Andrew Kozlik
b65f61650a
config: Set usbTiny whenever there is a possibility that protectPinUiCallback() may be called.
2019-02-25 13:54:44 +01:00
Andrew Kozlik
2482e11112
protect: check old PIN before requesting new PIN
2019-02-23 17:55:42 +01:00
Andrew Kozlik
ae0395f0f4
protect: Update protectPinUiCallback() to show arbitrary message.
2019-02-23 17:55:16 +01:00
Pavol Rusnak
7e82f27553
protect: make waiting UI more sexy
2019-02-19 15:32:18 +01:00
Pavol Rusnak
d95112ba05
firmware/protect: show progressbar in verifying pin dialog
...
+ update trezor-storage
2019-02-18 19:58:47 +01:00
Andrew Kozlik
0e48a1a39a
Fix spaces/tabs so that a single convention is used in each file.
2019-02-15 15:13:06 +01:00
andrew
ae48b528a9
config: Rename session_isPinCached() to session_isUnlocked(). Change GetFeatures to always return pin_cached=false if PIN is not set, in order to maintain the same behavior as before.
2019-02-15 15:13:05 +01:00
andrew
c592a09459
protect.c: Display 'Verifying PIN' instead of 'Wrong PIN entered' in the PIN_UI_WAIT_CALLBACK.
2019-02-15 15:13:05 +01:00
andrew
7b0f5e031d
config: Change config_get*() functions to return status of the get operation.
2019-02-15 15:13:05 +01:00
andrew
03e9ea4f5c
Support interruption of the PIN wait dialog by Cancel and Initialize messages.
2019-02-15 15:13:05 +01:00
andrew
e49e84ea5a
Reorder storage keys in config.c to correspond with trezor-core and add KEY_INITIALIZED. Add CHECK_PIN to fsm_msgApplyFlags() and to other fsm_msg functions in order to unlock storage. Improve error handling in reset.c and recovery.c.
2019-02-15 15:13:05 +01:00
andrew
247337c63d
Do not lock after wipe. Fix protectPinUiCallback() to correctly display '0 seconds' when wait is 0.
2019-02-15 15:13:05 +01:00
andrew
4f32cb5083
firmware: integrate trezor-storage
2019-02-15 15:12:53 +01:00
Pavol Rusnak
79779f4da6
replace all usage of memset(_, 0, _) with memzero
2019-01-23 17:00:01 +01:00
matejcik
c17cec93f7
firmware: use flattened protobuf symbols
2018-09-06 18:47:36 +02:00
Pavol Rusnak
0febd07dfc
firmware: update code to use new nested messages in trezor-common
2018-07-10 17:21:11 +02:00
Pavol Rusnak
a685462ee5
firmware: refactor last change in protect.c
2018-06-06 14:45:50 +02:00
Pavol Rusnak
df0bad4f09
firmware: introduce protectAbortedByCancel
2018-06-05 22:38:39 +02:00
Jochen Hoenicke
0127c1a374
Add function storage_getPinWait
2018-03-29 01:16:46 +02:00
Jochen Hoenicke
c09590b54d
Cleaner flash handling using FLASH_PTR
...
Use `FLASH_PTR` macro to convert a flash address to a const pointer.
For real hardware it is just a cast, for emulator we subtract the
`FLASH_ORIGIN` and use it as index into the memory mapped flash file.
Make write access to flash with volatile pointers
Also use FLASH_PTR in DebugMemory* for now. This allows for reading and
writing the flash in the emulator or just crash it by reading outside
the flash...
2018-03-29 01:16:46 +02:00
Pavol Rusnak
7834eaba26
protect: passphrase is optional
2018-02-27 15:41:02 +01:00
Pavol Rusnak
7fa8ae136f
firmware: implement behaviour of state (still missing in PassphraseAck)
2018-02-24 17:26:57 +01:00
Pavol Rusnak
bd660655ee
introduce and use memzero instead of explicit_bzero
2018-01-18 15:21:48 +01:00
Pavol Rusnak
4a2d68acb9
use explicit_bzero where possible; update trezor-crypto
2018-01-16 19:49:47 +01:00
Pavol Rusnak
f22c849767
storage: rework storage_commit into storage_update
2017-12-12 16:28:42 +01:00
Pavol Rusnak
57bbcc754a
storage: make storage accessible only via functions
...
add calls also for debug build and use them in fsm
2017-12-12 16:28:42 +01:00
Pavol Rusnak
41901a8056
firmware: rework protectChangePin
...
