1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-24 07:18:09 +00:00
Commit Graph

913 Commits

Author SHA1 Message Date
matejcik
136307bcae core: propagate coin info to all sanitize functions 2020-03-20 14:17:44 +00:00
matejcik
303c05aba7 core/sign_tx: check if prev_tx has enough outputs to match prev_index 2020-03-20 14:17:44 +00:00
Andrew Kozlik
a34637c0f2 core/sign_tx: Check multisig fingerprint before signing inputs. 2020-03-20 14:17:44 +00:00
Tomas Susanka
163220e4b7 core/wallet: properly check decred input 2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
6274cfdf8b core: remove unreachable zcash code 2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
d61181d7e8 core: fix transaction header for mixed segwit inputs 2020-03-20 14:17:44 +00:00
Tomas Susanka
f0a39df75d core/wallet: check inputs and outputs right after receiving them 2020-03-20 14:17:44 +00:00
Tomas Susanka
0903159d9b core, legacy: make sure OPRETURN ouput is not marked as change 2020-03-20 14:17:44 +00:00
Tomas Susanka
4af9aa547e core: forbid unnecessary fields in OPRETURN output 2020-03-20 14:17:44 +00:00
Andrew Kozlik
d800fcbf9f core/sign_tx: If there is a non-multisig input, then change output cannot be multisig.
(cherry picked from commit 8eb6ce0899)
2020-03-20 14:17:44 +00:00
Andrew Kozlik
b3cd760df0 core/webauthn: Disable CTAPHID_WINK function. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
e5008eb332 core/webauthn: Remove indistinguishable credentials from the allow list. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
cda9de8dd1 core/webauthn: Add maxCredentialCountInList and maxCredentialIdLength to authenticatorGetInfo response. 2020-03-20 15:07:06 +01:00
Andrew Kozlik
0af0e06d5b core/webauthn: Truncate names in credential data to at most 100 bytes. 2020-03-20 15:07:06 +01:00
matejcik
ccffefd667 core/boot: do not catch OSError in boot wait 2020-03-20 14:03:28 +01:00
matejcik
f6f041e269 core/sdcard: also catch OSError in the formatting phase 2020-03-20 14:03:28 +01:00
matejcik
3a71a5a05c core/sdcard: show "Wrong SD card" when unlocking SD protect with unformatted card 2020-03-20 14:03:28 +01:00
matejcik
3789a3372b core/sdcard: modify exception handling in fatfs
expose ff.c constants, raise them as arguments to FatFSError

