Jochen Hoenicke
5f9cd15b02
Support multi-byte chain-id. ( #212 )
2017-08-31 13:28:50 +02:00
Pavol Rusnak
07f6e495b7
fsm: fix race condition in GetAddress
2017-08-23 16:36:38 +02:00
Pavol Rusnak
e4cc08775f
vendor: update trezor-common, enable Bitcoin segwit manually
2017-08-16 14:28:21 +02:00
Pavol Rusnak
3e9ebe6c10
changelog: add 1.5.2
...
+ update vendor/trezor-crypto
2017-08-16 13:59:40 +02:00
Jochen Hoenicke
98e617d874
startup: use custom reset_handler
...
+ group confidential data in one place
+ zero all SRAM where needed
2017-08-16 13:52:01 +02:00
Pavol Rusnak
a01ba51a2a
storage: copy only required bytes from old storage, bump storage version
...
+ backup_device: ask for pin, always use correct number of words
2017-08-16 13:11:31 +02:00
Saleem Rashid
9c25e03d98
vendor: Update trezor-crypto
2017-08-14 16:45:11 +02:00
Saleem Rashid
c121627a06
Travis CI: Test matrix of DEBUG_LINK and FASTFLASH
...
This should catch inconsistencies with Features.coins or if there is a
build configuration that makes the firmware too large.
Also, add MAKEFLAGS and only build STM32F2 support in libopencm3 to
speed up build time
2017-08-14 16:44:44 +02:00
Saleem Rashid
fa7e32fadf
protob: Fix Features.coins max_count for DEBUG_LINK=1
2017-08-14 14:49:27 +02:00
Saleem Rashid
7e56a62e8b
coins: Add _Static_assert for Features.coins max_count
2017-08-14 14:49:27 +02:00
Pavol Rusnak
e69ef2e75a
coins: include testnet coins just in debug builds
...
+ add more ethereum tokens
2017-08-13 21:15:34 +02:00
Pavol Rusnak
dd9f7cd926
fix typos in changelog
2017-08-09 15:18:31 +02:00
Pavol Rusnak
1d6329b1bf
changelog: make last release mandatory
2017-07-31 23:00:21 +02:00
Pavol Rusnak
f0d2e7a371
storage: bump version
2017-07-31 22:43:28 +02:00
Pavol Rusnak
ace1d84265
recovery: don't reset storage on typos during dry-run recovery
2017-07-31 20:49:34 +02:00
Pavol Rusnak
a9a414df08
fix typo
2017-07-31 19:40:35 +02:00
Pavol Rusnak
c2c3debd01
changelog: fix typos
2017-07-31 16:31:33 +02:00
Pavol Rusnak
b1838d6867
ethereum: add more tokens
2017-07-31 14:15:10 +02:00
Jochen Hoenicke
33ed08ec32
Fix check for max try and add another check before
2017-07-31 13:13:49 +02:00
Pavol Rusnak
4ee52ab95f
changelog: add more entries
2017-07-31 02:39:24 +02:00
Pavol Rusnak
45ca9bd583
protect: change wording
2017-07-31 02:35:53 +02:00
Pavol Rusnak
82a06ce342
firmware: mark more strings with gettext
2017-07-31 02:31:30 +02:00
Pavol Rusnak
c778d7b9c3
storage: wipe storage after 15 wrong pins
2017-07-31 02:26:28 +02:00
Pavol Rusnak
fa2f5fb33f
update coins
2017-07-30 23:38:01 +02:00
Jochen Hoenicke
3440ead4c9
Fix multisig for BCC
2017-07-30 22:58:26 +02:00
Jochen Hoenicke
5f6948e66b
Remove progress update
2017-07-30 22:57:44 +02:00
Jochen Hoenicke
3c75d28c78
Check input bip32 path again on second pass.
2017-07-30 22:51:18 +02:00
Jochen Hoenicke
6b615ce405
No quadratic hashing for hardfork
...
Don't hash the whole transaction if forkid is set. Instead use the
same codepath as for segwit.
Rename segwit_to_spend to authorized_amount and use it for forkid
amount and segwit amount validity checks.
Removed some duplicated code.
2017-07-30 22:51:18 +02:00
Saleem Rashid
979a6ef266
signing: Skip TX_META with SIGHASH_FORKID
2017-07-30 22:51:18 +02:00
Saleem Rashid
a34554b091
signing: Add SIGHASH_FORKID support
2017-07-30 22:51:18 +02:00
Saleem Rashid
841af54061
vendor: Update trezor-common
2017-07-30 22:51:18 +02:00
Pavol Rusnak
91c4cbdbd0
setup: move stack protector variable to setup.h
2017-07-30 21:56:30 +02:00
Pavol Rusnak
0760ff0468
setup: move stack smashing protection code to setup.c
2017-07-30 21:40:07 +02:00
Saleem Rashid
e33e1ec0b1
fsm: Do not wipe msg_resp in DebugLinkGetState
2017-07-30 18:00:01 +02:00
Saleem Rashid
11d424cdef
vendor: Update trezor-crypto
2017-07-27 18:11:26 +02:00
Saleem Rashid
38b6332db5
layout2: Extract BITCOIN_DIVISIBILITY constant
2017-07-27 18:11:26 +02:00
Pavol Rusnak
c3bf0e4086
enable segwit for bitcoin \o/
2017-07-25 19:32:20 +02:00
Pavol Rusnak
b5f9a5738f
segwit support for SignMessage, VerifyMessage
2017-07-25 19:32:20 +02:00
Pavol Rusnak
d8ad44f60a
protob: add SignMessage.script_type
2017-07-25 19:32:20 +02:00
Pavol Rusnak
3d7d0f0734
use C99 for loop where possible
2017-07-23 22:20:51 +02:00
mruddy
1c55ec0fb3
fix hangs due to stale rng status ( #195 )
2017-07-19 11:54:26 +02:00
Jochen Hoenicke
9efc5bc93c
Fixed array sizes again. ( #194 )
...
