Andrew Kozlik
5fc491c597
chore(core): In apps.bitcoin move BIP143 hashing back to a separate class.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
443e0c101e
chore(common): Add orig_hash and orig_index fields to TxInput and TxOutput.
2020-10-23 15:07:15 +02:00
Andrew Kozlik
9a594f4784
fix(core): Fix CoinJoin anonymity gain check in bitcoin approver.
2020-10-16 19:16:37 +02:00
Pavol Rusnak
ded61a4ccf
chore(vendor): update micropython to v1.13
2020-10-16 14:19:35 +02:00
Martin Milata
830592f2d9
feat(core): add experimental_features setting
...
The setting is off by default. When it is enabled protobuf messages
marked UNSTABLE are rejected after decoding.
2020-10-16 13:53:31 +02:00
Martin Milata
0376670404
feat(common): expose 'unstable' option in generated code
2020-10-16 13:53:31 +02:00
Martin Milata
314cd260eb
feat(common): add experimental_features setting
2020-10-16 13:53:31 +02:00
Pavol Rusnak
bf6e9b4cad
fix(core): always recalculate header hashes
2020-10-15 16:28:12 +02:00
Martin Milata
9ed25a718a
ci: handle full dependencies in shell.nix
...
Handling of full dependencies (multiple python versions, Monero tests)
was moved from Dockerfile to shell.nix.
The Python packages are installed from the pinned nixpkgs revision and
do not depend on channel state at the time of docker build anymore.
The Monero test binary is now downloaded using fetchurl which fails the
build if checksum doesn't match.
2020-10-15 15:59:20 +02:00
Andrew Kozlik
c67ecb984b
chore(crypto): Move XPUB_MAXLEN and ADDRESS_MAXLEN from modtrezorcrypto to bip32.h.
2020-10-13 13:13:49 +02:00
Andrew Kozlik
c21ca81a1e
fix(core): Prevent sensitive data from being left on the call stack in modtrezorcrypto.
2020-10-13 13:13:49 +02:00
Pavol Rusnak
d8534b5ee6
perf(core/extmod): replace HMAC Python implementation with C
...
We keep Python implementation of HMAC for Monero in
core/src/apps/monero/xmr/crypto/__init__.py
2020-10-12 16:33:13 +02:00
Andrew Kozlik
d90c3af6ea
docs(core): Fix typos in slip39.py.
2020-10-11 00:31:24 +02:00
Tomas Susanka
b9dc44a849
docs(core): note 2.3.4 as released in Changelog
2020-10-08 09:02:52 +02:00
Martin Milata
542f32d3b1
feat(core): add auto_lock_delay and display_rotation to Features
2020-10-02 11:06:16 +02:00
Martin Milata
b2c4bbdaa2
feat(common): add auto_lock_delay and display_rotation to Features
2020-10-02 11:06:16 +02:00
matejcik
e4785d47e0
style: apply black 20.8b1
2020-09-29 11:30:40 +02:00
Rafael Korbas
2173ad97bc
Refactor t<page number> to page<page_number> in cardano get_address call
2020-09-29 08:55:28 +02:00
Rafael Korbas
66dbdc2462
Enforce network id/protocol magic consistency for cardano show address
2020-09-29 08:55:28 +02:00
Juraj Muravsky
638977db7d
Swap path with address type on screen in cardano get address
2020-09-29 08:55:28 +02:00
Pavol Rusnak
649e31cef0
chore(core/bootloader): regenerate messages with nanopb 0.4.3
2020-09-24 10:52:31 +02:00
Pavol Rusnak
71058eedd5
chore(vendor/nanopb): update nanopb from 0.4.1 to 0.4.3
2020-09-24 10:52:31 +02:00
Tomas Susanka
0317877297
chore(core): bump version to 2.3.5
2020-09-24 10:17:32 +02:00
matejcik
0eed360037
chore: make tx type names shorter
...
as suggested by @andrewkozlik:
TxAckInputType -> TxInput
TxAckOutputType -> TxOutput
TxAckPrevTxType -> PrevTx
TxAckPrevInputType -> PrevInput
TxAckPrevOutputType -> PrevOutput
2020-09-23 16:00:10 +02:00
matejcik
b6b65bffff
docs(core): update changelog
2020-09-23 16:00:10 +02:00
matejcik
35035dabcb
ci: omit generated protobuf classes from coverage report
2020-09-23 16:00:10 +02:00
matejcik
8b2e46eb2d
chore(core): update unit tests to kwargs usage and new TxAck subtypes
2020-09-23 16:00:10 +02:00
matejcik
d89c42e139
feat(core): add more mypy targets
2020-09-23 16:00:10 +02:00
matejcik
244b264b47
chore(core): fix typing and kwargs usage
2020-09-23 16:00:10 +02:00
matejcik
ef4022fbf5
auto: regenerate protobuf classes
2020-09-23 16:00:10 +02:00
matejcik
37025e2a84
feat(core): use specialized protobufs in apps.bitcoin, enable typing
2020-09-23 16:00:10 +02:00
matejcik
b0a2297b14
feat(core): convert protobuf decoding errors to DataErrors
2020-09-23 16:00:10 +02:00
matejcik
6ba08526e1
fix(core): fix type annotations on CoinInfo
2020-09-23 16:00:10 +02:00
matejcik
7e5d9e295b
fix(core): help mypy understand micropython's module management
2020-09-23 16:00:10 +02:00
matejcik
90ee5f3d38
feat!: implement protobuf required fields and default values
...
BREAKING CHANGE: this makes arguments to protobuf constructors
keyword-only, and arguments corresponding to required fields are now
mandatory
2020-09-23 16:00:10 +02:00
Pavol Rusnak
f8489f16e4
fix(common/defs): remove FSN, ICX which migrated to mainnet
2020-09-23 11:31:09 +02:00
Martin Milata
cff4955f93
core: implement SafetyChecks.PromptTemporarily
...
Also reword safety checks confirmation dialogs.
2020-09-18 09:02:40 +02:00
Martin Milata
7d37b2c90f
common: add PromptTemporarily to SafetyChecks enum
2020-09-18 09:02:40 +02:00
Martin Milata
9d2ad96ad4
core: add SafetyCheckLevel to Features
2020-09-18 09:02:40 +02:00
Martin Milata
9f066e877d
common: add SafetyCheckLevel to Features
2020-09-18 09:02:40 +02:00
Martin Milata
163ccedb39
core: allow const() values to have Literal type
2020-09-18 09:02:40 +02:00
Tomas Susanka
cd1d5195fd
docs(core): add changelog for Oct release
2020-09-16 15:24:15 +02:00
Pavol Rusnak
65e20119ea
docs(changelog): fix typo
2020-09-15 14:25:02 +02:00
Andrew Kozlik
295710c37d
core/bitcoin: Check ownership proofs using the provided commitment data.
2020-09-08 19:36:10 +02:00
Andrew Kozlik
5d745d5d04
common/protob: Add commitment_data to TxInputType.
2020-09-08 19:36:10 +02:00
Dusan Klinec
9d7b0bf50c
xmr: fix new transaction type for CLSAG, HF=13
2020-09-07 17:50:38 +02:00
Andrew Kozlik
9774c99e90
core/tests: Fix unit tests for streamimg prev_tx after confirmation.
2020-09-04 14:36:39 +02:00
Andrew Kozlik
dad2852db9
core/bitcoin: Stream prev_tx after confirmation.
2020-09-04 14:36:39 +02:00
Tomas Susanka
ebc99435ab
Revert "core: remove ownership messages from the public api for now"
...
This reverts commit 0d5f00668f
.
2020-09-03 14:56:27 +02:00
Tomas Susanka
b99b8b3df3
Merge remote-tracking branch 'origin/release/2020-09'
2020-09-03 13:17:23 +02:00
Pavol Rusnak
c1dd07a2e4
core+legacy: update dates in changelogs
2020-09-02 15:36:36 +02:00
Martin Milata
f3fd98a7ba
core: remove 1px of space on the left of each glyph
...
