1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-17 11:58:13 +00:00
Commit Graph

1725 Commits

Author SHA1 Message Date
Martin Milata
01c1ae426f docs: add security fixes to changelogs 2021-06-30 18:32:58 +02:00
Andrew Kozlik
c067618828 fix(common): Fix incorrect SLIP-44 coin type for Bgold and SmartCash Testnets. 2021-06-30 18:25:58 +02:00
Andrew Kozlik
3e9f8a32ac fix(core): Fix insufficient BIP-32 path checks.
- Disable testnet coins from accessing Bitcoin paths.

- Restrict BIP-45 paths to Bitcoin and coins with strong replay protection.
2021-06-30 18:25:58 +02:00
Martin Milata
e67b3ab214 docs(core): changelog for 2.4.1
[skip_ci]
2021-06-30 18:21:56 +02:00
Pavol Rusnak
8cfa5da1ce
docs: fix typos in comments
[skip_ci]
2021-06-30 15:41:55 +02:00
Ondřej Vejpustek
24200e7424 fixup! fix(legacy): make RDI work on T1 2021-06-24 17:34:24 +02:00
Ondrej Mikle
daa94ac941 fix(legacy): make RDI work on T1 2021-06-24 17:34:24 +02:00
gabrielkerekes
cc14ffb3e3 docs(core): add changelog entries for Cardano 2021-06-24 11:09:32 +02:00
gabrielkerekes
db657615f4 fix(cardano): use OrderedMap for output tokens and withdrawals 2021-06-24 08:24:47 +02:00
gabrielkerekes
4e5772662c fix(cardano): don't allow duplicate withdrawals 2021-06-24 08:24:42 +02:00
gabrielkerekes
3cd2182b69 feat(core): introduce OrderedMap into CBOR serialisation
Items of an OrderedMap are included in CBOR as they come without sorting them in any way.
2021-06-24 08:22:39 +02:00
Ondřej Vejpustek
b8b0ae09d9 fix(core): use unprivileged shutdown where needed 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
5984fd6ad7 feat(core): jump to unprivileged mode after shutdown 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
40b4f679f9 feat(core): implement wrapper for svc_shutdown 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
311288407e docs(core): document shutdown_privileged 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
4968d7da53 feat(core): implement svc shutdown 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
cca9d4b1c4 refactor(core): rename shutdown to shutdown_privileged 2021-06-23 16:40:45 +02:00
Ondřej Vejpustek
7686eb355a fix(core): fix import of random delays 2021-06-23 16:40:45 +02:00
matejcik
47c2be9f13 docs(core): add changelog entry for altcoin layouts 2021-06-23 11:51:18 +02:00
matejcik
015c47d564 chore(core): export PropertyType to fix mypy errors 2021-06-23 11:51:18 +02:00
matejcik
da4442bbd7 feat(core): auto-hexlify in confirm_properties 2021-06-23 11:51:18 +02:00
matejcik
41c5d773e2 refactor(core): put property key+value on the same screen 2021-06-23 11:51:18 +02:00
matejcik
3c4eb04346 feat(core/monero): cache Monero testing chain between runs 2021-06-23 11:51:18 +02:00
Martin Milata
178b575465 refactor(core): convert apps.nem to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
dd3b689ded refactor(core): convert apps.eos to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
3ffbae5d17 refactor(core): convert apps.binance to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ddac852acf refactor(core): convert apps.cardano to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ffb400180d refactor(core/ui): more consistent layout parameter names 2021-06-23 11:51:18 +02:00
Martin Milata
a143fe34d0 refactor(core): convert apps.lisk to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
ebf6ef1666 refactor(core): convert apps.tezos to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
12478b1716 refactor(core): convert apps.stellar to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
6aeaadfe16 refactor(core): convert apps.ripple to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
16094df0c5 refactor(core): convert most of apps.monero to layouts
Progress popups are not ported yet as they're unlike anything else.