This is the correct fix for 09917920ba
(how the code was meant to be written).
2017-07-18 13:08:27 +02:00
Pavol Rusnak
cf04279774
implement Storage.flags and related stuff
2017-07-17 18:36:09 +02:00
Pavol Rusnak
1a72a49ee5
ethereum: update tokens
2017-07-17 14:23:23 +02:00
Pavol Rusnak
0781421762
ethereum: more tokens, use better wording for unknown token value
2017-07-14 18:42:01 +02:00
Pavol Rusnak
da71f7c45d
fix layoutVerifyAddress behaviour for long addresses
2017-07-12 18:44:56 +02:00
Pavol Rusnak
b0ac3a2af1
add EthereumSignMessage/EthereumVerifyMessage
2017-07-12 17:51:34 +02:00
Jochen Hoenicke
c5e927fac2
Ethereum Sign/Verify Message
...
Implements issue trezor/trezor-mcu#163 .
2017-07-12 17:38:30 +02:00
Pavol Rusnak
ccb0cd82b6
firmware: add changelog, bump version to 1.5.1
2017-07-12 14:19:05 +02:00
Pavol Rusnak
5b66c0b956
refactor Address dialog (QR code on left button click), use checksum for Ethereum addresses
2017-07-11 21:31:40 +02:00
Pavol Rusnak
f826b1fa46
ethereum: add new tokens
2017-07-10 16:38:56 +02:00
Pavol Rusnak
2ecc36cd89
ethereum: don't show unrecognized ERC-20 tokens as sending message
2017-07-05 14:22:00 +02:00
Pavol Rusnak
ba2b2f24da
firmware: mark backup as done before giving away the mnemonic, not after
2017-07-05 12:17:46 +02:00
Saleem Rashid
f23489050a
util: Add load_vector_table
2017-07-03 18:35:42 +02:00
Pavol Rusnak
498d689f98
fix small issue with GetAddress for non-segwit coins
2017-07-03 18:23:51 +02:00
Pavol Rusnak
95db902d28
ethereum: update token list
2017-07-03 13:13:07 +02:00
Pavol Rusnak
4603b0c800
bootloader: subtle changes in bootloader.c and fastflash.c to make them more similar
2017-07-01 16:22:22 +02:00
Roman Zeyde
d15dd7c944
recovery: zero new_mnemonic memory before returning to the user
2017-06-30 14:43:16 +02:00
Pavol Rusnak
2bf807878d
bootloader: add SelfTest
2017-06-29 17:31:23 +02:00
Pavol Rusnak
8fa3ce7e14
reset: distinguish between separated call and joined call, mark backup as done only when performed completely
2017-06-29 14:14:20 +02:00
Pavol Rusnak
b65068c159
reset: add Features.needs_backup
2017-06-29 14:14:20 +02:00
Pavol Rusnak
97fa33de46
reset: show needs backup signed when storage is not backed up
2017-06-29 14:14:20 +02:00
Pavol Rusnak
9298e4d9e3
reset: make backup workflow independent of initialization
2017-06-29 14:14:20 +02:00
Pavol Rusnak
91a1b6c4bc
drop EstimateTxSize (and TxSize)
2017-06-28 18:49:44 +02:00
Pavol Rusnak
01b4825d53
ethereum: add new tokens
2017-06-28 13:24:08 +02:00
Pavol Rusnak
73708aa47e
refactor recovery.is_same_mnemonic function to storage_containsMnemonic
2017-06-26 15:44:01 +02:00
Saleem Rashid
ed5e9c9347
firmware: Define FASTFLASH in all cases
2017-06-25 18:19:07 +02:00
Saleem Rashid
21eb49faff
firmware: Start fastflash when left button held
2017-06-25 18:19:07 +02:00
Saleem Rashid
65bb167db6
firmware: Create ELF from fastflash/bootloader.bin
2017-06-25 18:19:07 +02:00
Saleem Rashid
1214a3f69b
vendor: Update trezor-crypto
2017-06-25 18:12:36 +02:00
Pavol Rusnak
8253425293
recovery: change wording
2017-06-23 16:47:53 +02:00
Roman Zeyde
db7915e946
Allow testing recovery with an initialized device
...
This would allow safe mnemonic validation by using a dry-run flag.