For PixelOperator (T1) fonts only.
2020-09-01 19:57:46 +02:00
Martin Milata
b8bb63fbef
core: drop unused FONT_SIZE constant
2020-09-01 19:57:46 +02:00
Tomas Susanka
19461398d7
core/cardano: reuse derived Shamir seed ( fixes #1007 )
2020-09-01 16:14:41 +02:00
Tomas Susanka
0d5f00668f
core: remove ownership messages from the public api for now
2020-09-01 15:56:57 +02:00
Ondřej Vejpustek
09667a676e
core/tools: update hid-bridge readme
2020-09-01 14:18:57 +02:00
matejcik
e0583dd5cb
all: use a specific error code for "invalid session"
2020-08-28 15:37:06 +02:00
matejcik
4909821f35
core: implement EndSession
2020-08-28 15:37:06 +02:00
Martin Milata
c7934116ec
core: introduce TREZOR_MODEL flag ( #1233 )
2020-08-28 14:50:38 +02:00
Martin Milata
df5421e7d6
common/defs: update maxfee_kb to 10USD/tx
...
Except bitcoin.
(cherry picked from commit f51fac3410
)
2020-08-25 18:06:54 +02:00
Martin Milata
f51fac3410
common/defs: update maxfee_kb to 10USD/tx
...
Except bitcoin.
2020-08-25 18:05:29 +02:00
matejcik
032a65e1cf
python: export toif as public module
2020-08-25 11:30:33 +02:00
Pavol Rusnak
41f5237967
common/defs: enable extra_data for FLO
...
(cherry picked from commit 534695313c
)
2020-08-24 11:08:02 +02:00
Pavol Rusnak
534695313c
common/defs: enable extra_data for FLO
2020-08-24 11:06:12 +02:00
Tomas Susanka
d080464cc5
core, legacy: bump versions (also in changelogs)
2020-08-24 09:31:49 +02:00
Tomas Susanka
e137f196f8
core/changelog: update
2020-08-21 21:30:15 +02:00
Andrew Kozlik
f2d669ecdc
core/bitcoin: Use dynamic dispatch for confirmation dialogs in sign_tx.
2020-08-21 21:30:15 +02:00
Andrew Kozlik
02da5b7593
core/bitcoin: Show warning if nLockTime is set but ineffective due to all nSequence values being 0xffffffff.
2020-08-21 21:30:15 +02:00
Pavol Rusnak
146ee7af89
update changelogs
2020-08-21 21:30:15 +02:00
Pavol Rusnak
cdf0f68bb0
core: show passphrase on device
2020-08-21 21:30:15 +02:00
Pavol Rusnak
21b4c5b60e
core/bootloader_ci: fix typos in the previous commit
2020-08-21 14:47:35 +02:00
Ondrej Mikle
8d3d3be09c
core/bootloader_ic: introduce CI bootloader for TT device tests ( #1182 )
2020-08-21 14:39:56 +02:00
Martin Milata
1b982659c4
core: fix boot loop after uploading invalid homescreen ( #1205 )
2020-08-21 12:00:42 +02:00
Pavol Rusnak
0620911e46
core: allow spending coins from Bitcoin paths if the coin ...
...
has implemented strong replay protection via SIGHASH_FORKID
2020-08-21 11:49:03 +02:00
Alexis Hernandez
96c38315df
common/defs: enable extra_data for XSN ( #1208 )
2020-08-20 20:40:30 +02:00
Andrew Kozlik
dd540a2ccd
core/ui: Initialize Qr class properly.
2020-08-20 18:13:09 +02:00
gabrielkerekes
431a25b119
Add Cardano README.md
2020-08-20 16:02:10 +02:00
Pavol Rusnak
c3ce9de3ea
core: regenerate coins+tokens
2020-08-19 19:29:18 +02:00
Pavol Rusnak
fd87c62b68
common/defs: remove coins with no Trezor-compatible wallets
2020-08-19 19:29:18 +02:00
Martin Milata
71c5bc4e3b
ci: fail if coverage falls under threshold
2020-08-18 21:08:46 +02:00
Martin Milata
3f21e8f400
core: display coin name when signing message
...
Also when verifying message.
2020-08-18 13:45:49 +02:00
Martin Milata
927ee0812b
core: add hard limit for transaction fees
...
The hard limit is set to 10*fee_warning_threshold. The limit is not
enforced when `safety_checks` is set to "Prompt".
2020-08-17 16:12:33 +02:00
Tomas Susanka
c9dc38c9f3
core: allow 49/x not 49/x' for Casa
2020-08-17 08:54:08 +02:00
Pavol Rusnak
5536fbb98a
python: use stdlib blake2s on python 3.6+
...
commit 6d407c84d7
did not replace everything
2020-08-10 23:35:38 +02:00
Pavol Rusnak
d1973b7486
pipenv: update Pipfile
2020-08-08 18:03:32 +02:00
Pavol Rusnak
02b6656471
core: update changelog
2020-08-07 15:09:48 +02:00
Pavol Rusnak
4e11735d22
core/modtrezorui: remove prefill from text functions
...
use display.bar where needed to prefill the areas
2020-08-07 15:08:14 +02:00
matejcik
2e5771db79
core: add changelog entry
2020-08-07 13:54:32 +02:00
matejcik
5385617eda
core: increase address length limit to accomodate CRW ( fixes #1139 )
2020-08-07 12:45:43 +02:00
matejcik
51ea8ccecd
common: update token support
2020-08-07 11:49:26 +02:00
Pavol Rusnak
fd2ddbfb03
core+legacy: expand month names in changelogs
2020-08-05 23:07:11 +02:00
Pavol Rusnak
65805c9145
core: fix non-determinism in resources.py.mako
2020-08-05 17:10:22 +02:00
matejcik
cea634158a
core: make sure Homescreen is properly initialized ( fixes #1095 )
2020-08-05 14:22:06 +02:00
Tomas Susanka
16827c3135
core: make templates
2020-08-05 13:55:36 +02:00
Pavol Rusnak
3fffa9ae68
common/defs: enable XVG
2020-08-05 12:10:52 +02:00
gabrielkerekes
afa26e7560
Use correct paths for Cardano Byron witnesses
2020-08-04 20:35:13 +02:00
Andrew Kozlik
292d909235
core/base: Implement CancelAuthorization message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
8bcb3d8fb6
core/storage: Add delete() method to storage.cache.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
5c1f197602
common/protob: Add CancelAuthorization message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
a6c06b5c5f
core: Update changelog with CoinJoin flow.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
791a74aeb2
core/tests: Add unit tests for CoinJoinApprover and CoinJoinAuthorization.
2020-08-04 17:32:44 +02:00
matejcik
cd86f9f477
core/bitcoin: make change check more robust against short paths
2020-08-04 17:32:44 +02:00
Andrew Kozlik
07d9b780a6
core/bitcoin: Change CoinJoin round ID length to 32 bytes and remove rate limiting.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
377bff68f4
core/bitcoin: Implement DoPreauthorized message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
2c30dd62fc
common: Add DoPreauthorized message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
b9cfecb8b8
core/bitcoin: Support preauthorization in SignTx message for CoinJoin.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
97fc9b74ab
core/bitcoin: Implement CoinJoinApprover.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
472e853f0a
core/tests: Fix unit tests to work with BasicApprover in sign_tx.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
d6ee542deb
core/bitcoin: Move transaction confirmation logic from Bitcoin to BasicApprover class.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
00258f2d4d
core/bitcoin: Support preauthorization in GetOwnershipProof message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
c772de9d3c
core/bitcoin: Support preauthorization in @with_keychain decorator.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
208283e13e
core/bitcoin: Implement AuthorizeCoinJoin message.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
48a331aa1d
core/bitcoin: Add CoinJoinAuthorization class.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
dc32a17335
core/bitcoin: Move BIP32_WALLET_DEPTH to common.