Introduces paginate_paragraphs.
2021-06-23 11:51:18 +02:00
Martin Milata
6c926ad82e refactor(core): convert apps.ethereum to layouts 2021-06-23 11:51:18 +02:00
Martin Milata
b7cab90e3c refactor(core/ui): use new_lines=False in layouts 2021-06-23 11:51:18 +02:00
matejcik
1012ee8497 feat(core): send ButtonRequests for paging events 2021-06-22 11:25:12 +02:00
Pavol Rusnak
69d1465e08
refactor(core): pass invert_colors to send_init_seq_ST7789V as argument
to make the call more flexible
2021-06-19 19:57:42 +02:00
Pavol Rusnak
18e103bb94
style(core): refactor style of display-stm32_T 2021-06-19 19:54:19 +02:00
Martin Milata
bc7fb32db9 docs(core): Fix dates in changelog 2021-06-11 20:22:42 +02:00
matejcik
52c34c7364 fix(core): allow caching empty values (fixes #1659) 2021-06-11 12:32:13 +02:00
gabrielkerekes
ae831abb75 docs(core): add changelog entries for cardano updates 2021-06-08 15:02:24 +02:00
gabrielkerekes
b2de8909d1 fix(core/cardano): reintroduce max tx output size
Output size is currently limited to 4000 bytes at protocol level. Given the maximum transaction size Trezor can handle (~9kB), we also want to enforce this size limit here so that when the limit is raised at protocol level again, Trezor would still not be able to produce larger outputs than it could reliably spend. Once Cardano-transaction signing is refactored to be completely streamed and maximum supported transaction size is thus raised, this limit can be lifted.
2021-06-08 15:02:24 +02:00
gabrielkerekes
a92b5fc333 fix(core/cardano): forbid tx outputs with both address and address parameters 2021-06-08 15:02:24 +02:00
gabrielkerekes
597402eab8 refactor(core/cardano): decouple address parameters validation 2021-06-08 15:02:24 +02:00
matejcik
d6776d988e docs(core): add changelog entry for Rust protobuf 2021-06-08 09:55:19 +02:00
matejcik
aa4227fa84 ci: update coverage exclusion list 2021-06-08 09:55:19 +02:00
matejcik
cbe4e0e725 fix(core): properly exclude altcoins from all_modules 2021-06-08 09:55:19 +02:00
matejcik
729414e606 fix(core): exclude get/set U2F counter from BITCOIN_ONLY 2021-06-08 09:55:19 +02:00
matejcik
c06a93cba5 feat(core/rust): propagate bitcoin_only flag to Rust build 2021-06-08 09:55:19 +02:00
matejcik
1382246977 fix(core/tests): fix equality testing for new message types 2021-06-08 09:55:19 +02:00
matejcik
da2ef8ed41 refactor(core): create and use protobuf uvarint writer 2021-06-08 09:55:19 +02:00
Jan Pochyla
a8623c4b59 refactor(core): fix imports and use new protobuf API in apps 2021-06-08 09:55:19 +02:00
Martin Milata
72557614c4 build(core): update build process for new protobuf
- properly exclude in the trezor/enums folder
- generate Rust protobuf blobs in scons