2017-06-23 16:39:49 +02:00
Pavol Rusnak
247cbd2ff1
regenerate protobuf, disable unused messages
2017-06-22 12:47:18 +02:00
Pavol Rusnak
c6fd70b471
gettext: mark localizable strings as proof-of-concept
2017-06-18 22:47:32 +02:00
Pavol Rusnak
00f6312a81
rename failures, unify strings where possible
2017-06-18 21:19:21 +02:00
Saleem Rashid
77c4e7b167
vendor: Update trezor-crypto for GCC 7.1.1
2017-06-13 15:17:23 +02:00
Saleem Rashid
09917920ba
transaction: Fix buffer overflow
2017-06-13 15:17:23 +02:00
Pavol Rusnak
da17f2472b
ethereum: add more tokens from MEW
2017-06-08 22:56:25 +02:00
Pavol Rusnak
34c0b93d54
protob: update messages_map.py script
2017-05-29 14:34:23 +02:00
Saleem Rashid
8fa71c0837
protob: Add messages_map.py ( #167 )
2017-05-29 13:46:32 +02:00
Pavol Rusnak
6b74139b45
add 1.5.0 to changelog
2017-05-19 17:41:10 +02:00
Pavol Rusnak
317363f84c
enable mixing of segwit and non-segwit inputs
2017-05-19 17:40:57 +02:00
Pavol Rusnak
57a91c7160
update litecoin maxfee/kb
2017-05-19 16:54:16 +02:00
Pavol Rusnak
d424829333
add chain_id to erc20 tokens
2017-05-19 14:28:35 +02:00
Pavol Rusnak
766a6c1189
add space before coin shortcut because of how new formatter works
2017-05-19 11:29:44 +02:00
Pavol Rusnak
652a40c3e6
use bn_format from trezor-crypto where possible
2017-05-18 16:20:28 +02:00
Pavol Rusnak
ba9aae143e
ethereum: support for ERC-20 tokens
2017-05-17 02:53:11 +02:00
Pavol Rusnak
391e3940e5
refactor fee computation, but keep ceil logic
2017-05-15 12:08:54 +02:00
Pavol Rusnak
c8dc17341c
bump bitcoin maxfee
2017-05-13 01:29:12 +02:00
Pavol Rusnak
24ac52079f
disable native segwit for now
2017-05-13 01:05:10 +02:00
Pavol Rusnak
49f44d296c
refactor signing_check_output
2017-05-13 00:45:11 +02:00
Pavol Rusnak
06304c2378
update coins
2017-05-12 23:00:42 +02:00
Pavol Rusnak
f4e3d7ae1e
bump version to 1.5.0
2017-05-10 00:12:23 +02:00
Pavol Rusnak
6d0d2348cf
usb: whitespace cleanup
2017-05-09 23:49:05 +02:00
Pavol Rusnak
f1db85948e
Merge branch 'segwit'
2017-05-09 23:28:52 +02:00
Pavol Rusnak
1ecbca8338
signing: add option to enable/disable mixing of segwit/non-segwit inputs
2017-05-09 23:26:18 +02:00
Pavol Rusnak
5faee8149f
update trezor-crypto
2017-05-08 17:16:20 +02:00
Pavol Rusnak
261b8d5e41
multisig: allow mismatched change addresses, show them as non-change
2017-05-06 19:52:49 +02:00
Pavol Rusnak
4343d0eaeb
show progressbar layout in GetAddress
2017-05-05 15:45:58 +02:00
Pavol Rusnak
e31e55e505
simplify bip32 change logic
2017-05-05 15:12:47 +02:00
Pavol Rusnak
b1995bb8d1
remove segwit warning, don't enable segwit on coins that don't have segwit=true in definition
2017-05-04 18:54:54 +02:00
Pavol Rusnak
4183b6cbbc
update logic for change addresses (address_n length 1 is allowed now)
2017-05-04 18:16:45 +02:00
Pavol Rusnak
cb14b98213
ethereum: add new chain_ids
2017-05-04 15:12:24 +02:00
Pavol Rusnak
38970cbd68
transaction: fix compile_output for OP_RETURN
2017-05-03 18:57:47 +02:00
Pavol Rusnak
8e017526ab
Merge branch 'master' into segwit
2017-05-03 17:16:30 +02:00
Pavol Rusnak
13f03d3880
Revert "ethereum: add EthereumSignTx.prefix"
...
This reverts commit 2866e6fe88
.
2017-04-30 03:26:57 +02:00
Pavol Rusnak
aafd61ec8b
update trezor-common, add cointype.segwit bool
2017-04-26 15:43:57 +02:00
Pavol Rusnak
2866e6fe88
ethereum: add EthereumSignTx.prefix
2017-04-24 20:34:13 +02:00
Pavol Rusnak
258d3eaddd
GetPublicKey: use Bitcoin as default coin if not provided
...
disable SimpleSignTx and Firmware messages
update submodules
2017-04-21 14:08:09 +02:00
Peter Banik
d4cc4a48b8
Added altcoin support to GetPublicKey ( #161 )
2017-04-21 12:51:13 +02:00
Pavol Rusnak
300b09badc
Merge branch 'master' into segwit
2017-04-20 18:45:49 +02:00
Pavol Rusnak
dcceec806d
fix call to protectButton while showing segwit warning
2017-04-11 14:05:19 +02:00
Jochen Hoenicke
d70ac623a4
Small bugfixes in signing
...
Segwit progress bar fixed.
Call `signing_abort` instead of `layoutHome` on all errors
The second `compile_output` does not work for user button and cannot
return -1.
2017-04-08 22:39:49 +02:00
Jochen Hoenicke
420471889d
Refactored signing method.
...
Put larger pieces of codes into functions of their own.
No changes to this code.
2017-04-08 21:59:51 +02:00
Jochen Hoenicke
9d9377438c
Fix missing returns after signing_abort
2017-04-08 20:33:27 +02:00
Jochen Hoenicke
e5c9b361d3
Better error message for segwit without amount
2017-04-08 20:29:58 +02:00
Jochen Hoenicke
99fc6d31d1
[refactor] Use compute_address in msgGetAddress.
2017-03-29 20:59:23 +02:00
Jochen Hoenicke
7b1381766f
Change address support for segwit.
...
Rewrote change address support for segwit.
Also checks the bip32 path of change address.