2020-08-04 17:32:44 +02:00
Andrew Kozlik
bbab13f6e7
common/protob: Add AuthorizeCoinJoin message.
2020-08-04 17:32:44 +02:00
Ondřej Vejpustek
59002118c0
core/extmod: explicitly initialize automatic variables
2020-08-04 14:50:07 +02:00
gabrielkerekes
683d7420ff
Fix Cardano Shelley public key validation
...
In Shelley Cardano started using the purpose 1852'. Unfortunately,
we completely missed that the public key path validation fuction checks
for purpose 44' explicitly, which means that the user is shown a warning
when deriving public key with the purpose 1852'. Which is always when
"logging in" to a wallet. This commit should fix that.
I've also updated type hinting in get_public_key.
2020-08-04 13:03:57 +02:00
matejcik
c3afb93837
core/tests: improve test harness ( fixes #1157 )
2020-08-04 10:27:44 +02:00
Pavol Rusnak
efc5ccdaf0
core: remove src1
2020-08-03 15:59:57 +02:00
Tomas Susanka
16a5858544
core: add Casa/Greenaddress paths exceptions to Changelog
2020-08-03 15:51:35 +02:00
Martin Milata
e5bdca655a
core: don't scale emulator background image
...
Makes the emulator look nicer in tiling window managers.
2020-07-31 12:27:43 +02:00
Gabriel Kerekeš
c0eba979c6
Fix bare 'except' style error - catch Exception instead
...
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
2020-07-30 17:17:03 +02:00
gabrielkerekes
7a1e773b49
Validate transaction metadata
2020-07-30 17:17:03 +02:00
gabrielkerekes
f2ee450410
Include metadata in transaction signing
2020-07-30 17:17:03 +02:00
gabrielkerekes
0438f318b4
Bring back cbor.Raw - to be used for metadata
2020-07-30 17:17:03 +02:00
gabrielkerekes
1ed8b56b7c
Include Byron witness once for each input path
2020-07-30 17:17:03 +02:00
gabrielkerekes
7bf5cab840
Update sign_tx
...
Add certificates, withdrawals and metadata hash
2020-07-30 17:17:03 +02:00
gabrielkerekes
a25444efd1
Move to_account_path() to utils
2020-07-30 17:17:03 +02:00
gabrielkerekes
e92baf5b02
Update protobuf
2020-07-30 17:17:03 +02:00
Andrew Kozlik
7d07161efe
common/fido: Unify application labeling between U2F and FIDO2.
2020-07-30 15:29:54 +02:00
Pavol Rusnak
063aba910d
core: rename emulator to trezor-emu-core
2020-07-30 15:27:34 +02:00
matejcik
8502412dbc
core/emulator: assume -m main
when no arguments are provided
...
fixes #1115
2020-07-30 15:27:34 +02:00
Martin Milata
d955e3f1e5
core: rename class Overwintered to Zcashlike
2020-07-30 15:14:18 +02:00
Martin Milata
10387e1869
core: drop zcash v3 tx signing support
2020-07-30 15:14:18 +02:00
gabrielkerekes
6d02aa23d9
Raise wire.DataError when deriving invalid address type
2020-07-30 14:43:32 +02:00
gabrielkerekes
b5f3511c1c
Add support for script addresses in tx outputs
2020-07-30 14:43:32 +02:00
gabrielkerekes
f1b6056edb
Fix staking key hash message
...
When deriving an address with a foreign staking key Trezor would crash
due to forgotten `decode()` on hexlified staking key hash which was to
be displayed.
This wasn't discovered while testing because it weirdly would pass with
a `aaff00` string, but not with longer ones.
2020-07-30 14:43:32 +02:00
matejcik
c008600d08
core/debug: fail if wait_layout is sent without watch_layout
2020-07-29 11:50:47 +02:00
Pavol Rusnak
9a673db647
core: fix build on T1
...
file src/apps/base.py was added unconditionally breaking the T1 build
2020-07-28 12:12:53 +02:00
Pavol Rusnak
a6451dad46
core/fonts: update headers
2020-07-28 10:56:41 +02:00
Martin Milata
3021233eaf
core: remove unimports from bitcoin sign_tx layouts
2020-07-28 10:51:28 +02:00
Pavol Rusnak
47e7550423
core/extmod: add font_pixeloperator{,mono}, use this font for T1
2020-07-28 09:40:30 +02:00
Pavol Rusnak
cec87bba50
core: remove mono bold font variant (not used anywhere)
2020-07-27 23:22:34 +02:00
Pavol Rusnak
e6baaa7ed9
core/src1: use display.text instead of display.print
2020-07-27 17:40:34 +02:00
Pavol Rusnak
de43dde1e9
core: make emu.sh respect TREZOR_MODEL env variable
2020-07-27 17:38:55 +02:00
Pavol Rusnak
8bc32d035b
core/extmod: enable display_text* methods for other models than T
2020-07-27 17:24:13 +02:00
Pavol Rusnak
df03534955
core: print inverted question mark for nonprintable characters
2020-07-27 16:29:11 +02:00
Pavol Rusnak
89d701ed08
core+legacy: bump versions (also in changelogs)
2020-07-27 13:59:49 +02:00
matejcik
4eb5b927c0
core/cardano: simplify keychain implementation
2020-07-27 13:24:51 +02:00
Gabriel Kerekeš
d2c1624602
Cardano shelley update 2/3 ( #1112 )
2020-07-27 13:11:23 +02:00
gabrielkerekes
e1615e60ec
Update Cardano to support Shelley era 1/3
...
Update protobuf
- Previous transactions don't need to be sent anymore, because fee is
included in the transaction now. Thus transactions_count can be
removed from CardanoSignTx message and the CardanoTxAck and
CardanoTxRequest messages can be removed altogether.
- CardanoTxInputType.type is unused so remove it
Add NULL (None type) serialisation to CBOR
- Transaction metada must either have a valid structure or CBOR NULL
must be used (if metadata is empty) - it can't be simply left out.
Add protocol_magics file
- Just to have a nicer way of representing protocol magics
Update transaction signing
- Previous transactions no longer need to be requested
- Output building is simplified, since fee doesn't need to be calculated
- Remove transaction class since it is no longer needed (only functions
remained)
- Reorder functions so it reads top to bottom
Add protocol magic to byron address on testnet
- This has always been a part of the spec, but it hasn't been
implemented before, because it wasn't really needed.
Update trezorlib
Update tests
- Transaction messages are no longer required
- Expected values are different since tx format changed
- Common values in test cases have been extracted
Remove unused file
- Progress was used when receiving previous transactions
Add CRC check to output address validation
2020-07-27 13:04:49 +02:00
Pavol Rusnak
88aa3cf168
core: convert old changelogs to new format
2020-07-27 12:14:00 +02:00
Pavol Rusnak
8dacad0782
core/bootloader: update protobuf definitions
2020-07-26 00:00:37 +02:00
matejcik
fdcb64ac24
all: rename protobuf unsafe_prompts
to safety_checks
2020-07-24 16:37:58 +02:00
matejcik
19ad1dae8b
core/bitcoin: allow compatibility namespaces for Casa/Greenaddress
2020-07-24 16:37:58 +02:00
matejcik
b741560997
core/bitcoin: drop unused validate_path_for_bitcoin_public_key
2020-07-24 16:37:58 +02:00
matejcik
407375b0c4
core/bitcoin: move BITCOIN_NAMES to common
2020-07-24 16:37:58 +02:00
matejcik
8f8e793155
core, python: add changelogs
2020-07-24 16:37:58 +02:00
matejcik
fd8cb0e061
core/keychain: differentiate error message for ed25519 derivation
2020-07-24 16:37:58 +02:00
matejcik
0438f83a94
core: use public
as named argument instead of comment
2020-07-24 16:37:58 +02:00
matejcik
57b08c98ed
core: raise error on setting passphrase-on-device without passphrase
2020-07-24 16:37:58 +02:00
matejcik
58f460627f
core/tests: add unit tests for new functionality
2020-07-24 16:37:58 +02:00
matejcik
a461853cf6
core/tests: fix bitcoin unit tests
2020-07-24 16:37:58 +02:00
matejcik
c85d768b81
core: update references to keychain everywhere
2020-07-24 16:37:58 +02:00
matejcik
ff4ec2185e
core: refactor keychain to only support one curve at a time
...
also make a cleaner distinction between keychain, seed, path
This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.