Split from "tools: Generate special Protobuf blobs for the Rust codec"
2021-06-08 09:55:19 +02:00
Jan Pochyla
02aa14fc04 refactor(core): Switch to new Protobuf API 2021-06-08 09:55:19 +02:00
matejcik
8a5cb41060 chore(core): regenerate with new templates 2021-06-08 09:55:19 +02:00
matejcik
d42bc8a4c0 refactor(core): prepare new templates for enums and messages 2021-06-08 09:55:19 +02:00
matejcik
266955ba65 refactor: rework pb2py generator
This also includes the capability to build Rust protobuf blobs.
2021-06-08 09:55:19 +02:00
Jan Pochyla
8a21e3fc73 feat(core): Add Rust Protobuf codec 2021-06-08 09:55:19 +02:00
Pavol Rusnak
23aa69caea fix(core): unify Features.revision reporting with legacy 2021-06-04 12:50:49 +02:00
matejcik
2fac964a29 chore(common): disable Firo support 2021-06-04 11:38:18 +02:00
Pavol Rusnak
fce3640848 fix(common): remove dead coin Hatch 2021-06-04 10:10:26 +02:00
Martin Milata
767e7b8e8d fix(core): spaces in Shamir info texts 2021-06-03 16:54:42 +02:00
Martin Milata
ca836b2e45 chore(core): bump version to 2.4.1 2021-06-02 12:50:22 +02:00
matejcik
86089fa5ad feat(core): avoid restarting session for select messages (fixes #1631) 2021-06-01 14:07:29 +02:00
Martin Milata
e77082f34f docs(core): changelog for 2.4.0 2021-05-24 20:46:41 +02:00
Martin Milata
8c6b93e0bd build(core): account for ARM unwinding info in memory layout
Currently the 8-byte section is inserted under semi-random name like
.ARM.exidx.text._ZN50_$LT$T$u20$as$u20$core..convert..Into$LT$U$GT$$GT$4into17h79ccbc4bdfe3f200E.
This makes it hard to include it in _codelen that is later baked into
firmware header. This change adds new section because including it in
.flash causes linker error due to mixing "ordered" and "unordered"
sections.

By renaming .exidx to /DISCARD/ we'd drop this info, there may also
exist compiler flag to do that.
2021-05-21 13:49:42 +02:00
Martin Milata
20fe8552ca build(core/rust): use correct architecture for T1
TT is Cortex-M4 is Armv7E-M while T1 is Cortex-M3 is Armv7-M:
https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/armv6-m-vs-armv7-m---unpacking-the-microcontrollers
2021-05-21 13:49:42 +02:00
Ondřej Vejpustek
6fd4739c5c feat(core): make random delays use chacha_drbg 2021-05-21 13:42:53 +02:00
Ondřej Vejpustek
e1a5f42c81 feat(core): make chacha_drbg more robust 2021-05-21 13:42:53 +02:00
Ondřej Vejpustek
8ee17f69b3 refactor(core): move wait_random and rdi into separate file 2021-05-21 13:42:53 +02:00
matejcik
e015bc0856 build(core/rust): disable nightly-only features
When we need them, we will re-enable.
2021-05-21 13:42:10 +02:00
Pavol Rusnak
155fc7ac67
fix(core): remove tcDisplay from metadata/trezor-ctap2.json 2021-05-19 14:49:54 +02:00
Pavol Rusnak
d358503676
fix(core): remove txAuthSimple from metadata/trezor-ctap2.json 2021-05-19 14:45:02 +02:00
Martin Milata
c54077a714 fix(core): imports needed for T1 startup
Now debug build booted on wiped T1 connects to USB and shows square in
top right corner.
2021-05-17 18:03:07 +02:00
matejcik
1e0a23c133 fix(core/paths): make sure containers are copied along with the numbers they contain 2021-05-06 13:14:21 +02:00
matejcik
f05215f4ff chore(core): add changelog entry 2021-05-06 13:14:21 +02:00
matejcik
ed5c357b78 fix(core): properly cache last successful unlock time 2021-05-06 13:14:21 +02:00
matejcik
959cf7d515 fix(core/homescreen): properly redraw when an outside process kills homescreen
This happens with FIDO which does not use the normal workflow management
and so `workflow.close_others()` is never called.
2021-05-06 13:14:21 +02:00
matejcik
411a7bb802 fix(core/wire): handle codec errors better 2021-05-06 13:14:21 +02:00
matejcik
231a1fe229 refactor(core): do not cache reverse-mapping of message types in RAM
Instead, walk the module for every message.