2017-03-29 20:59:01 +02:00
Pavol Rusnak
d7d3d0490e
update trezor-crypto
2017-03-28 23:19:59 +02:00
Pavol Rusnak
d03356fab1
raising the maxfee
2017-02-27 21:01:00 +01:00
mruddy
c8c85424b6
fix usage of RNG before setup (#150/#151)
2017-02-17 13:19:05 +01:00
Pavol Rusnak
97a061244e
Merge branch 'master' into segwit
2017-02-08 01:06:45 +01:00
Pavol Rusnak
1943d840e3
add ChangeLog for bootloader, move firmware ChangeLog
2017-02-01 14:57:59 +01:00
Saleem Rashid
bd167dcdf2
USB: Annotate USB interfaces with iInterface
2017-01-30 16:32:38 +01:00
Saleem Rashid
0c039b3e14
USB: Compile-time USB string checking
...
Generate `enum` for USB string indexes, this is far more robust
2017-01-30 16:32:38 +01:00
Pavol Rusnak
14399f100e
bump version
2017-01-25 14:04:20 +01:00
Pavol Rusnak
5c54edf54e
differentiate between ETH and ETC using chain_id
2017-01-24 17:27:11 +01:00
Jochen Hoenicke
32fb7e96cc
Ethereum EIP-155 replay protection
...
Added chain_id field in sign transaction.
If chain_id is set use hashing as specified in EIP-155.
2017-01-22 19:09:07 +01:00
Jochen Hoenicke
5b40f6d90b
Updated trezor-common
2017-01-22 19:09:07 +01:00
Jochen Hoenicke
f36cf5c10c
Handle edge cases for ethereum txs.
...
Treat the case where a field is omitted identical to the case
where an empty array is given. In particular
- data_length == 0 is allowed now and identical to giving no data.
- nonce can be omitted to indicate nonce value 0.
I still do not allow to omit gas_limit and gas_price; gas_limit
cannot be zero and transactions with zero gas_price will not be
mined. You can still set it explicitly to zero by giving the
empty array, though.
See trezor/trezor-mcu#143 .
2017-01-22 19:09:07 +01:00
Pavol Rusnak
505df38a84
fix when oled triangle is shown
2017-01-19 16:16:57 +01:00
Roman Zeyde
466155270b
layout: split "First Last <first@last.com>" GPG user ID for readability
2017-01-14 18:34:29 +01:00
Jochen Hoenicke
1cceec0ae2
Check that U2F key only uses hardened derivation ( #139 )
...
We generate only U2F keys with hardened derivation. However, we
didn't check incoming keys if they used hardened derivation.
This patch fixes this.
2017-01-10 21:51:57 +01:00
Pavol Rusnak
ab006262e8
mytrezor.com -> trezor.io/start
2017-01-10 15:08:08 +01:00
Pavol Rusnak
1e297c68fa
cosmetic changes to matrix recovery
2017-01-10 14:58:28 +01:00
Pavol Rusnak
b1723fef5b
change binary name of nanopb generator (to follow upstream name)
2017-01-09 15:55:57 +01:00
Jochen Hoenicke
8e84a6716c
Merge master into segwit
2017-01-06 16:55:12 +01:00
Jochen Hoenicke
e9eaad2fcf
Segwit: Show multisig segwit address
...
changed layout for very large addresses.
2017-01-06 16:22:01 +01:00
Jochen Hoenicke
f9a203431e
Display SegWit address on Trezor
2017-01-04 18:56:08 +01:00
Jochen Hoenicke
e67f13ef4b
Multi-byte address prefixes for segwit
2017-01-04 18:55:42 +01:00
Pavol Rusnak
32f3c54cc4
fix whitespace
2017-01-04 18:52:55 +01:00
Jochen Hoenicke
52da2fc5e7
Segwit: Fix problems introduced by rebase
2017-01-04 18:41:26 +01:00
Roman Zeyde
9eb87245ba
usb: exclude hid_report_descriptor_debug from non-debug build ( #135 )
2017-01-02 13:12:48 +01:00
Pavol Rusnak
1763a5b647
use new hdnode_private_ckd_cached API
2016-12-12 12:17:48 +01:00
Saleem Rashid
5f203d0a0c
debug: Improve debugging API ( #134 )
...
* Allow DEBUG_LOG without DEBUG_LINK
* Move debugInt() to debug.c
2016-12-04 23:24:01 +01:00
Saleem Rashid
5c00b24307
trezor: Fix screen timeout ( #131 )
2016-11-26 13:48:04 +01:00
Saleem Rashid
b4eaf7dbaf
timer: Fix non-critical integer overflow ( #129 )
...
Every 4294967295 milliseconds (2 ^ 32 - 1), system_millis will overflow.
This means that every 49.71 days, system_millis will reset to zero.
Comparisons like `system_millis < (system_millis + 1)` would fail if the
latter had overflown and the former had not.
This is non-critical because the worst case is that one second could be
skipped or the screen could lock early.
This poses no threat to the exponential backoff used for protection
against brute force.
2016-11-23 20:22:28 +01:00
Pavol Rusnak
15fcda21ce
update protobuf
2016-11-23 13:21:31 +01:00
Jochen Hoenicke
acfdb714ff
New Matrix-based recovery
2016-11-23 13:21:18 +01:00
Pavol Rusnak
14aa486fa6
partially revert 4ce4cc5605
for smoother merge
2016-11-23 13:19:25 +01:00
Pavol Rusnak
c4d144a82e
extract CHECK_PARAM
2016-11-22 22:04:09 +01:00
Pavol Rusnak
a122615663
extract CHECK_PIN and CHECK_PIN_UNCACHED
2016-11-22 21:06:39 +01:00
Pavol Rusnak
0ef70164a5
extract CHECK_INITIALIZED and CHECK_NOT_INITIALIZED macros
2016-11-22 20:57:45 +01:00
Pavol Rusnak
27a4e41707
refactor forgotten disabled coinByName usage
2016-11-22 20:00:22 +01:00
Saleem Rashid
0ec32a6146
timer: Replace screen timeout with SysTick
...