For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".
SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.
Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-24 16:37:58 +02:00
matejcik
fa757f4b7f
core: improve type annotation for bip32.derive_path
2020-07-24 16:37:58 +02:00
matejcik
8e44132d3c
core: replace load_settings with individual setters
2020-07-24 16:37:58 +02:00
matejcik
1109250dcf
core: add option to allow unsafe prompts
2020-07-24 16:37:58 +02:00
Martin Milata
03f2dab6bc
core: reduce gc.collect calls during bitcon sign_tx
2020-07-24 15:35:09 +02:00
matejcik
c3a61998cb
core: generate resdata by Mako, use if/elif trick to save RAM
2020-07-24 14:09:31 +02:00
matejcik
125079a8a4
core: add changelog entry for synchronous protobuf
2020-07-24 14:09:31 +02:00
matejcik
7befdd07e4
core/tests: update unit tests
2020-07-24 14:09:31 +02:00
matejcik
5e7fd3aea6
core: use utils.BufferReader instead of apps.common.BytearrayReader
2020-07-24 14:09:31 +02:00
matejcik
1ff4a0d239
core: separate BufferIO into Reader (read-only) and Writer
...
also integrates BytearrayReader API into BufferReader
2020-07-24 14:09:31 +02:00
matejcik
3514a31bc9
core: make USB codec resilient to OOM conditions
2020-07-24 14:09:31 +02:00
matejcik
0a758b8181
core/tests: add synchronous protobuf tests
2020-07-24 14:09:31 +02:00
matejcik
31e2170766
core: make protobuf buffer smaller, dynamically allocate bigger if necessary
2020-07-24 14:09:31 +02:00
matejcik
a000ea5ec8
core/monero: update Monero app to use synchronous protobuf
2020-07-24 14:09:31 +02:00
matejcik
01d695283f
core: make protobuf buffer bigger
2020-07-24 14:09:31 +02:00
matejcik
0c3bc53aee
core: clean up types for field caching, fix count_message
2020-07-24 14:09:31 +02:00
matejcik
f723dca7b1
core: enable PYSTACK
2020-07-24 14:09:31 +02:00
matejcik
d568afa80d
core: improve protobuf field caching
2020-07-24 14:09:31 +02:00
matejcik
85d74ece76
core: implement synchronous v1 codec
2020-07-24 14:09:31 +02:00
Tomas Susanka
34bd57006f
core, legacy: set version of the upcoming release in Changelog
2020-07-24 12:33:46 +02:00
Martin Milata
fd117a0c9f
core: raise error on auto-lock value out of range
2020-07-22 21:38:42 +02:00
Andrew Kozlik
4005f4832f
core/embed: Set VCP write timeout to 0.
2020-07-16 09:34:58 +02:00
Ondrej Mikle
33d2bf417b
core: replace bootloader only in production. Fix device for T1 core port JLink upload
2020-07-13 10:45:32 +02:00
matejcik
051763575d
core: touch idle timer in keyboards ( fixes #1099 )
2020-07-10 14:05:52 +02:00
matejcik
2c4ecff0a4
core: fix synthetic events breaking io.poll delay calculation
2020-07-10 14:05:52 +02:00
Andrew Kozlik
eb28998f98
core/bitcoin: Support multiple change-outputs.
2020-07-09 15:51:23 +02:00
matejcik
2c8e5f527b
all: rename changelogs to .md for highlighting
2020-07-08 10:43:40 +02:00
matejcik
a19a9a318a
all: improve changelog formatting
2020-07-08 10:43:40 +02:00
matejcik
476cf2ee8f
core, legacy: more changelog entries
2020-07-08 10:43:40 +02:00
Pavol Rusnak
57ae902aed
core/monero: don't download test binary even if hash is different
2020-07-03 15:18:38 +02:00
Pavol Rusnak
5d666376f0
core/monero: update tests binary
2020-07-03 15:18:38 +02:00
Andrew Kozlik
37f4dcc7e5
core/bitcoin: Rename witness_p2wsh() to witness_multisig().
2020-07-03 11:17:19 +02:00
Andrew Kozlik
91b615c217
core: Update changelog.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
9cd600f79e
core/bitcoin: Add special confirmation screen for transactions with external inputs.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
64d9350de2
core/bitcoin: Implement GetOwnershipId message.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
533de50588
common/protob: Add GetOwnershipId message.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
712ec68c1b
core/bitcoin: Add support for external inputs with proof of non-ownership.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
956ea9a94f
common: Add ownership_proof field to TxInputType.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
791ff3fe06
core/tests: Add unit tests for SLIP-0019 proofs of ownership.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d4317d1536
core/bitcoin: Implement generation and verification of SLIP-0019 proofs of ownership.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d52de28704
core/bitcoin: Implement BIP-322 SignatureProof container.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
c723c78529
common/protob: Add GetOwnershipProof message.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d48a372ca7
core/sign_tx: Implement support for signed external inputs.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
78f14d286e
core/sign_tx: Factor out get_legacy_tx_digest() from sign_nonsegwit_input().
2020-07-03 11:17:19 +02:00
Andrew Kozlik
61e2d4d5e5
core/bitcoin: Implement signature verifier.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
5378e12ba2
core/bitcoin: Clarify hash_type vs. sighash_type terminology.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
d1e043f417
core/bitcoin: Implement parsing of scripts and witnesses for signature verification.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
173bb7ed13
core/bitcoin: Replace TxInputType parameter in input_derive_script.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
a901573ea2
core/bitcoin: Move script types from helpers to common.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
3b6c1e5e6b
core/crypto: Add functions for verifying DER encoded signatures.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
9459c5a5c2
core/common: Add BytearrayReader and basic reader functions.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
99f01cd316
core/sign_tx: Check script_pubkeys of inputs.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
cc655575c8
common: Add witness field to TxInputType.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
872768928b
core/crypto: Fix endianity in DER length encoding.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
e7f230d66e
core/sign_tx: Use varint length encoding for witness stack items.
2020-07-03 11:17:19 +02:00
Tomas Susanka
3a3e5739b0
core, legacy: update changelogs
2020-07-02 09:09:34 +00:00
Tomas Susanka
fc9eb63114
core: add previous commit to changelog
2020-07-01 17:37:47 +00:00
Tomas Susanka
0f9a2459d3
core: make QR code smaller for Monero
2020-07-01 17:20:04 +00:00
Tomas Susanka
ca3dd2bfb9
common: skip deprecated fields during generation; deprecate overwintered field in Zcash
2020-06-30 16:02:21 +02:00
matejcik
e6e3043096
all: implement support for pre-overwinter prevtx ( fixes #1030 )
2020-06-30 15:19:31 +02:00
Andrew Kozlik
f382f77c89
core/ui: Fix repaint bug in QR code rendering #1067 .