Also remove the custom wire type registration facility, which is not
used.
2021-05-06 13:14:21 +02:00
matejcik
f1a54f2108 refactor(core): remove more global imports 2021-05-06 13:14:21 +02:00
matejcik
2cb379108c refactor(core/homescreen): load homescreen image on-demand 2021-05-06 13:14:21 +02:00
matejcik
f61d7fffa8 fix(core): fix top-level imports in apps.common.passphrase 2021-05-06 13:14:21 +02:00
matejcik
93db39ad70 fix(core/wire): drop unused reader, clarify writer usage 2021-05-06 13:14:21 +02:00
matejcik
1c32cbcc1c ci(core): exclude more things from coverage report 2021-05-06 13:14:21 +02:00
matejcik
5ee85b6ed9 refactor(core): improve clarity in main.py 2021-05-06 13:14:21 +02:00
matejcik
25385af159 feat(core/emu.py): erase profile when running emu.py -e 2021-05-06 13:14:21 +02:00
matejcik
94521a2065 feat(core): presize some modules to account for their sub-imports 2021-05-06 13:14:21 +02:00
matejcik
5f4240d93c feat(core): preallocate sys.modules to an appropriate size 2021-05-06 13:14:21 +02:00
matejcik
b5c1b37a56 chore(core/tests): bump heap size for core unit tests 2021-05-06 13:14:21 +02:00
matejcik
b1e4246b46 refactor(core/webauthn): make sure KEY_AGREEMENT_*KEY is generated once per power-up
This is what the spec recommends and it has been the case before
workflow-restarts, when `apps.webauthn.fido2` was imported exactly once
per lifetime.

With workflow-restarts, `fido2` is being imported repeatedly and the
keys regenerated. This does not seem to be a problem per the spec -- a
FIDO workflow will retain the same keys, and non-FIDO workflows can be
seen as unplugs/replugs as far as the FIDO functionality is concerned.

However, regenerating the keys is slow, which is a problem for the
hardware-based unit tests. We can avoid the slowness by returning to the
spec-mandated behavior and generating once per power-up.
2021-05-06 13:14:21 +02:00
matejcik
f6f3c7ffcf fix(core): prevent flickering when homescreen does not need to redraw 2021-05-06 13:14:21 +02:00
matejcik
5d12b943b3 feat(core): ensure all module names are interned 2021-05-06 13:14:21 +02:00
matejcik
96fd347ca8 fix(core): keep value of experimental_features cached across workflow restarts 2021-05-06 13:14:21 +02:00
matejcik
aaa3ce6117 fix(core/bitcoin): fix CoinJoin authorization with new cache 2021-05-06 13:14:21 +02:00
matejcik
dd655422f1 refactor(core/wire): simplify the message handling loop 2021-05-06 13:14:21 +02:00
matejcik
b387970468 refactor(core/debug): move "wipe with debug build" to boot.py
otherwise it gets wiped after every workflow
2021-05-06 13:14:21 +02:00
matejcik
1822aebdb4 feat(core): prefill field_cache in bitcoin app 2021-05-06 13:14:21 +02:00
matejcik
f3db4f2dd3 refactor(core): defragment PathSchema memory usage 2021-05-06 13:14:21 +02:00
matejcik
b1ca6ca848 refactor(core/debug): offload debug configuration from apps.debug 2021-05-06 13:14:21 +02:00
matejcik
e859c13d70 refactor(core): limit global imports in key places
so that by importing `apps.base`, we don't pull in the whole circus
2021-05-06 13:14:21 +02:00
matejcik
7ca67cc4d9 feat(core): clear out memory space after every workflow
A small fixed list of modules is kept pre-loaded in the GC arena.
These must not keep references to anything else, as all other modules
are unloaded and the memory is cleared.
2021-05-06 13:14:21 +02:00
matejcik
e629a72c3a refactor(core): move app registrations to a single handler function
apps.webauthn.boot() does not need an if-condition because it's only
called from session.py when the usb interface is enabled