This provides an incredibly accurate screen timeout and removes the
superfluous screen timeout counter
2016-11-17 02:07:46 +01:00
Saleem Rashid
25b9bfd97b
timer: Use Cortex-M3 SysTick timers
...
Removed `usbDelay(uint32_t cycles)`, added `usbSleep(uint32_t millis)`
The same method signature could cause silent code breakage at runtime,
as opposed to noisy code breakage at compile time which is the better
kind.
2016-11-17 02:07:46 +01:00
Pavol Rusnak
3cede26fbc
add yubico u2f demo to u2f known apps
2016-11-15 18:51:29 +01:00
Pavol Rusnak
f45454b5ce
u2f: add fastmail to known providers
2016-11-10 13:46:41 +01:00
Jochen Hoenicke
9287dd7e04
Poll USB during BIP39 derivation.
...
This patch adds calls to usbPoll in the progress callback. This
should address #98 .
We call usbDelay instead of Poll, to call usbd_poll several times.
Otherwise it would only handle one event instead of handling all
events that were pending so far. The ugly magic number 5 is a guess.
Note that we also need to set usbTiny, so that we don't recursively
process messages. Since we don't know whether usbTiny is set, we
need to store the old value (especially true for u2f).
This fix also relies on another fix in libopencm3.
2016-11-09 16:17:50 +01:00
Pavol Rusnak
4ce4cc5605
halt the device when encountered an invalid mnemonic (skip if device loaded or recovered without enforced wordlist)
2016-11-09 16:06:50 +01:00
Pavol Rusnak
810d478f4c
check return values of ecdsa_sign calls
2016-11-08 15:48:44 +01:00
Jochen Hoenicke
2950588271
Fix segwit multisig.
...
Tested, see f41cbedd8becee05a830f418d13aa665125464547db5c7a6cd28f21639fe1228
and c9348040bbc2024e12dcb4a0b4806b0398646b91acf314da028c3f03dd0179fc
on testnet
2016-11-05 22:47:21 +01:00
Jochen Hoenicke
895da908e0
Simplified InputScriptType
...
Distinguish between single signature and multisig via has_multisig.
2016-11-05 22:47:21 +01:00
Jochen Hoenicke
388750f2d1
Support for P2SH compatible segwit
2016-11-05 22:47:21 +01:00
Jochen Hoenicke
b7b9891cb4
Signing for Segnet Transaction works
...
see segnet4 txid:
aa434a6ef4fcf350e319bacbd725fa7446f797cb3ed0cd0582826a49d3351ffa
2016-11-05 22:47:21 +01:00
Jochen Hoenicke
e5000fb196
segwit sign (completely untested)
2016-11-05 22:47:18 +01:00
Jochen Hoenicke
5c60be9854
hashes for segwit signature
2016-11-05 22:37:01 +01:00
Jochen Hoenicke
1bd4b99f95
Allow SegWit addresses
...
New output scripts for segwit addresses in accordance to BIP-142 and BIP-141.
This allows Trezor to pay to segwit users, but it doesn't enable segwit for
Trezor itself.
2016-11-05 22:35:32 +01:00
Pavol Rusnak
71890e4edf
implement u2f_counter in LoadDevice, Recoverydevice and ResetDevice messages
2016-10-31 16:20:15 +01:00
Pavol Rusnak
4471c6e0e6
show different dialog when U2F client uses bogus appid
2016-10-31 11:56:11 +01:00
Pavol Rusnak
ae37ea8a9a
bump version, add changelog
2016-10-26 18:06:13 +02:00
Pavol Rusnak
592f3c9afe
lock screen after 10 minutes of inactivity
2016-10-25 17:45:30 +02:00
Pavol Rusnak
f8ad9fc742
fix Verify (by introducing coinExtractAddressType)
2016-10-25 17:02:02 +02:00
Saleem Rashid
0b51d060d8
allow ClearSession purely via confirm button
...
Holding confirm button at home screen asks user whether they wish to
lock the TREZOR (clear the cached PIN and passphrase and show the
screensaver). This is identical behaviour to the ClearSession message.
2016-10-25 15:21:56 +02:00
Pavol Rusnak
ea35b4bfe7
update trezor-crypto
2016-10-24 20:55:45 +02:00
Roman Zeyde
0bb7f16b78
crypto: allow Ed25519 signing larger digests ( #124 )
2016-10-24 12:41:10 +02:00
Pavol Rusnak
e9f0706c2e
fix prevtx hashing when input count is 0
2016-10-21 13:20:57 +02:00
Pavol Rusnak
2daab8cf02
add coins-gen.py script and generate coins.c using that script
2016-10-20 15:27:34 +02:00
Pavol Rusnak
c288a0e328
implement TXEXTRADATA transaction RequestType
2016-10-20 13:25:40 +02:00
Roman Zeyde
68a1bcc908
Add specific layout for GPG signature ( #122 )
...
Following ECDH usage of layoutDecryptIdentity (which shows "GPG decrypt for:")
this commit adds a specific case for layoutSignIdentity, showing "GPG sign for:",
instead of "GPG login to:" (which is less appropriate in the GPG context).