2020-06-25 12:25:41 +02:00
Tomas Susanka
e534ae3ad7
legacy, core: rename Features.pin_cached to unlocked and unify
2020-06-19 21:26:36 +02:00
Tomas Susanka
b6c8cbc24c
core: add 'initialized' to changelog
2020-06-16 11:31:29 +02:00
Tomas Susanka
a6acefbdf5
core: wipe before reset and recovery; introduce 'intialized' field
2020-06-16 11:31:29 +02:00
Andrey
1eeaa1e5cf
Enable extra_data for Zcoin. Changed coininfo.py
2020-06-15 09:53:00 +02:00
Tomas Susanka
b67be7dd9e
core: forbid all settings if not initialized
2020-06-11 18:47:01 +02:00
Tomas Susanka
f8b2f0bb7b
changelogs: change also bootloader changelogs to the new format
2020-06-11 15:48:38 +00:00
Tomas Susanka
9979af3cd2
changelogs: start using more detailed changelog
2020-06-11 17:43:40 +02:00
Tomas Susanka
981d079d7f
core/signverify: add failsafe for an empty message header
2020-06-11 09:08:50 +02:00
Tomas Susanka
56fe5adcfc
Merge branch 'release/2020-06'
2020-06-10 06:51:18 +00:00
Andrew Kozlik
d1690f4317
core/tools: fix pixel-perfect mode for centered text in dialog-designer
2020-06-09 13:31:42 +02:00
Pavol Rusnak
179645e3ad
core: unify usage of TREZOR_MODEL
2020-06-06 21:06:15 +02:00
Ondrej Mikle
c877dc8dd6
core: port storage to T1
2020-06-06 21:06:15 +02:00
Pavol Rusnak
2815b62838
core/tools: implement "pixel-perfect" mode for dialog-designer tool
2020-06-05 14:11:59 +00:00
Pavol Rusnak
5262ef84cf
common/defs/fido: add aws and tutanota
2020-06-05 14:53:13 +02:00
Andrew Kozlik
9c61257e8e
core: Use the Lock icon in the PIN entry dialog only when the device is actually locked.
2020-06-05 11:52:56 +02:00
Pavol Rusnak
5ed64a0736
core/tools: refactor dialog-designer tool
2020-06-04 21:39:47 +02:00
Pavol Rusnak
d9d5511858
core/tools: add quick'n'dirty dialog-designer tool
2020-06-04 19:56:42 +02:00
matejcik
7579ac5274
core: fix rendering issues in homescreens
2020-06-04 16:18:46 +02:00
matejcik
9df7c84c56
core/ui: lower lockscreen brightness
2020-06-04 16:18:46 +02:00
matejcik
8fa7684a9c
core: set a scheduler-safe maximum for autolock
2020-06-04 16:18:46 +02:00
matejcik
872e0fb0e0
core: lower scheduler resolution to milliseconds
...
This avoids problems with large timeouts causing the scheduler queue to
think the time counter has overflown, and ordering the autolock task before
immediate tasks.
The maximum reasonable time difference is 0x20000000, which in
microseconds is ~8 minutes, but in milliseconds a more reasonable ~6
days.
2020-06-04 16:18:46 +02:00
matejcik
847691798b
core: simplify homescreen and lockscreen implementations
2020-06-04 16:18:46 +02:00
matejcik
4bc865794f
core: only unlock storage if it is locked (solves determinism issue in tests)
2020-06-04 16:18:46 +02:00
matejcik
ffa7790ed5
core: start USB after booting apps
...
This prevents a race condition where sometimes an Initialize message
could arrive before the homescreen was fully booted -- and Recovery
homescreen would cancel it as part of its bootup sequence.
2020-06-04 16:18:46 +02:00
matejcik
70f67883c5
core: fix artifacts in click-based UI tests
2020-06-04 16:18:46 +02:00
matejcik
a9d8fd3992
core: debuglink interface avoids workflow management
...
This will have unintended consequences if you call a wirelink function
on the debulink interface. TT allows this ... and will behave badly.
2020-06-04 16:18:46 +02:00
matejcik
bc9247e18d
core: add Cancel to a list of allowed messages while locked
2020-06-04 16:18:46 +02:00
matejcik
f32c2f9e23
core: replace workflow.kill_default with workflow.close_others
2020-06-04 16:18:46 +02:00
matejcik
01832d5ae9
core: call close_others() in place of ButtonRequest
...
this makes sense, really: close_others() requests UI exclusivity, and
that is something that generally happens at the same places we emit a
ButtonRequest
2020-06-04 16:18:46 +02:00
matejcik
6f53ca0ac6
core: rework wait_layout()
...
The original wait_layout was unreliable, because there are no guarantees
re order of arrival of the respective events. Still, TT's event handling
is basically deterministic, so as long as the host sent its messages
close enough to each other, the order worked out.
This is no longer the case with the introduction of loop.spawn: TT's
behavior is still deterministic, but now ButtonAck is processed *before*
the corresponding wait_layout, so the waiting side waits forever.
In the new process, the host must first register to receive layout
events, and then receives all of them (so the number of calls to
wait_layout must match the number of layout changes).
DebugLinkWatchLayout message must be version-gated, because of an
unfortunate collection of bugs in previous versions wrt unknown message
handling; and this interests us because upgrade-tests are using
wait_layout feature.
2020-06-04 16:18:46 +02:00
matejcik
5d823ff5ea
core: use ButtonRequestType.PinEntry for PIN entry
2020-06-04 16:18:46 +02:00
matejcik
bbfce4e303
common: introduce ButtonRequestType.PinEntry
2020-06-04 16:18:46 +02:00
matejcik
3dbd9c9eca
core/loop: prevent finalizers from doing things when task is closed externally
2020-06-04 16:18:46 +02:00
matejcik
42e7c43c7c
core: make sure that auto-lock shuts down running workflows
2020-06-04 16:18:46 +02:00
matejcik
2d0206c043
core: replace workflow.on_start/on_close with workflow.spawn
2020-06-04 16:18:46 +02:00
matejcik
02565f3bfb
core/loop: introduce spawn syscall
2020-06-04 16:18:46 +02:00
matejcik
a4f47ddd21
core/lockscreen: ignore exception when user taps "unlock" and then cancels
2020-06-04 16:18:46 +02:00
matejcik
7ff1251ee1
core: dim lockscreen ( fixes #974 )
2020-06-04 16:18:46 +02:00
matejcik
4035aad51b
core: implement auto-lock after a configurable timeout ( fixes #75 )
2020-06-04 16:18:46 +02:00
matejcik
67b723e4ca
core: add a global idle timer
2020-06-04 16:18:46 +02:00
Andrew Kozlik
5469acfabf
core/webauthn: Cache user verification for 3 minutes.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
b867ac1d01
core/webauthn: Implement FIDO2 unlocking from softlock.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
0f81886c9f
core/webauthn: Allow confirm_dialog() to return a new state as an alternative to the user response.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
c8ae5c157e
core/webauthn: Implement U2F unlocking from softlock.
2020-06-04 16:18:46 +02:00
matejcik
06aed7135a
core: do not prompt for PIN just to lock the device again
2020-06-04 16:18:46 +02:00
matejcik
2cedc687e6
core: disable trezor-crypto BIP32 cache
2020-06-04 16:18:46 +02:00
matejcik
246998910a
core: refactor usage of input_signals
...
this prevents a certain class of UI test failure. It also localizes the
use of debuglink signals into the layout classes instead of call sites,
which is a design we were already using for confirm_signals
2020-06-04 16:18:46 +02:00
matejcik
afeeafd5cd
core: hide some fields when softlocked
2020-06-04 16:18:46 +02:00
matejcik
b9bd9ea3d0
core: only softlock when PIN is set
2020-06-04 16:18:46 +02:00
matejcik
a9ddc2a8e2
core/boot: modify initial lockscreen label
2020-06-04 16:18:46 +02:00
matejcik
09af8aed4e
core: consider lockscreen to be a separate homescreen
...
this involves some changes to the workflow defaults:
* workflow.start_default() takes no arguments
* workflow.set_default() (originally replace_default) configures the
default that will be started by next call to start_default().
The intended usecase is to set_default() first and then start it
separately.