This means that they do not need to be stored in RAM at all. The obvious
drawback is that we need to hand-edit the if/elif sequence, but we don't
register new handlers all that often so 🤷
2021-05-06 13:14:21 +02:00
matejcik
391976bcda refactor(core/usb): do not require serial number on instantiaton of USB
On a cleanly wiped device, storage must be unlocked in order to create
and retrieve the serial number. However, storage unlocking happens in
boot.py, which is imported _after_ usb.py

We must therefore sidestep asking for the serial number.
2021-05-06 13:14:21 +02:00
matejcik
276bb59dba refactor(core/cardano): update caching mechanism 2021-05-06 13:14:21 +02:00
matejcik
3cdb09c294 refactor(core): modify cache to preallocate all its data
also get rid of expensive "wire" import
2021-05-06 13:14:21 +02:00
matejcik
ea505b592c refactor(core): move empty_bytearray to trezor.utils 2021-05-06 13:14:21 +02:00
matejcik
b0116d0bdc refactor(core): modify wire to preallocate its buffers 2021-05-06 13:14:21 +02:00
Jan Pochyla
6257584951 feat(core): Add Rust bindings to MicroPython and trezorhal
core: Remove dangling module decls

core: Use new Cargo feature resolver, use external MacOS debug info

core: Rust docs improvements

core: Upgrade bindgen

core: Add test target to Rust

ci: build rust sources

build(core): .ARM.exidx.text.__aeabi_ui2f in t1 firmware size

It's an unwind table for softfloat function inserted by rustc, probably
can be removed to save 8 bytes:
599c58db70/link.x.in (L175-L182)

scons: Remove dead code

core: Move Rust target to build/rust

core: Replace extern with a FFI version

core: Add some explanatory Rust comments

core: Use correct path for the Rust lib

core: Remove Buffer::as_mut()

Mutable buffer access needs MP_BUFFER_WRITE flag. TBD in the Protobuf PR.