2016-10-17 18:08:02 +02:00
Pavol Rusnak
771a0c014b
update protobuf
2016-10-16 02:06:49 +02:00
Pavol Rusnak
f0b93b44f5
multibyte addresses can be 40 chars long
2016-10-16 02:05:03 +02:00
Roman Zeyde
b57c0ff430
Use trezor-crypto ECDH, adding Curve25519 support
2016-10-16 01:34:02 +02:00
Karel Bílek
dfc543c955
Switching address types ( #119 )
...
Address_type and address_type_p2sh were switched
2016-10-13 11:39:35 +02:00
Pavol Rusnak
7ddccdb7f4
Revert "simplify cryptoMessageVerify call"
...
This reverts commit 3a42032c63
.
2016-10-10 17:42:42 +02:00
Pavol Rusnak
c0181b1aec
extract address related stuff into trezor-crypto
2016-10-10 11:26:52 +02:00
Pavol Rusnak
e70900d49e
don't tie message verification with P2PKH addresses
2016-10-10 10:17:51 +02:00
Pavol Rusnak
3a42032c63
simplify cryptoMessageVerify call
2016-10-10 00:18:57 +02:00
Daira Hopwood
6bfe487f19
Update address prefixes for Zcash.
2016-10-10 00:05:51 +02:00
Daira Hopwood
69d99d202d
Add support for multi-byte address prefixes.
2016-10-10 00:05:45 +02:00
Jochen Hoenicke
a0ade6343e
Reworked rfc6979 signing. ( #116 )
...
New parameter is_canonical that allows for generating signatures that
have additional requirements.
2016-10-06 16:58:05 +02:00
Jochen Hoenicke
d767e52055
Confirm to change U2F counter ( #114 )
2016-09-27 23:33:28 +02:00
bitcartel
e0e190b3dc
Update coins.c for Zcash mainnet ( #111 )
2016-08-31 14:02:53 +02:00
Pavol Rusnak
8d7c1ec543
Merge pull request #110 from jhoenicke/master
...
More alignment fixes
2016-08-30 12:55:37 +02:00
Jochen Hoenicke
6d65551b82
More alignment fixes
2016-08-30 12:39:37 +02:00
Pavol Rusnak
dec9484a17
update version
2016-08-30 10:33:13 +02:00
Pavol Rusnak
d7c0fbc379
add const where possible (for message parsing)
2016-08-29 22:36:18 +02:00
Pavol Rusnak
0a55a9e415
update to nanopb 0.2.9.3
2016-08-29 12:59:29 +02:00
Pavol Rusnak
fff16e813a
add link to protobuf definition in coins.c
2016-08-29 10:44:40 +02:00
Jochen Hoenicke
bc55013942
Simplified one-byte encodings
2016-08-25 13:02:14 +02:00
Jochen Hoenicke
91dcead35e
Gas estimate screen, tweaked display of value
2016-08-23 22:05:24 +02:00
Jochen Hoenicke
a37a2e3612
Confirm data, streamlining code
...
Set all size fields to 0, if fields was not given to avoid the conditions
later.
Display data and ask for confirmation.
2016-08-22 23:18:38 +02:00
Jochen Hoenicke
05a73593f6
No special case encoding for '\x0', cleanups
...
The encoding for data '\x00' was tested here:
http://testnet.etherscan.io/tx/0x05d6f97de3ecd33ad4059fa9bd342a10ef99d580a2d881b0c5a0c9e8c55ff975
2016-08-19 23:35:11 +02:00
Jochen Hoenicke
22d0e7a053
Incorporated changes for updated master
2016-08-19 03:16:59 +01:00
Pavol Rusnak
efd443abe8
implement ethereum signing check
2016-08-19 03:14:38 +01:00
Pavol Rusnak
4e0a69b6ea
refactor ethereum methods, show progress properly
2016-08-19 03:14:38 +01:00
Pavol Rusnak
1558d77ea0
split rlp_encode_length into rlp_encode_length and rlp_encode_list_length
2016-08-19 03:14:38 +01:00
Pavol Rusnak
3db323c599
fix printing of ethereum value and address
2016-08-19 03:14:38 +01:00
Pavol Rusnak
3d1ab24d92
simplify ethereum code, EthereumSignTx.data_length is the total length now
2016-08-19 03:14:38 +01:00
Pavol Rusnak
48008ddd8e
implement layoutEthereumConfirmTx
2016-08-19 03:14:38 +01:00
Pavol Rusnak
7d9a56e678
fix curly braces in if statements
2016-08-19 03:14:38 +01:00
Nick Johnson
4a195ebd86
Don't include 0x in address display, so everything fits
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
7432805b6a
Fix special RLP case for length=1 firstbyte=0
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
079d282541
Simplify send_request_chunk()
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
78b1370de9
More input sanity checks in EthereumSignTx
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
a617200c9c
Add confirmation dialog to EthereumSignTx
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
e0a1743003
Add sanity checks for data fields in EthereumSignTx
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
ab49a7cb45
Calculate data length based on the initial chunk and the supplied length
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
e0395b13eb
Fix RLP length calculation
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
2b6c991179
Split out send_signature and support short requests
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
1d2f9b6ecd
Initial signing implementation for Ethereum
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
a9449520b8
Ethereum signing skeleton
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
9c7e41f15b
Reorder fsm.c for logical grouping of signing methods
2016-08-19 03:14:38 +01:00
Nick Johnson
a031b79e24
Add sha3.o to OBJS
2016-08-19 03:14:38 +01:00
Nick Johnson
352d296f77
Return the correct MessageType from EthereumGetAddress
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
3c2d9111e2
Implement EthereumGetAddress
2016-08-19 03:14:38 +01:00
Alex Beregszaszi
bf465357ee
Include placeholder handlers for the Ethereum protocol
2016-08-19 03:14:38 +01:00
Jochen Hoenicke
7d8cb9018e
Ask for confirmation on ECDH Session (gpg decrypt)
...