* apps.base.set_homescreen() factors out the logic originally in
main.py, that decides which homescreen should be launched. This uses
set_default() call. start_default() is then used explicitly in main.py
2020-06-04 16:18:46 +02:00
matejcik
d73480bc9d
core: introduce PIN soft-locking
2020-06-04 16:18:46 +02:00
matejcik
04c8b2803d
core: refactor homescreen app, include lockscreen in it
2020-06-04 16:18:46 +02:00
matejcik
9197623d83
core: factor out the decision whether to lock the device
2020-06-04 16:18:46 +02:00
matejcik
0600d87c8c
common: rename ClearSession to LockDevice, introduce EndSession
2020-06-04 16:18:46 +02:00
matejcik
32fcc4ad9c
core: make verify_user_pin accept a Context argument
2020-06-04 16:18:46 +02:00
matejcik
8ca7ffc3b8
core: use wire.PinCancelled/PinInvalid instead of custom versions
...
also refactor show_pin_invalid and its usages so that it raises directly
note that we are now using PinCancelled instead of ActionCancelled where
appropriate
2020-06-04 16:18:46 +02:00
matejcik
eabfcab9b9
core: add default messages to some error codes
2020-06-04 16:18:46 +02:00
matejcik
341c5b7d10
core/wire: make handler lookup pluggable
2020-06-04 16:18:46 +02:00
matejcik
837c4df61f
core: expose storage_is_unlocked() as config.is_unlocked()
2020-06-04 16:18:46 +02:00
matejcik
87433995b0
core: add BITCOIN_ONLY to mock file
2020-06-04 16:18:46 +02:00
matejcik
d5e45c02bb
core: move base functions from "homescreen" app to "base"
2020-06-04 16:18:46 +02:00
Tomas Susanka
8859d103f4
core, legacy: bump versions
2020-06-03 15:39:25 +00:00
Tomas Susanka
e2629eb921
core, legacy: update Changelogs to reflect the release
2020-06-03 15:35:30 +00:00
matejcik
bd5b3a3f21
common: drop Theta and VeChain ERC tokens, refresh market caps
...
fixes #1022
fixes #1023
2020-05-29 12:12:30 +02:00
matejcik
5209804fc3
core: relax path checks on GetPublicKey
...
(cherry picked from commit 554d8949f5
)
2020-05-27 06:58:30 +00:00
matejcik
554d8949f5
core: relax path checks on GetPublicKey
2020-05-27 08:56:50 +02:00
matejcik
d59ffe553f
make gen
2020-05-25 16:14:05 +02:00
Ondřej Vejpustek
24ceb0ab6b
crypto/bignum: change limb size to 29, add tests
2020-05-24 14:36:38 +00:00
Andrew Kozlik
cb32ae2e4b
core/tests: add request_meta queries to unit tests (needed for transaction streaming)
2020-05-24 14:36:38 +00:00
Andrew Kozlik
42eddf8e04
core/sign_tx: validate prevout amount in all cases
2020-05-24 14:36:38 +00:00
Andrew Kozlik
7db3e930d4
core/sign_tx: Add further message sanitization checks.
2020-05-24 14:36:37 +00:00
matejcik
72ef86d79a
all: enable extra_data for komodo
2020-05-24 14:36:37 +00:00
matejcik
7a3637d5b0
core/sign_tx: add checks for version_group_id and branch_id fields
2020-05-24 14:36:37 +00:00
Ondrej Mikle
b01b24f090
core: change startup firmware file from .s to .S which enables preprocessing and fixes TT boot
2020-05-24 12:28:38 +02:00
Tomas Susanka
675ff459db
core, legacy: update changelogs
2020-05-22 11:55:55 +00:00
Tomas Susanka
9dfc08ca61
core/bitcoin: drop decred_script_version
2020-05-21 19:14:39 +02:00
matejcik
eeb46eabca
common: refresh token list
2020-05-21 13:29:13 +02:00
matejcik
2f665c8f84
core: add exception to GetPublicKey for PSBT master fingerprint ( fixes #999 )
2020-05-21 13:26:53 +02:00
Ondrej Mikle
10f0f107e0
core: Adds T1 core port FW flashing options for for openocd and jlink
2020-05-21 10:05:12 +02:00
Ondrej Mikle
0d65d684f0
core: T1 port can run on T1 bootloader with MEMORY_PROTECT=0
2020-05-21 08:49:59 +02:00
Tomas Susanka
a2f790167d
core/bitcoin: fix step 1 and 2 comments in signing
2020-05-19 12:58:45 +00:00
Tomas Susanka
1ac0f60550
core: update isort config to place relative imports last
2020-05-18 14:31:51 +02:00
Tomas Susanka
aa115b6320
core: move decred writers to decred.py
2020-05-18 14:31:51 +02:00
Tomas Susanka
3084ee1eed
core/bitcoin: move write_bitcoin_varint to common writers
2020-05-18 14:31:51 +02:00
Tomas Susanka
445f56d387
core/bitcoin: finalize bitcoin refactor
...
- core/bitcoin: move common files to the app's root
- core/bitcoin: use require_confirm instead of confirm
- core: move bitcoin unrelated functions from 'bitcoin' to a new 'misc' app
- core/bitcoin: use relative imports inside the app
- core: rename wallet app to bitcoin
- core/wallet: replace SigningErrors and the other exception classes with wire.Errors
2020-05-18 14:31:51 +02:00
matejcik
aa52fc3903
core/extmod: drop unused rfc6979 module
2020-05-18 14:31:00 +02:00
matejcik
050936d0d7
core: enable finalizers on extmod classes
2020-05-18 14:31:00 +02:00
matejcik
123b07e3ad
core: drop support for pre-registering keychain namespaces
2020-05-15 16:30:41 +02:00
matejcik
3e06f4779a
core/tests: add new keychain tests
2020-05-15 14:08:29 +02:00
matejcik
de9e73dcbc
core/tests: update unit tests for new keychain API
2020-05-15 14:08:29 +02:00
matejcik
f3f6e2101a
core/cardano: explanation about seed derivation
2020-05-15 14:08:29 +02:00
matejcik
a31b2cd1bc
core/wallet: implement keychain for apps.wallet
2020-05-15 14:08:29 +02:00
matejcik
0dff3853a7
core/ethereum: introduce custom keychain decorators
2020-05-15 14:08:29 +02:00
matejcik
b594248ac2
core: use new keychain decorators where appropriate
2020-05-15 14:08:29 +02:00
matejcik
fd9e945308
core/cardano: use caching decorators and new Keychain API for Cardano as well
2020-05-15 14:08:29 +02:00
matejcik
7541d529a3
core: refactor keychain API, introduce SLIP44 decorator
2020-05-15 14:08:29 +02:00
matejcik
8c4cb58098
core: introduce caching decorators
2020-05-15 14:08:29 +02:00
matejcik
63dfcb17a7
core: make mypy happy about importing fatfs
2020-05-15 14:08:29 +02:00
matejcik
7f2e7b0003
core: add Ethereum constants to mocks
2020-05-15 14:08:29 +02:00
Pavol Rusnak
6704ed86a1
Merge pull request #995 from trezor/omikle/t1-core-port
...
core port to Trezor One
2020-05-14 16:48:18 +02:00
Ondrej Mikle
7eddafe487
core: better formatting for common parts of T1 and TT header
2020-05-14 16:10:42 +02:00
Ondrej Mikle
c4c341b3f9
core: setup stack when running core on T1
2020-05-14 12:46:25 +02:00
Dusan Klinec
6b8fc9c894
xmr: major protocol upgrade, CLSAG support added
...
- CLSAG signature scheme added
- type hints added
xmr: optimize protocol, send only required data
- real_out_additional_tx_keys contains only one element as nothing more is needed during signature
- only src_entr.outputs[index] is HMACed and always present. Other outputs are present only if needed which reduces comm and CPU overhead.
- getting rid of subaddresses dictionary (memory requirements), now subaddr indices are present per source entry so keys are computed when needed
xmr: prepare for permutation sending removal, specify index
- specify source entry ordering index prior sorting by key images as original HMAC keys are generated based on these.
