
Jochen Hoenicke
83a69a0334
Added fixed-width font and multi-font support
2018-02-20 18:22:47 +01:00
Pavol Rusnak
fc7189f801
use Failure_PinMismatch where it makes sense (ChangePin, ResetDevice, RecoveryDevice)
2018-02-20 17:48:19 +01:00
Pavol Rusnak
909f158c84
vendor: update trezor-common
2018-02-20 17:31:45 +01:00
Saleem Rashid
e019ab5557
fsm: Abort layoutAddress on Initialize or Cancel
...
Fixes #247
2018-02-20 17:19:41 +01:00
Jochen Hoenicke
1bc1bb1e77
Less paranoid change outputs.
...
- Allow change to be on the main chain (see spesmilo/electrum#3920 ).
- Allow more than one output to the Trezor, but don't treat it as change.
2018-02-20 16:39:16 +01:00
Saleem Rashid
e3a0b6e7b4
setup: Switch to unprivileged execution
2018-02-13 19:31:36 +01:00
Saleem Rashid
1f8f08d48a
setup: Enable MPU
...
Disable code execution from SRAM and reconfiguration of the MPU.
Prevents almost all code execution attacks.
2018-02-13 15:48:42 +01:00
Wampum
2391beb6f4
expand description of multisig label ( #294 )
2018-01-31 17:12:52 +01:00
Pavol Rusnak
bd660655ee
introduce and use memzero instead of explicit_bzero
2018-01-18 15:21:48 +01:00
Pavol Rusnak
4a2d68acb9
use explicit_bzero where possible; update trezor-crypto
2018-01-16 19:49:47 +01:00
Pavol Rusnak
cd763b979b
layout: fix last commit
2018-01-15 18:56:57 +01:00
Pavol Rusnak
f70772fb58
rework ConfirmOutput layout ( fixes #289 )
2018-01-15 18:40:54 +01:00
Pavol Rusnak
c4e3596803
update trezor-crypto, adapt firmware to to changes
2018-01-13 15:20:10 +01:00
Pavol Rusnak
7e382fb790
update to python3
2018-01-12 00:03:55 +01:00
Pavol Rusnak
94fcc8c9a4
add bip84 (native segwit)
2018-01-04 22:30:40 +01:00
Saleem Rashid
6a2b92c49e
storage: Fix for Clang
2017-12-20 15:04:43 +01:00
Saleem Rashid
58d2079b56
transaction: Fix uninitialized read in compile_output
2017-12-20 15:04:43 +01:00
Saleem Rashid
fd57b89902
Makefile: Use $PYTHON
2017-12-19 14:11:51 +01:00
Saleem Rashid
bab8db9191
vendor: Update Nanopb to 0.3.9
2017-12-19 14:11:51 +01:00
Saleem Rashid
045ef22d98
storage: Do not use Nanopb
2017-12-19 14:11:51 +01:00
Saleem Rashid
b92a0d24b0
fsm: Include file and line in fsm_sendFailure for DEBUG_LINK
2017-12-18 20:13:00 +01:00
Saleem Rashid
ba5b44d0c5
emulator: Initial commit
2017-12-18 20:09:59 +01:00
Saleem Rashid
36eac04e61
protob: Increase Features.coins max_count
2017-12-18 19:43:19 +01:00
Pavol Rusnak
9732825e24
move ethereum_tokens-gen.py to trezor-common
2017-12-18 18:36:17 +01:00
Saleem Rashid
83a34ff925
util: Add MIN and MAX macros
2017-12-17 03:12:37 +01:00
Saleem Rashid
9401d2805a
protob: Increase NEM payload max_size
...
See NemProject/NanoWallet#362
2017-12-16 21:26:32 +01:00
Saleem Rashid
f17a0a85e0
fsm: Add NEMDecryptMessage
2017-12-16 21:26:32 +01:00
Jochen Hoenicke
810443f197
Fix NULL pointer access
...
Fixes #269
2017-12-16 15:26:25 +01:00
Jochen Hoenicke
ded41c484c
storage: Padding to multiple of 4 bytes
2017-12-15 14:22:17 +01:00
Saleem Rashid
cfc5fda603
storage: Compact old_storage_size logic
2017-12-15 14:22:17 +01:00
Saleem Rashid
a304b76d34
storage: Clean up old_storage_size
...