Also fix abort to send a reply (a cancel failure)
2016-07-14 18:12:55 +02:00
Pavol Rusnak
437c5739f1
Merge branch 'jhoenicke-master'
2016-07-04 17:45:01 +02:00
Pavol Rusnak
f489550a1b
Merge branch 'master' of https://github.com/jhoenicke/trezor-mcu into jhoenicke-master
2016-07-04 17:42:39 +02:00
Pavol Rusnak
79e4d4d8c2
fix uppercase letters in GitHub/GitLab
2016-07-04 16:58:57 +02:00
Pavol Rusnak
40ca2c9210
add gitlab to u2f_knownapps
2016-07-04 15:48:36 +02:00
Pavol Rusnak
633024a993
send failure when reset workflow is aborted (this sends features when it was aborted by initialize message)
2016-07-04 15:02:24 +02:00
Pavol Rusnak
3ce756b692
add set -e to shell scripts
2016-07-03 13:54:32 +02:00
Pavol Rusnak
fdbae0b0e0
fix hid_control_request for debug link
2016-06-30 14:04:11 +02:00
Jochen Hoenicke
ae4dff6e5f
Only compute pubkey on demand.
...
Changed all hdnode callers to call hdnode_fill_public_key if
they need the public key.
2016-06-27 10:13:18 +02:00
Jochen Hoenicke
97466519b0
Bitbucket U2F support
2016-06-26 21:49:41 +02:00
Pavol Rusnak
c6309ff93c
no UI for ECDHSessionKey for now (just ask for PIN)
2016-06-23 19:09:24 +02:00
Roman Zeyde
c86086e2b9
Add ECDH support
2016-06-16 22:40:21 +03:00
Pavol Rusnak
79986604a3
Merge pull request #92 from jhoenicke/master
...
Implement message SetU2FCounter
2016-06-13 00:30:12 +02:00
Jochen Hoenicke
120cfc148f
new message SetU2FCounter
2016-06-12 23:44:36 +02:00
Pavol Rusnak
57197e1463
use macros for usb interface numbers
2016-06-12 23:11:46 +02:00
Pavol Rusnak
5e57a1ceaf
Merge branch 'u2f'
2016-06-12 22:53:28 +02:00
Alex Beregszaszi
080dcf462f
Define field size limits for the Ethereum protocol
2016-06-12 22:51:05 +02:00
Jochen Hoenicke
caafefc0fb
Tweaked timeouts, handle null nodes.
2016-06-12 21:25:35 +02:00
Roman Zeyde
e2064337c6
Update protobuf definitions
2016-06-11 22:20:38 +03:00
Roman Zeyde
63696dc474
crypto: add ECDH session key generation
2016-06-10 22:17:02 +03:00
Pavol Rusnak
da067913c2
show app icons in u2f dialog
2016-06-09 18:11:19 +02:00
Pavol Rusnak
b1e3c52b08
remove DialogIcon enum, use bitmap structure directly
2016-06-08 19:20:07 +02:00
Pavol Rusnak
9aaf0d37ba
add u2f icons
2016-06-08 19:20:06 +02:00
Ondrej Sika
2929bfbd48
u2f - add Slush Pool to WellKnown
2016-06-08 19:18:23 +02:00
Pavol Rusnak
36b9d80120
bump version (to 1.3.6)
2016-06-07 15:27:05 +02:00
Jochen Hoenicke
73e7d82e3f
Allow initialize() to abort PIN wait
2016-05-28 16:24:14 +02:00
Pavol Rusnak
11072320a9
use ff01 usage page for debuglink
2016-05-27 15:27:41 +02:00
Jochen Hoenicke
c4e8bd0d0e
More robust storage recycle sector
...
Clear storage marker first before clearing the second sector to prevent
leaving a state where only PIN failures have been cleared but storage is
still present.
2016-05-27 14:03:20 +02:00
Jochen Hoenicke
a366700332
fix indentation
2016-05-26 21:21:08 +02:00
Jochen Hoenicke
78d11cf060
New memory access over debug link
2016-05-26 20:59:16 +02:00
Jochen Hoenicke
be0858b7d7
Updated protobuf
2016-05-26 20:59:16 +02:00
Jochen Hoenicke
18d549c83d
Fix U2F hid interface index for debug link
2016-05-26 20:59:16 +02:00
Jochen Hoenicke
e093371129
Added storage area for u2f counter.
...
To prevent flashing for every u2f operation just clear one bit in
the u2f area to indicate an increased counter.
2016-05-26 20:59:16 +02:00
Jochen Hoenicke
8e7896456a
Merge branch 'origin/master' into u2f
2016-05-26 20:58:52 +02:00
Pavol Rusnak
e119656c29
use descriptor that matches fido one (except usage_page)
2016-05-26 13:33:10 +02:00
Jochen Hoenicke
87bfd5a829
Bugfix: restore storage.
...
Storage restore was broken due to my previous patch.
2016-05-25 01:14:32 +02:00
Jochen Hoenicke
053fe7cb66
Remove Cancel Option
...
U2F doesn't allow cancellation on device.