- permutation checked just by valid HMACs, size of the set, key image sort order
- sending permutation is now deprecated, will be removed in the following protocol versions
- more strict state transition checks, guard strict check with respect to steps ordering
2020-05-13 11:13:19 +02:00
Tomas Susanka
25d2d130a0
tests: use maxfail
option for fido2 tests
2020-05-12 09:48:23 +00:00
Ondrej Mikle
fb5a220b46
core: use legacy sign script for T1 core port binary to be flashable
2020-05-11 18:05:46 +02:00
Ondrej Mikle
e429085e96
core: copy firmware header for T1 port into final binary
2020-05-11 17:33:47 +02:00
Ondrej Mikle
d8115a7992
core: firmware header for T1 port
2020-05-11 15:43:43 +02:00
Tomas Susanka
53c43ac305
core/tests: initialize emu with slip14 before running fido2 test suite
2020-05-06 14:36:04 +00:00
Andrew Kozlik
3de565c33c
core/sign_tx: In write_tx_header() rename has_segwit parameter to witness_marker and clarify usage.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
846116a666
core/sign_tx: Improve comments.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
7370077d0c
core/sign_tx: Get rid of internal TxOutputBinType messages.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
9f9618944a
core/sign_tx: Explicitly pass script to write_tx_input() instead of setting it in txi.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
04bdf1dc6c
core/sign_tx: Remove unused index parameters.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c9814e50ba
core/sign_tx: Set decred_script_version to 0 by default for decred coins.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
dccf415e0b
core/sign_tx: Add write_tx_output() to signer class and override it in Decred.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
bdd1d25979
core/sign_tx: Require change-outputs to be for a non-zero amount.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d5faeb3f51
core/sign_tx: Clarify sign_nonsegwit_input().
2020-05-06 13:18:32 +02:00
matejcik
9005093435
core/sign_tx: improve documentation on MatchCheckers
2020-05-06 13:18:32 +02:00
matejcik
0209768ff2
core/sign_tx: improve type hints
2020-05-06 13:18:32 +02:00
matejcik
ff41e5c304
core/sign_tx: improve signer selection readability
2020-05-06 13:18:32 +02:00
Andrew Kozlik
8b89a30955
core/sign_tx: Remove get_prevouts_hash(), get_sequence_hash(), get_outputs_hash() methods from signer classes, because they are only used internally.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
22933587be
core/sign_tx: Merge bip143 classes into signer classes.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
6ad3baeab2
core/sign_tx: Refactor BIP-143 signing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d58cd3987b
core/sign_tx: Minor updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be39f271b0
core/sign_tx: Rework transaction footer writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
b60f267da9
core/sign_tx: Rework transaction header writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c1effcc374
core/sign_tx: Updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c2a0f83558
core/sign_tx: Move script derivation to scripts module.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d0b80bddc8
core/tests: Fix unit tests after sign_tx refactor.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be7e98aa47
core/sign_tx: Move Bitcoin class to bitcoin.py.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
a07e125793
core/sign_tx: Consolidate wallet path and multisig fingerprint checking.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
27e6720f3d
core/sign_tx: cleanup
2020-05-06 13:18:32 +02:00
Andrew Kozlik
987b70f1f5
core/sign_tx: Move header prepending up by one level.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
2ceb091d68
core/sign_tx: Use a preallocated buffer for transaction serialization.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
555259d6a9
core/sign_tx: Remove last_output_bytes in Decred, which is no longer needed.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
f1801764a1
core/sign_tx: Fix segwit/non-segwit input interleaving bug.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
514f2ac649
core/sign_tx: Refactor to use template method.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
95fad83024
core/sign_tx: Derive Zip143 and DecredPrefixHasher from Bip143.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
e9900df18d
core/sign_tx: Move Overwintered class to zcash.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
60dbec95ac
core/sign_tx: Reuse get_prevtx_output_value() in Decred.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
2b74513e49
core: Fix mypy.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
50c08274b9
core/sign_tx: Move overwintered functionality to separate class.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c190eed7fc
core/sign_tx: Move non-Bitcoin functionality to Bitcoinlike class.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
613c81ea66
core/sign_tx: Refactor wallet_path functions and input_check_multisig_fingerprint.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
0d9984671e
core/sign_tx: Fix typing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
79c60615de
core: Fix typing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
ba8b34b2d7
core: Refactor signing.
2020-05-06 13:18:32 +02:00
Pavol Rusnak
066866488b
core: add temporary "src1" folder
2020-05-04 16:00:29 +00:00
matejcik
a623799a11
core: remove f-strings from headertool (python 3.5 compatibility)
2020-05-04 11:29:03 +02:00
Pavol Rusnak
25cc836660
core/extmod: fix build of modtrezorui when TREZOR_MODEL is set to '1'
2020-04-30 15:07:26 +00:00
Tomas Susanka
20d66adddd
core: disable passphrase_always_on_device when turning off passphrase
2020-04-28 14:54:18 +02:00
Tomas Susanka
47f104bceb
core, legacy: bump versions
2020-04-24 17:12:20 +00:00
Pavol Rusnak
4b5a84eab7
core+legacy: update changelogs
2020-04-16 14:20:18 +02:00
Ondřej Vejpustek
c461692f3a
core: implement random delay interrupts
2020-04-16 11:51:28 +02:00
Ondřej Vejpustek
d5bfe6b32f
crypto: add chacha_drbg
2020-04-16 11:51:28 +02:00
matejcik
72cde5a57d
core: disallow parsing options after command ( fixes #951 )
2020-04-16 11:24:15 +02:00
matejcik
5885978c83
Merge branch 'release/2020-04'
2020-04-15 15:00:23 +02:00
Andrew Kozlik
9e4a8ca785
core/webauthn: Improve error codes for uninitialized device. Return ERR_OPERATION_DENIED only upon user decline or timeout, otherwise it cancels the operation on all connected authenticators.
2020-04-14 12:24:17 +02:00
matejcik
2ccebd3175
core: raise SystemExit when exitting emulator (now that sys.exit is removed)
2020-04-14 10:17:37 +02:00
matejcik
4bddeefea0
core: unify mpconfigports for emulator and board
...
Changes in firmware/mpconfigport.h are minimal:
* $VFS_FAT is dropped because it is irrelevant without $VFS
* $REVERSE_SPECIAL_METHODS is added, to push down on code size
* $THREAD is disabled unconditionally
unix/mpconfigport.h is reordered and modified to match
firmware/mpconfigport.h as much as possible, while selectively enabling
some needed features.
Notably, $USE_READLINE is enabled unconditionally
2020-04-14 10:17:37 +02:00
matejcik
d0f709b8cc
core: fix and use MAKEMODULEDEFS instead of explicit registration
2020-04-14 10:17:37 +02:00
matejcik
a6976355c3
core: remove readline from built firmware
2020-04-14 10:17:37 +02:00
Dusan Klinec
25b6e9058f
xmr: proto - add fields for protocol optimization
2020-04-13 22:19:56 +02:00
Andrew Kozlik
bc4e8eaa16
core/webauth: Update readme with Ed25519 algorithm and certificates.
2020-04-09 21:05:28 +02:00
Pavol Rusnak
197218338a
Merge pull request #936 from trezor/rework-serialize-deserialize
...
crypto: rework serialize/deserialize API
2020-04-09 09:53:23 +02:00
matejcik
eec0615444
core: drop sys.pyi from mocks ( fixes #934 )
...
A change introduced in mypy 0.770 disallows overriding some system
modules, including `sys`.
We only need the override for `sys.print_exception`, and the simplest
solution is to make mypy ignore that particular call.
2020-04-08 11:19:26 +02:00
Andrew Kozlik
c57bc62a05
core/tools: Add attestation certificate generator for FIDO2.
2020-04-06 18:29:05 +02:00
Andrew Kozlik
fca92d7344
core/webauthn: Update attestation certificate to comply with WebAuthn requirements.