introduce NotMounted and NoFilesystem as subclasses of FatFSError with
the appropriate error code set
2020-03-20 14:03:28 +01:00
Andrew Kozlik
8ee0026637 core: Allow PIN entry even when SD protect is enabled and the card is not present. 2020-03-19 15:04:33 +01:00
Andrew Kozlik
bfd834d1de storage: Add storage_ensure_not_wipe_code(). 2020-03-19 15:04:33 +01:00
Konnor Klashinsky
70a1f957ed
Fix BackupDevice layout on 18-word seed wallets 2020-03-13 13:41:04 +13:00
Andrew Kozlik
2f905a1157 core/webauthn: Add algorithm and curve to WebAuthnListResidentCredentials response. 2020-03-12 15:45:26 +01:00
Andrew Kozlik
f610787f8d core/webauthn: Clean up bytes/bytearray typing around uctypes. 2020-03-12 15:45:26 +01:00
Andrew Kozlik
e378820f7f core/webauthn: Implement support for Ed25519 signatures in FIDO2. 2020-03-12 15:45:26 +01:00
Pavol Rusnak
624b639ba8
Merge pull request #886 from trezor/onvej-sl/monero-optimizations-squashed
xmr/bp: memory optimizations and improvements, fixed style
2020-03-02 17:54:30 +01:00
Tomas Susanka
f8de140271 core: add cancel to hold to confirm dialogs 2020-03-02 13:58:41 +00:00
Dusan Klinec
2658e253fa xmr/bp: memory optimizations and improvements
- different approach to vector manipulation - more on the fly operations. Prepared for fully offloaded operations, BP on Trezor with constant memory.
- memory requirements reduced from (4MN + const) to (2MN + const)
- more raw methods to avoid unnecessary encoding/decoding
- chunking improved, chunk size set as a constant, changed from 64 to 32, missing pieces implemented to cover also BP 16
- proof_v8 support discontinued, old hardfork, not needed anymore
- get_exponent register clash fixed (for large vectors)
- reduced heap fragmentation by removing some temporary allocations
- hashing with len and offset to reduce heap fragmentation by creating a sliced arrays
- use to() wherever possible to avoid allocations and return of mutable private object
- global functions start with _ prefix, reduce import footprint
- use __slots__ in classes to minimize footprint
2020-03-02 12:17:03 +01:00
Tomas Susanka
21676a0662 ore/tezos: better wording in delegation cancel 2020-03-02 08:49:34 +00:00
matejcik
7f91bc571c core: ensure default task restarts after a passphrase workflow (fixes #883) 2020-02-28 15:55:40 +01:00
Tomas Susanka
5ee6e56f56
Merge pull request #880 from trezor/tsusanka/sign-verify-ui
Unify sign/verify message dialogs and fix text overflow
2020-02-28 15:47:48 +01:00
matejcik
bd9663af79 common/defs: update token reference, add new tokens to 2.3.0/1.9.0, regenerate coins_details 2020-02-27 19:13:17 +01:00
Tomas Susanka
86b010a18b
Merge pull request #878 from trezor/matejcik/fatfs-corruption
FatFS API rework
2020-02-27 15:58:38 +01:00
Tomas Susanka
c8b7d3fb56 core/changelog: SD card protection is part of 2.3.0 2020-02-27 13:57:48 +00:00
Tomas Susanka
a63e6fc4ef core+legacy: update changelogs 2020-02-27 13:21:17 +00:00
Tomas Susanka
a8af9feebe core: fix text overflow in some dialogs 2020-02-27 12:43:33 +00:00
Tomas Susanka
744c32991f core: unify sign/verify functions
The UI records are modified because of two changes:
- Added a coin name to the Sign/Verify screen (ETH/Lisk).
- Unified to use mono.
2020-02-27 12:43:33 +00:00
Tomas Susanka
b317613d63
Merge pull request #874 from trezor/tsusanka/test
Use wire errors where applicable
2020-02-27 13:38:30 +01:00
Tomas Susanka
495a59c282 core: use wire errors instead of ValueErrors where applicable 2020-02-27 10:46:01 +00:00
matejcik
18ac4fc9ca core: update Python facing APIs 2020-02-27 10:56:23 +01:00
matejcik
9ab84d2455 core/tests: thoroughly test modified APIs 2020-02-27 10:56:23 +01:00
matejcik
b24411b900 core/sdcard: unmount instance when powering off sdcard 2020-02-27 10:56:23 +01:00
matejcik
c81be584fb core/fatfs: ensure functions can only be called on a mounted filesystem
ff.c has a lazy-mounting feature, where any filesystem call will mount
the volume if it can. This messes with predictability of the mounted
state, so all (except mount/unmount/mkfs) Python functions will first
check if the fs is mounted.
2020-02-27 10:56:23 +01:00
matejcik
fa746e2990 core/fatfs: rework low-level FatFS API
Instead of having possibly multiple FatFS objects, each with its own
`fs` struct, there is one global static fs_instance. This is to match
the mode of operation of ff.c, which assumes a global list of mounts,
and all functions operate on the global based on path.

Methods of FatFS were converted to functions on the fatfs module.

fatfs.unmount() does not call ff.c's unmount, but simply invalidates
fs_instance. This is basically what ff.c would do, except without
messing with ff.c's global list of mounts.
2020-02-26 14:18:41 +01:00
Pavol Rusnak
c896f02eb3
core/boardloader: use SRAM as SD card read buffer
because DMA can't access the CCMRAM
2020-02-25 17:59:16 +01:00
Andrew Kozlik
2133f7cf29 core: Prevent data loss when writing to USB VCP. 2020-02-25 12:08:07 +01:00
matejcik
b916072389 common: restore PassphraseAck.state 2020-02-24 15:15:09 +01:00
matejcik
d7b9582386 core/sdcard: add ensure_filesystem option (fixes #868)
It is possible to call `ensure_sdcard` in a way that requires only SD
card be inserted, but not necessarily formatted.

