1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-27 01:48:17 +00:00
Commit Graph

833 Commits

Author SHA1 Message Date
matejcik
d9e5fd2682 client: refuse to work with outdated firmware
required firmware versions are hardcoded and should be updated by a
build script
2018-12-04 17:42:54 +01:00
matejcik
84339ae1ff client: properly sanitize and handle invalid inputs from UI functions 2018-12-04 17:42:54 +01:00
matejcik
3362f66724 client: make sure proto exists in client
because old Electrum imports it

also make sure it doesn't work anymore
2018-12-04 17:42:54 +01:00
matejcik
db1a5adee7 device_tests: style 2018-11-26 17:02:00 +01:00
Tomas Susanka
0d01298f71 tests/eth: add invalid signature test for verify 2018-11-26 16:30:34 +01:00
matejcik
4982fd1cf5 client: wrap clear_session in a session
because it's a different kind of session...
2018-11-26 16:06:56 +01:00
matejcik
c7c5653231 trezorlib: bump version (not releasing yet though) 2018-11-26 16:02:19 +01:00
matejcik
1ded85c746 tests/unit_tests: update test_transport 2018-11-26 15:58:19 +01:00
matejcik
36a81fd9e7 trezorlib: update CallException to match the old one
which is now TrezorFailure
2018-11-26 15:30:42 +01:00
matejcik
1f2db3666b ui: smarter ClickUI prompts only once
This also fixes #331 by moving the PIN matrix from trezorctl into the UI
class
2018-11-26 15:30:42 +01:00
matejcik
eb50d54ec2 device: add reasonable defaults for reset/recovery 2018-11-26 15:30:42 +01:00
matejcik
40eaa1fa36 transport/hid: reload serial when closing
because device.wipe() causes the device to change serial, which breaks
the connection unnecessarily.
2018-11-26 15:30:42 +01:00
matejcik
f3a13f50e0 transport/hid: check serial number when opening device
This fixes the problem where the user disconnects a device, connects a
different one, and the library doesn't notice because opening the same
HID path worked fine. (see https://github.com/spesmilo/electrum/issues/4806 )
2018-11-26 15:30:42 +01:00
matejcik
082adfd15d transport: derive TransportException from TrezorException 2018-11-26 15:30:42 +01:00
matejcik
69ef1f0acd transport: cleaner Transport list instantiation
Previously if an import of a dependent module (usb1, hid) failed, import
of the whole transport module would fail. This was resolved by catching
ImportErrors in the all_transports method.

This had two drawbacks:
- if something other than ImportError happened - e.g., libusb would
raise OSError if it couldn't find libusb.so - all_transports would crash
anyway
- at the same time, if a legitimately needed dependency
(typing_extensions) was missing, this would be masked by the ImportError
handling.

Instead, we unconditionally import the modules, and inside each one,
wrap dependencies in a try-except.

As an added benefit, it is now possible to disable a transport just by
setting SomeTransport.ENABLED = False
2018-11-26 15:30:42 +01:00
matejcik
f04458d6ea client: allow canceling pin/passphrase entry 2018-11-26 15:30:42 +01:00
matejcik
11e56a7e1b client: clean up constants 2018-11-26 15:30:42 +01:00
matejcik
3dda5e6534 client: proto -> messages 2018-11-26 15:30:42 +01:00
matejcik
4f9bdff564 client: simplify MovedTo now that we only need it to raise an error
this also removes most of client's imports, which will FINALLY let us
import client where it is needed without circular dependencies
2018-11-26 15:30:42 +01:00
matejcik
ef46bd38ef client: finish the move away from mixins
move all methods that are still relevant to TrezorClient (originally
BaseClient)

modify ProtocolMixin to be a compatibility shim

modify BaseClient to be a compatibility shim with a proxy to original
actual TrezorClient - this prevents early failures in Electrum for long
enough to show an error message
2018-11-26 15:30:42 +01:00
matejcik
f3f521b028 client: convert generic classname-based dispatch to a static list
Only a limited number of messages should be dispatched to handlers
that can be inserted anywhere in the protocol flow. Having a fixed list
of interjecting handlers makes this clearer and prevents hard-to-find
bugs.
2018-11-26 15:30:42 +01:00
Tomas Susanka
786bccfa34 tests/lisk: all all all seed 2018-11-21 17:08:18 +01:00
Tomas Susanka
29d3a21d84 tests/eth: all all all seed 2018-11-21 17:08:18 +01:00
Tomas Susanka
f5af12c043 paths: compatibility for derivation paths checks 2018-11-21 17:08:18 +01:00
Pavol Rusnak
da3223d703
tests: change flags for test_msg_signtx_capricoin.py 2018-11-14 17:36:19 +01:00
strmci
252f946f40 Add a test case for segwit inputs/outputs with very high amounts (#337)
Add a test case for segwit inputs/outputs with very high amount, fixes #332
2018-11-12 16:27:56 +01:00
matejcik
5bb7dc39b8 transport: consolidate USB-based transports
remove Trezor 2 support from HID transport, which never worked

use ProtocolV1 explicitly everywhere, as V2 doesn't exist in practice

move USB IDs and UDEV warning string to a common place

fix a bug where HID would return a list instead of bytes
2018-11-12 12:22:32 +01:00
matejcik
d3534a15c9 transport: fix typing after autoflake treatment
autoflake will remove all unused imports when `make style` is invoked,
but can't recognize typing names that are only used in comments.