Note that OLD_STORAGE_SIZE(imported) != 460, because
OLD_STORAGE_SIZE does not include end padding
2017-12-15 14:22:17 +01:00
Jochen Hoenicke
5812f9865d
Fix size of version 9 storage
2017-12-14 19:31:29 +01:00
Pavol Rusnak
2c63d51580
u2f: avoid using hdnode_private_ckd_cached in order not to constantly invalidate cache
2017-12-13 18:04:22 +01:00
Pavol Rusnak
106642bd44
fix last commit
2017-12-13 17:56:46 +01:00
Jochen Hoenicke
73edc7cb74
Added U2F root key to storage.
...
Fixes #251 .
2017-12-13 17:54:27 +01:00
Jochen Hoenicke
88563ebaa5
Fix compile problem, fix clearing single byte
2017-12-12 19:36:34 +01:00
Pavol Rusnak
f22c849767
storage: rework storage_commit into storage_update
2017-12-12 16:28:42 +01:00
Pavol Rusnak
70843c9059
storage: introduce storageRam and storageRom
2017-12-12 16:28:42 +01:00
Pavol Rusnak
57bbcc754a
storage: make storage accessible only via functions
...
add calls also for debug build and use them in fsm
2017-12-12 16:28:42 +01:00
Pavol Rusnak
41901a8056
firmware: rework protectChangePin
...
bootloader: wait for flash operation to finish
2017-12-12 12:51:08 +01:00
Pavol Rusnak
36f3b7fe09
firmware: mark usb buffer variables confidential
2017-12-12 12:51:08 +01:00
Pavol Rusnak
14d15dab99
fsm: refactor path checking code into path_mismatch function
2017-12-12 01:48:07 +01:00
Saleem Rashid
7cd9945905
fsm: Use coin->curve_name
2017-12-10 20:53:44 +01:00
Saleem Rashid
6e25e0b363
coins: Use curve_info instead of HasherType
2017-12-10 20:53:44 +01:00
Saleem Rashid
268e7de109
Update trezor-crypto
2017-12-10 20:53:44 +01:00
Saleem Rashid
dc781725c6
hasher: Move to trezor-crypto
...
This reverts commit dd7b21a6ca
.
2017-12-10 20:53:44 +01:00
Saleem Rashid
0e60ba54b7
crypto: Use Hasher for message signing
2017-12-10 20:53:44 +01:00
Saleem Rashid
a1e911aa4c
transaction: Do not hardcode HASHER_SHA2
2017-12-10 20:53:44 +01:00
Saleem Rashid
54b0869535
signing: Use Hasher instead of SHA256_CTX
2017-12-09 16:28:40 +01:00
Saleem Rashid
dd7b21a6ca
hasher: Initial commit
2017-12-09 16:28:40 +01:00
Pavol Rusnak
bc7c66aa76
add Features.model field (set to "1")
2017-12-04 22:30:11 +01:00
Pavol Rusnak
f44635a9ca
vendor: update trezor-common
2017-11-29 23:04:59 +01:00
Tomas Susanka
a82bbbb30d
layout: encode -> encrypt typo
...
updates #252
2017-11-29 13:48:29 +01:00
Tomas Susanka
cfe8a98c68
signing segwit change output typo
2017-11-25 01:06:46 +01:00
Pavol Rusnak
723cf295a7
device label -> device name
2017-11-16 20:03:26 +01:00
Pavol Rusnak
4770df8912
update version to 1.6.0
2017-11-16 19:50:42 +01:00
Pavol Rusnak
3386b16a1c
GetAddress: detect mismatched coin and path, show warning
2017-11-16 19:22:55 +01:00
Pavol Rusnak
a713fca857
layout: recognize known bip44/bip49 paths in GetAddress dialog
2017-11-16 18:34:59 +01:00
Pavol Rusnak
cc0896c334
add bip44 coin_type to CoinInfo
2017-11-16 18:34:50 +01:00
Pavol Rusnak
54659d49d8
layout: op_return now requires confirmation by user
2017-11-15 15:42:56 +01:00
Pavol Rusnak
de3b78bd0b
layout: print bip32 path in GetAddress dialog
2017-11-14 17:53:17 +01:00
Pavol Rusnak
61044b3fc3
u2f: add u2f.bin.coffee
2017-11-14 14:29:46 +01:00
Saleem Rashid
e3460b9f00
reset: Call storage_commit after initialization
...