Also fix button state in protect. This fixes the following bug:
1. wipe device
2. press and hold right button, click left button to cancel.
3. release all buttons.
4. wipe device again, now automatic.
2016-05-24 01:59:37 +02:00
Jochen Hoenicke
68b34af19e
More standard conform behaviour
...
Tested with u2f-ref-code/u2f-tests.
Known incompatibility:
- changed challenge invalidates button press.
2016-05-24 01:16:55 +02:00
Jochen Hoenicke
a1ba431d94
Use more sensible HID descriptor
2016-05-23 19:20:21 +02:00
Jochen Hoenicke
bc92fb95a5
Clear pinarea on storage_init if upgrade fails
...
This also cleans up the code a bit and resets storage_uuid if upgrade fails.
2016-05-20 20:13:43 +02:00
Pavol Rusnak
46119bd007
clear pin failures on wipe and when in debug mode
2016-05-20 17:00:10 +02:00
Jochen Hoenicke
96f30a0ba7
Don't ask for passphrase with u2f.
2016-05-20 01:49:20 +02:00
Jochen Hoenicke
a0571e02a7
Removed more magic numbers.
...
`KEY_PATH_LEN`: length of the derivation path in the key handle
`KEY_PATH_ENTRIES`: number of entries in derivation path including
initial BIP-43 selector.
`KEY_HANDLE_LEN`: length of key handle (derivation path + HMAC checksum)
2016-05-18 03:05:04 +02:00
Pavol Rusnak
d20671b517
handle various signed_message_headers correctly
2016-05-17 18:13:08 +02:00
Pavol Rusnak
041eaa5e4b
refactor u2f dialogs into a separate function
2016-05-16 18:58:13 +02:00
Pavol Rusnak
ad2bab0186
Merge branch 'u2f' of github.com:jhoenicke/trezor-mcu into u2f
2016-05-16 18:22:03 +02:00
Pavol Rusnak
c123db71b9
Merge branch 'master' into u2f
2016-05-16 18:19:31 +02:00
Pavol Rusnak
9006c90a59
use MEMSET_BZERO and U2F_APPID_SIZE macros
2016-05-16 18:18:21 +02:00
Jochen Hoenicke
2ab950555e
Fixed u2f reentry
2016-05-15 10:44:57 +02:00
Jochen Hoenicke
eb2ef2464c
CID hacks, not yet finished
2016-05-15 10:44:57 +02:00
Jochen Hoenicke
450a277f45
Only compile debugInt when debugging
2016-05-15 10:44:57 +02:00
Jochen Hoenicke
117d261a38
Script to generate key and certificate
2016-05-15 10:44:57 +02:00
Jochen Hoenicke
55fe98ccd1
Fix USB HID descriptor
2016-05-15 10:44:40 +02:00
Pavol Rusnak
e1fa896d6c
disable ECIES
2016-05-12 21:09:34 +02:00
Pavol Rusnak
def4a9a02c
fix pbkdf2 usage in storage.c
2016-05-12 21:05:17 +02:00
Pavol Rusnak
008da6c089
Merge pull request #82 from jhoenicke/pinarea
...
Don't reflash storage after each PIN entry
2016-05-12 15:40:09 +02:00
Jochen Hoenicke
8be6956ce9
fix compilation
...
updated coins datastructure to include the new fields
2016-04-29 22:36:43 +02:00
Pavol Rusnak
a5feab0175
update submodules
2016-04-29 17:52:16 +02:00
Pavol Rusnak
f5ea14a85f
fix bugs in debug
2016-04-29 17:06:21 +02:00
Jochen Hoenicke
6218770e26
Script to generate key and certificate
2016-04-29 16:20:54 +02:00
Jochen Hoenicke
c1ff9e1ec7
Use more sensible hid descriptor.
2016-04-29 16:20:54 +02:00
Jochen Hoenicke
2abe5d477e
Clean-up. Better checks for buffer overflow.
2016-04-29 16:20:54 +02:00
Jochen Hoenicke
5c13e78deb
Added support for known appid.
2016-04-29 16:20:54 +02:00
Jochen Hoenicke
b3bfc64d2f
Use hmac for checking key integrity
2016-04-29 16:20:54 +02:00
Jochen Hoenicke
01ddb3ff66
Reduced buffer sizes, moved static info to flash
2016-04-29 16:20:54 +02:00
Jochen Hoenicke
1b8bd1852e
Adapted U2F to new hdnode API
2016-04-29 16:20:54 +02:00
Jochen Hoenicke
cf38291ca4
Updated branch u2f
2016-04-29 16:19:54 +02:00
Jochen Hoenicke
630e26dd20
use less stack memory in storage_commit
2016-04-27 19:23:02 +02:00
Jochen Hoenicke
da98a3a6fd
Don't reflash storage after each PIN entry
...
Instead of reflashing the whole storage, we use a designated area
in the second storage block, where we mark each PIN failure by a
single zero bit. This is because one can set bits in flash to zero but
not to one. If the PIN was entered successfully the whole word is
set to zero and the next word stores the new PIN failure counter.
2016-04-27 18:39:04 +02:00
Jochen Hoenicke
e0539f8f8b
Move public key recovery (verify) to trezor-crypto
2016-04-27 18:10:21 +02:00
Pavol Rusnak
5e5138066a
adapt the reorder of hash_final functions
2016-04-26 11:53:58 +02:00
Pavol Rusnak
b8539a6972
fix wording
2016-04-25 23:46:36 +02:00
Pavol Rusnak
035a6e754f
fix last commit
2016-04-25 23:40:24 +02:00