bootloader: wait for flash operation to finish
2017-12-12 12:51:08 +01:00
Pavol Rusnak
18d8cb3c56
add project website (trezor.io) to license header
2017-11-05 17:47:23 +01:00
Jochen Hoenicke
33ed08ec32
Fix check for max try and add another check before
2017-07-31 13:13:49 +02:00
Pavol Rusnak
45ca9bd583
protect: change wording
2017-07-31 02:35:53 +02:00
Pavol Rusnak
c778d7b9c3
storage: wipe storage after 15 wrong pins
2017-07-31 02:26:28 +02:00
Pavol Rusnak
73708aa47e
refactor recovery.is_same_mnemonic function to storage_containsMnemonic
2017-06-26 15:44:01 +02:00
Pavol Rusnak
c6fd70b471
gettext: mark localizable strings as proof-of-concept
2017-06-18 22:47:32 +02:00
Pavol Rusnak
00f6312a81
rename failures, unify strings where possible
2017-06-18 21:19:21 +02:00
Saleem Rashid
25b9bfd97b
timer: Use Cortex-M3 SysTick timers
...
Removed `usbDelay(uint32_t cycles)`, added `usbSleep(uint32_t millis)`
The same method signature could cause silent code breakage at runtime,
as opposed to noisy code breakage at compile time which is the better
kind.
2016-11-17 02:07:46 +01:00
Pavol Rusnak
5e57a1ceaf
Merge branch 'u2f'
2016-06-12 22:53:28 +02:00
Pavol Rusnak
b1e3c52b08
remove DialogIcon enum, use bitmap structure directly
2016-06-08 19:20:07 +02:00
Jochen Hoenicke
73e7d82e3f
Allow initialize() to abort PIN wait
2016-05-28 16:24:14 +02:00
Jochen Hoenicke
053fe7cb66
Remove Cancel Option
...
U2F doesn't allow cancellation on device.
Also fix button state in protect. This fixes the following bug:
1. wipe device
2. press and hold right button, click left button to cancel.
3. release all buttons.
4. wipe device again, now automatic.
2016-05-24 01:59:37 +02:00
Jochen Hoenicke
68b34af19e
More standard conform behaviour
...
Tested with u2f-ref-code/u2f-tests.
Known incompatibility:
- changed challenge invalidates button press.
2016-05-24 01:16:55 +02:00
Jochen Hoenicke
da98a3a6fd
Don't reflash storage after each PIN entry
...
Instead of reflashing the whole storage, we use a designated area
in the second storage block, where we mark each PIN failure by a
single zero bit. This is because one can set bits in flash to zero but
not to one. If the PIN was entered successfully the whole word is
set to zero and the next word stores the new PIN failure counter.
2016-04-27 18:39:04 +02:00
Jochen Hoenicke
218b9984bb
New usbDelay that delays and handles USB requests
...
Added usbDelay that polls usb port (for system requests) while delaying.
This is called instead of delay in the button and pin delay functions.
Experimental evaluation gave that the cycle count should be roughly divided
by 28.5.
2015-04-29 19:10:48 +02:00
Pavol Rusnak
7d8fb375f0
seconds counter during pin lockdown
2015-04-16 18:16:30 +02:00
Jochen Hoenicke
286ee0525c
PIN handling - constant time.
...
This diff contains three changes.
1. Make timing isPinCorrect independent of storage.pin, to avoid timing attacks
2. Only update failed PIN counter if the user entered a PIN.
Of course, the fail counter is still incremented, before the PIN is checked.
3. Don't cache the PIN, but just the fact that the PIN was entered. The
cache should be in sync with storage.pin in any case.
2015-02-22 15:42:31 +01:00
Pavol Rusnak
40efefc571
rework pin handling
2015-01-27 13:00:25 +01:00
Pavol Rusnak
012d38a9a0
increasePinFails before asking PIN
2015-01-26 21:41:43 +01:00
Pavol Rusnak
849e758eb4
double the delay before buttonupdate
2014-06-26 00:26:47 +02:00
Pavol Rusnak
465ec2104b
throw UnexpectedMessage failure on unknown messages
2014-06-06 02:45:15 +02:00
Pavol Rusnak
2b68813a4c
adjust script_sig size for use with multisig
...
adjust delays used when wrong pin is entered
2014-06-04 18:00:35 +02:00
Pavol Rusnak
d7169a342c
fix initialize handling in interactive mode
2014-05-20 15:37:58 +02:00