This is useful for SD-protect and possibly other use-cases where the SD
card is read-only, and "not formatted" is identical to "not containing
the right files".
2020-02-24 13:28:44 +01:00
matejcik
e9c275c24f core/sdcard: fix invalid state when filesystem mounting fails 2020-02-24 13:28:44 +01:00
Pavol Rusnak
39ce100608
Merge pull request #864 from trezor/prusnak/bootloader-text-break
core/bootloader: split long vendor string
2020-02-21 18:39:20 +01:00
Tomas Susanka
6c47bf8230 core: store multiple sessions/caches at the same time 2020-02-21 14:40:42 +01:00
Pavol Rusnak
562671401e
Merge pull request #860 from trezor/prusnak/multisig-show-yours-others
core: show yours/others in get_address for multisig
2020-02-20 13:49:13 +01:00
matejcik
918603ad5c core: add unit test for sdcard wrapper 2020-02-20 12:51:48 +01:00
matejcik
7983fd34d6 core: fix unit tests 2020-02-20 12:51:48 +01:00
matejcik
4ed6487a19 core/sdcard: add out-of-bounds checks to emulator 2020-02-20 12:51:48 +01:00
matejcik
ddee77ecb6 core: add SD clearing via debuglink 2020-02-20 12:51:48 +01:00
matejcik
d0b1b171f1 core/sdcard: ensure emulator initializes the SD card when first needed 2020-02-20 12:51:48 +01:00
matejcik
5bd8d9b5bb core/sdcard: make allocating new SD card for emulator fast 2020-02-20 12:51:48 +01:00
matejcik
1e9352b9e0 core: add SD format dialog, generalize sdcard usage 2020-02-20 12:51:48 +01:00
matejcik
5bac85f260 core: use filesystem wrapper instead of the ensure_filesystem decorator 2020-02-20 12:51:48 +01:00
matejcik
d08942be4a core: introduce filesystem wrapper 2020-02-20 12:51:48 +01:00
matejcik
b2084a19be core/trezorio: move sdcard functions to a submodule 2020-02-20 12:51:48 +01:00
matejcik
30529d218d core/sdcard: change SDCard methods to plain functions 2020-02-20 12:51:48 +01:00
matejcik
06b89c57c5 core/sdcard: return proper disk status flags to fatfs 2020-02-20 12:51:48 +01:00
Tomas Susanka
ff1bb67abc common: return the PasshraseType button request 2020-02-20 08:04:35 +00:00
Pavol Rusnak
dc66bbe3d5
core/bootloader: split long vendor string 2020-02-19 21:40:28 +00:00
Pavol Rusnak
74802a107e
core/modtrezorui: add display_text_split 2020-02-19 21:40:28 +00:00
Pavol Rusnak
c4babd3c0b
Merge pull request #846 from trezor/bootloader-read-retry
core/bootloader: make read more benevolent and read error more helpful
2020-02-19 19:45:34 +01:00
Pavol Rusnak
581e46ff87
Merge pull request #845 from trezor/prusnak/webusb-popup
Don't show WebUSB popup in firmware, in bootloader only if no firmware present
2020-02-19 18:18:01 +01:00
Pavol Rusnak
7944c1a837
core/monero: add confirmation dialog for unlock_time 2020-02-19 14:31:45 +00:00
Pavol Rusnak
a808cc9190
core/apps: await require_confirm should be called without return 2020-02-19 14:31:45 +00:00
Pavol Rusnak
b9486c0b33
core: show yours/others in get_address for multisig 2020-02-18 22:39:55 +00:00
Tomas Susanka
577daf09fe tests: introduce --ui-check-missing to test/remove missing tests 2020-02-18 09:33:21 +01:00
matejcik
1d41141a1f core/emulator: properly ignore inotify problems (fixes #854) 2020-02-17 12:33:38 +01:00
Pavol Rusnak
2958a97c87
Merge pull request #830 from trezor/tsusanka/fw-upgrade
FW Update: Request a small chunk first to make the UI smoother
2020-02-15 13:08:33 +01:00
matejcik
e61b7d28e9 all: do not send state in PassphraseAck (not needed for compatibility) 2020-02-13 15:44:50 +01:00
Pavol Rusnak
63dfd6c6ab
core/bootloader: make read more benevolent and read error more helpful 2020-02-12 22:05:29 +01:00
Pavol Rusnak
07cd73ce57
core: show webusb popup only in bootloader and only if firmware is not installed 2020-02-12 20:47:05 +00:00
matejcik
4c8c96272c emu: fix flag options with defaults
Click REALLY INSISTS you provide on/off switches for your options.
You can use is_flag, but then the presence of the option changes based
on the default value.