Fixes #230
2017-11-14 13:42:44 +01:00
Jochen Hoenicke
e1fa7af1da
Byte-precise size estimate for fees
...
Fixes issue #232 .
It assumes largest possible signature size for all inputs. For segwit
multisig it can be .25 bytes off due to difference between segwit
encoding (varint) vs. non-segwit encoding (op_push) of the multisig script.
2017-11-14 13:39:17 +01:00
Pavol Rusnak
a4d46b7ae1
vendor: update trezor-common, increase coins count
2017-11-13 22:32:11 +01:00
Jochen Hoenicke
b8bca1c444
Fix segwit forkid signatures
2017-11-13 22:20:08 +01:00
Jochen Hoenicke
8da2770051
Increase coin count
2017-11-13 22:20:08 +01:00
Jochen Hoenicke
a8bc3cb6bd
Remove add_hash_type fields.
...
The 4 byte hash_type/forkid is part of the signed message, but not
part of the transaction. Instead of hacking it into the transaction,
add it after the transaction when computing the signature.
2017-11-13 22:20:08 +01:00
Saleem Rashid
d39e4be1c8
signing: Use force_bip143 instead of has_forkid
2017-11-13 22:20:08 +01:00
Saleem Rashid
c6246b5fba
coins: Add force_bip143
2017-11-13 22:20:08 +01:00
Saleem Rashid
b6f11c9f93
signing: Add signing_hash_type function
...
This also enables SIGHASH_FORKID for SegWit
2017-11-13 22:20:08 +01:00
Pavol Rusnak
892bb8501a
fsm: ignore case for NEM addresses
2017-11-05 19:30:33 +01:00
Jochen Hoenicke
bbf6b1b097
Implemented VerifyMessage for bech32
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
0f50b816e6
Wrap long addresses in three lines
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
97581928de
Enable Segwit Bech32 addresses
...
Increase the size of the addresses in protobuf.
Fix layout2.c to handle longer addresses.
Add a field bech32_prefix to coins.h
Adapted the coins-gen script.
Added bech32 support in signing.c and transaction.c
2017-11-05 19:28:07 +01:00
Jochen Hoenicke
cf3dc6051c
Omit leading space in shortcut in GetFeatures
2017-11-05 19:23:34 +01:00
Jochen Hoenicke
1566631023
Improved backwards compatibility of GetFeatures
...
Set all CoinType fields except signed_message_header.
Move static assert into the function where it is needed.
2017-11-05 19:23:34 +01:00
Jochen Hoenicke
b5fa8a266a
New CoinInfo separated from protobuf structures
...
Having CoinType using the protobuf structures has several disadvantages.
- We always need to change trezor-common if we need a new field (like
bech32 prefix)
- Every time Trezor initializes it sends all this information out and
nobody cares.
- The protobuf structures add storage overhead due to their fixed size.
I also removed most of the `has_` fields except for forkid:
- `has_segwit` was merged with segwit
- `has_coin_shortcut` can be replaced by test for NULL if necessary.
The fields were reordered for better padding.
2017-11-05 19:23:34 +01:00
Pavol Rusnak
18d8cb3c56
add project website (trezor.io) to license header
2017-11-05 17:47:23 +01:00
Jochen Hoenicke
a24e8a0484
Remove magic constants
...
Use defines for wallet depth and change chain. Updated some comments
to clarify what is checked.
2017-11-03 19:12:41 +01:00
Jochen Hoenicke
4805f27e8c
Fix checking change address
...
There was a signed/unsigned problem: size_t is unsigned, but we use
-1 to indicate mismatch. The problem was that when checking the input
address path, it still did this unintentionally when a mismatch was
detected, forbidding to sign with mismatched inputs, even when there
is no change address.
We now use 1 for mismatch. Also we don't allow change address anymore
if the inputs have a path of length 1. This simplifies the code a bit.
2017-11-03 19:12:41 +01:00