core: Improve docs for micropython::Buffer

core: Minor Rust docs changes

core: Rewrite trezor_obj_get_ll_checked

core: Fix incorrect doc comment

core: Remove cc from deps

fixup! core: Rewrite trezor_obj_get_ll_checked

core: update safety comments
2021-05-05 16:00:21 +02:00
Martin Milata
f58c1634c6 docs(core): use towncrier for generating CHANGELOG.md 2021-05-04 14:18:01 +02:00
gabrielkerekes
bf3e64ff20 fix(common): add isort:skip_file to files generated by pb2py 2021-04-23 11:09:29 +02:00
gabrielkerekes
6f59892824 refactor(core/cardano): introduce derive_public_key to simplify pub key derivation 2021-04-23 11:09:29 +02:00
gabrielkerekes
905970fd6a refactor(core/cardano): generalise _paginate_lines 2021-04-23 11:09:29 +02:00
gabrielkerekes
2313293477 feat(core/cardano): add support for catalyst voting registration 2021-04-23 11:09:29 +02:00
gabrielkerekes
2c503b16f5 fix(common): fix one value enums in pb2py 2021-04-23 11:09:29 +02:00
mcudev
e3539b0a73 core/embed/usb: add back usb fs code for t1 and redo fifo sizing 2021-04-14 23:03:29 +02:00
mcudev
6137a55b06 core/embed/usb: use all available usb endpoints and update the usb fifo sizing 2021-04-09 12:50:40 +02:00
Pavol Rusnak
2852b947ec
chore(core): regenerate coins 2021-04-08 14:17:43 +02:00
Martin Milata
720eaa3abd ci: run monero tests on hardware 2021-04-06 22:06:12 +02:00
Martin Milata
ac711fb8ee style(core): use more recent type annotation syntax
https://www.python.org/dev/peps/pep-0585/ - Type Hinting Generics In Standard Collections
https://www.python.org/dev/peps/pep-0604/ - Allow writing union types as X | Y
2021-04-01 11:12:30 +02:00
Martin Milata
0278998f72 style(common): mypy: disable implicit Optional for function arguments 2021-04-01 11:12:30 +02:00
Martin Milata
8b3ac659a0 style(core): mypy: disable implicit Optional for function arguments
https://www.python.org/dev/peps/pep-0484/#union-types
2021-04-01 11:12:30 +02:00
Martin Milata
f97af2af1b chore(core/ui): typing: no implicit Optional 2021-03-30 22:34:01 +02:00
Martin Milata
da72482c2f refactor(core/ui): get rid of confirm_wipe 2021-03-30 22:34:01 +02:00
Martin Milata
c0174ff217 refactor(core/ui): raise exception on dialog cancel by default 2021-03-30 22:34:01 +02:00
Martin Milata
2b6ea25712 refactor(core): convert rest of apps.bitcoin to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
b1e38fe382 refactor(core): no implicit spaces in render_text 2021-03-30 22:34:01 +02:00
Martin Milata
2a5f5c1c20 refactor(core): convert parts of apps.monero to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
6668921a4f refactor(core): convert apps.common.request_pin to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
01900b8536 refactor(core): convert parts of apps.webauthn to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
ffe6d65f72 refactor(core): convert parts of apps.management to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
c09a142e2a refactor(core): convert apps.misc.* to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
0b5d17bf49 refactor(core/ui): merge confirm_hexdata and show_pubkey 2021-03-30 22:34:01 +02:00
Martin Milata
6ded531f8f refactor(core): convert apps.common.sdcard to layouts 2021-03-30 22:34:01 +02:00
Martin Milata
035f114125 fix(core/ui): don't return CONFIRMED/CANCELLED from layouts 2021-03-30 22:34:01 +02:00
Rafael Korbas
a9b8b0e119 feat(core/cardano): chunked serialization of signed transaction 2021-03-26 11:15:19 +01:00
gabrielkerekes
3cb686d452 fix(core/cardano): make witnesses order deterministic 2021-03-26 11:15:19 +01:00
Andrew Kozlik
25411e22c9 test(core): Add unit test for modtrezorconfig counter. 2021-03-26 10:54:56 +01:00
Andrew Kozlik
2836bfc64c fix(core): Improve error handling and range checking in modtrezorconfig. 2021-03-26 10:54:56 +01:00
Andrew Kozlik
66823e2893 chore(core,legacy): Bump FIX_VERSIONs due to upgrade to storage version 3. 2021-03-25 14:24:41 +01:00
Andrew Kozlik
3084d1196d feat(core): Support 50 digit PIN and wipe code. 2021-03-25 14:24:41 +01:00
Pavol Rusnak
da7214d82f
fix(common): update support.json to include Firo 2021-03-25 13:39:59 +01:00
Pavol Rusnak
dfbdcf5b2b
feat(core): add support for olimex-arm-usb-tiny-h via openocd
[skip_ci]
2021-03-24 18:01:50 +01:00
Pavol Rusnak
b37e5c916f
fix(core): add missing targets to make clean
[skip_ci]
2021-03-22 22:06:29 +01:00
Pavol Rusnak
4649b80b44
feat(core): allow secp256k1-zkp for bitcoin-only build
(but keep it disabled)
2021-03-18 15:42:52 +01:00
matejcik
cb7152542d feat: drop DebugLinkShowText functionality 2021-03-18 10:59:51 +01:00
matejcik
56ee7d33a9 chore: add cardano changelogs 2021-03-18 10:30:03 +01:00
Rafael Korbas
74ed5b7018 feat(core/cardano): Implement bech32 asset ids based on CIP-0014 2021-03-18 09:53:33 +01:00
Rafael Korbas
bd4512b53a fix(core/cardano): Allow stake pool registrations with zero margin 2021-03-18 09:35:08 +01:00
Andrew Kozlik
b10acbe153 feat(core): Allow decreasing output amount in RBF transactions. 2021-03-17 15:15:50 +01:00