Which makes sense, really:
@option("-f", "foobar", is_flag=True, default=False)
you would expect `./cli -f` to have `foobar is True`

whereas with
@option("-f", "foobar", is_flag=True, default=True)
you would expect `./cli -f` to have `foobar is False`, otherwise it's a
no-op

this becomes fun with `default=os.environ.get("SOMETHING")`, because
then the effect of the option CHANGES with a value of environment
variable!

there's two ways around this:
a) don't use defaults, update the flag explicitly, like:
   foobar = foobar or os.environ.get("FOOBAR") == "1"
b) forget about is_flag and specify an on/off switch, where the default
   value works as intended

since the latter is also technically speaking more correct, i'm doing it
2020-02-12 13:32:05 +01:00
matejcik
271da3fa39 python: add detailed logging to emulator runner 2020-02-12 13:31:58 +01:00
matejcik
c14429c445 all: shut down emulator on error_shutdown 2020-02-12 13:31:31 +01:00
matejcik
d3b88a37be core: do not catch SystemExit in handle_session (#826) 2020-02-12 10:36:42 +01:00
Tomas Susanka
f947fe97cc core: fix style 2020-02-11 16:41:43 +01:00
Tomas Susanka
0a13f7a441 core: properly limit passphrase to 50 bytes 2020-02-11 15:39:08 +00:00
Tomas Susanka
2c0504ad1c
Merge pull request #803 from trezor/passphrase
Passphrase Redesign
2020-02-11 16:01:59 +01:00
matejcik
05a1d6f771 core/debug: add "show arbitrary screen" capability, for easier prototyping 2020-02-11 11:53:34 +01:00
matejcik
c01d04f26e common/protob: drop a default field declaration
which triggers nanopb bug https://github.com/nanopb/nanopb/issues/487
2020-02-11 11:53:34 +01:00
matejcik
741c0c8888 core: improve stability of Monero test runner 2020-02-11 11:16:28 +01:00
matejcik
4c9689d7a7 common: return deprecated fields to protobuf, to allow cross-version compatible code 2020-02-10 12:35:28 +01:00
Pavol Rusnak
e58225fe02
core/boot: don't call mkfs in emulator 2020-02-07 15:30:21 +00:00
Pavol Rusnak
fdfa64ac2a
core/ui: fix HoldToConfirm redraw 2020-02-07 15:21:16 +00:00
Pavol Rusnak
32f8f1cb61
core/embed: update fatfs to 0.14; use upstream version 2020-02-07 15:21:16 +00:00
Tomas Susanka
56dc952495 common: fix PassphraseAck.on_device id 2020-02-07 14:19:01 +00:00
Pavol Rusnak
73ed2f3450
legacy: small nitpicks related to the new passphrase handling 2020-02-07 11:41:03 +00:00
Tomas Susanka
15ed5cd19e
core: do not clear cache on ClearSession 2020-02-07 11:41:03 +00:00
Tomas Susanka
fd0dc8ed66
core/passphrase: merge 'get from user' functions 2020-02-07 11:41:03 +00:00
Tomas Susanka
7d7ffe3b67
cardano: derive the root and then cache 2020-02-07 11:41:02 +00:00
matejcik
3fa99c0c6a
core/tests: add storage.cache tests 2020-02-07 11:41:02 +00:00
matejcik
938f347514
core: use DUMMY_CONTEXT constant instead of own instance 2020-02-07 11:41:02 +00:00
matejcik
d4171aaedc
core/tests: extract common await_result() method 2020-02-07 11:41:02 +00:00
matejcik
1f50a13edf
core: use cache for Monero live refresh confirmation 2020-02-07 11:41:02 +00:00