2020-04-06 18:29:05 +02:00
Pavol Rusnak
a7806d08d7
core/crypto: remove unused bip32.deserialize function
2020-04-06 18:04:24 +02:00
Pavol Rusnak
1695228d80
core/crypto: remove unused serialize_private function
2020-04-06 15:49:36 +00:00
Pavol Rusnak
f07ff17fad
core/crypto: add missing field to Blake2b constructor
2020-04-06 12:28:36 +00:00
Andrew Kozlik
25a39ea729
core/webauthn: Fix handling of interleaving frames to comply with the U2F HID specification.
2020-04-06 09:53:42 +02:00
jagdeep sidhu
e58c5f63d5
common/defs: update SYS ( #928 )
2020-04-02 00:22:47 +02:00
Tomas Susanka
0b7a8449f8
core: style
2020-03-30 16:04:05 +00:00
Tomas Susanka
bf20537f41
core: add option to omit cancel button in HoldToConfirm; add it to reset
2020-03-30 16:00:12 +00:00
Pavol Rusnak
336a417233
core/bootloader: distinguish between a vendor change and downgrade with wipe
2020-03-25 15:15:12 +01:00
Andrew Kozlik
8ae0535e69
core/webauthn: Fix attestation statement format to use a list in the x5c field.
2020-03-24 16:18:37 +01:00
Tomas Susanka
aa71c20f2c
core: require hold to confirm
2020-03-24 09:20:10 +00:00
Ondrej Mikle
634ed5aabc
core: commands for flashing via JLink ( #911 )
2020-03-23 10:40:06 +01:00
Tomas Susanka
025436db47
core/changelog: add FIDO2's Ed25519
2020-03-23 08:00:31 +00:00
Tomas Susanka
f786d75a6f
core: drop obsolete check for ANYONECANSPEND segwit outputs
2020-03-20 14:19:31 +00:00
Tomas Susanka
d0d41c884e
legacy: move script type checks to separate functions and unify with core
2020-03-20 14:19:31 +00:00
matejcik
bd9e15bb8c
core/tests: add unit tests for prevhash writers
2020-03-20 14:19:31 +00:00
matejcik
a9faa4d4ab
core/tests: fix inline variant of assertRaises
...
otherwise code like the following would fail:
>>> self.assertRaises(AssertionError, ensure, False)
because the AssertionError raised internally by `ensure` would be
conflated with the AssertionError raised by the tested function
2020-03-20 14:19:31 +00:00
matejcik
da89a17ce5
all: add checks for prev_hash size
2020-03-20 14:19:31 +00:00
matejcik
c15519f707
core/sign_tx: modify get_tx_header to avoid writing unchecked bytes
2020-03-20 14:19:31 +00:00
matejcik
9cab61fbd3
core/sign_tx: remove write_bytes_unchecked where appropriate
2020-03-20 14:19:31 +00:00
matejcik
27f6306e1d
core: introduce safer write_bytes functions
2020-03-20 14:19:30 +00:00
matejcik
9a5f6b025a
core/tezos: factor out writing Michelson instructions
2020-03-20 14:19:30 +00:00
matejcik
694f714719
core/ripple: rename write_bytes to avoid name collision
2020-03-20 14:19:30 +00:00
Tomas Susanka
64584e271c
legacy, core: add and unify validation checks
2020-03-20 14:19:30 +00:00
matejcik
ffdb299c61
all: drop Capricoin support [NO BACKPORT]
2020-03-20 14:19:30 +00:00
matejcik
adea7d6b35
all: make timestamp mandatory on timestamp-enabled coins
2020-03-20 14:19:07 +00:00
matejcik
e2035b4972
all: drop Horizen and BIP-115 support [NO BACKPORT]
2020-03-20 14:19:07 +00:00
matejcik
6f9c6361ea
core: remove negative_fee and cashaddr_prefix from bitcoin-only fw
2020-03-20 14:18:27 +00:00
matejcik
7d5771911c
core: flip condition for force_bip143
...
this should be equivalent because Bitcoin does not have force_bip143 set
2020-03-20 14:18:27 +00:00
matejcik
ed464f3d47
all: ensure expiry, timestamp and extra_data are blocked as appropriate
2020-03-20 14:18:27 +00:00
matejcik
27803ee8c1
all: drop overwintered field from transaction
2020-03-20 14:18:27 +00:00
matejcik
c9fd3f77a5
all: add overwintered field to coin specification
2020-03-20 14:18:27 +00:00
Pavol Rusnak
817b922850
all: add extra_data and timestamp fields to coin specification
2020-03-20 14:18:27 +00:00
matejcik
136307bcae
core: propagate coin info to all sanitize functions
2020-03-20 14:17:44 +00:00
matejcik
303c05aba7
core/sign_tx: check if prev_tx has enough outputs to match prev_index
2020-03-20 14:17:44 +00:00
Andrew Kozlik
a34637c0f2
core/sign_tx: Check multisig fingerprint before signing inputs.
2020-03-20 14:17:44 +00:00
Tomas Susanka
163220e4b7
core/wallet: properly check decred input
2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
6274cfdf8b
core: remove unreachable zcash code
2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
d61181d7e8
core: fix transaction header for mixed segwit inputs
2020-03-20 14:17:44 +00:00
Tomas Susanka
f0a39df75d
core/wallet: check inputs and outputs right after receiving them
2020-03-20 14:17:44 +00:00
Tomas Susanka
0903159d9b
core, legacy: make sure OPRETURN ouput is not marked as change
2020-03-20 14:17:44 +00:00
Tomas Susanka
4af9aa547e
core: forbid unnecessary fields in OPRETURN output
2020-03-20 14:17:44 +00:00
Andrew Kozlik
d800fcbf9f
core/sign_tx: If there is a non-multisig input, then change output cannot be multisig.
...
(cherry picked from commit 8eb6ce0899
)
2020-03-20 14:17:44 +00:00
Andrew Kozlik
b3cd760df0
core/webauthn: Disable CTAPHID_WINK function.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
e5008eb332
core/webauthn: Remove indistinguishable credentials from the allow list.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
cda9de8dd1
core/webauthn: Add maxCredentialCountInList and maxCredentialIdLength to authenticatorGetInfo response.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
0af0e06d5b
core/webauthn: Truncate names in credential data to at most 100 bytes.
2020-03-20 15:07:06 +01:00
matejcik
ccffefd667
core/boot: do not catch OSError in boot wait
2020-03-20 14:03:28 +01:00
matejcik
f6f041e269
core/sdcard: also catch OSError in the formatting phase
2020-03-20 14:03:28 +01:00
matejcik
3a71a5a05c
core/sdcard: show "Wrong SD card" when unlocking SD protect with unformatted card
2020-03-20 14:03:28 +01:00
matejcik
3789a3372b
core/sdcard: modify exception handling in fatfs
...
expose ff.c constants, raise them as arguments to FatFSError
introduce NotMounted and NoFilesystem as subclasses of FatFSError with
the appropriate error code set
2020-03-20 14:03:28 +01:00
Andrew Kozlik
8ee0026637
core: Allow PIN entry even when SD protect is enabled and the card is not present.
2020-03-19 15:04:33 +01:00
Andrew Kozlik
bfd834d1de
storage: Add storage_ensure_not_wipe_code().
2020-03-19 15:04:33 +01:00
Konnor Klashinsky
70a1f957ed
Fix BackupDevice layout on 18-word seed wallets
2020-03-13 13:41:04 +13:00
Andrew Kozlik
2f905a1157
core/webauthn: Add algorithm and curve to WebAuthnListResidentCredentials response.
2020-03-12 15:45:26 +01:00
Andrew Kozlik
f610787f8d
core/webauthn: Clean up bytes/bytearray typing around uctypes.
2020-03-12 15:45:26 +01:00
Andrew Kozlik
e378820f7f
core/webauthn: Implement support for Ed25519 signatures in FIDO2.
2020-03-12 15:45:26 +01:00