this fixes it.
2018-11-12 12:22:32 +01:00
matejcik
bfb56451e8 bridge: support bridge 2.0.25+
which can do read/write separately and supports debuglink
2018-11-12 12:22:32 +01:00
matejcik
ed473e2e42 trezorlib: add licence headers where missing 2018-11-12 12:22:32 +01:00
matejcik
93d84539bd transport: fit log messages to lines 2018-11-12 12:22:32 +01:00
matejcik
85b85c67b3 trezorlib: reentrant session handling
This fixes the breakage introduced by transport reshuffles.
It's still not great and I'd love to see context manager based sessions.
But it's good enough for now.
2018-11-12 12:22:32 +01:00
matejcik
daf97afb37 bridge: refactor after merging old changes 2018-11-12 12:22:32 +01:00
matejcik
aac7726824 trezorlib: transport/protocol reshuffle
This commit breaks session handling (which matters with Bridge) and
regresses Bridge to an older code state. Both of these issues will be
rectified in subsequent commits.

Explanation of this big API reshuffle follows:

* protocols are moved to trezorlib.transport, and to a single common file.
* there is a cleaner definition of Transport and Protocol API (see below)
* fully valid mypy type hinting
* session handle counters and open handle counters mostly went away. Transports
  and Protocols are meant to be "raw" APIs; TrezorClient will implement
  context-handler-based sessions, session tracking, etc.

I'm calling this a "reshuffle" because it involved very small number of
code changes. Most of it is moving things around where they sit better.

The API changes are as follows.

Transport is now a thing that can:
* open and close sessions
* read and write protobuf messages
* enumerate and find devices

Some transports (all except bridge) are technically bytes-based and need
a separate protocol implementation (because we have two existing protocols,
although only the first one is actually used). Hence a protocol superclass.

Protocol is a thing that *also* can:
* open and close sessions
* read and write protobuf messages
For that, it requires a `handle`.

Handle is a physical layer for a protocol. It can:
* open and close some sort of device connection
  (this is distinct from session! Connection is a channel over which you can
  send data. Session is a logical arrangement on top of that; you can have
  multiple sessions on a single connection.)
* read and write 64-byte chunks of data

With that, we introduce ProtocolBasedTransport, which simply delegates
the appropriate Transport functionality to respective Protocol methods.

hid and webusb transports are ProtocolBasedTransport-s that provide separate
device handles. HidHandle and WebUsbHandle existed before, but the distinction
of functionality between a Transport and its Handle was unclear. Some methods
were moved and now the handles implement the Handle API, while the transports
provide the enumeration parts of the Transport API, as well as glue between
the respective Protocols and Handles.

udp transport is also a ProtocolBasedTransport, but it acts as its own handle.
(That might be changed. For now, I went with the pre-existing structure.)

In addition, session_begin/end is renamed to begin/end_session to keep
consistent verb_noun naming.
2018-11-12 12:22:26 +01:00
matejcik
560a5215c5 client: do not coerce self.features.vendor to string
There is no good reason to do that and it hides situations when
the field mistakenly doesn't exist.

Added comment explains that missing "vendor" field might by caused
by trezor-common mismatch, which fixes #328
2018-11-06 14:16:53 +01:00
matejcik
ca345e9766 cardano: clean up test case 2018-11-06 13:38:13 +01:00
matejcik
81c55c1c5f device_tests: fix remaining use of btc.sign_tx 2018-11-06 13:38:09 +01:00
matejcik
99278f7d08 client: PassphraseState is not mandatory (missing on T1 in fact) 2018-11-06 13:36:25 +01:00
matejcik
1233feb358 style: fix imports 2018-11-06 13:36:25 +01:00
matejcik
601d3b49c3 trezorlib: add some utility features 2018-11-06 13:36:25 +01:00
matejcik
c269d67cde trezorlib: finalize BTC API changes
- drop set_tx_api method and its usage from trezorctl
- drop _prepare_sign_tx which is not used anymore
- adapt trezorctl to new signing API
- make trezorctl signing smarter, ahead of moving it elsewhere
2018-11-06 13:36:25 +01:00
matejcik
620e48e4d0 tests: adapt tests to new APIs 2018-11-06 13:36:25 +01:00
matejcik
9caea6d413 tx_api: rework API, separate caching functionality to test support 2018-11-06 13:36:25 +01:00
matejcik
3239d53bc0 debuglink: add support for arbitrary message filters
(this replaces `debug_processor` from sign_tx)
2018-11-06 13:36:25 +01:00
matejcik
5087f30a69 firmware: fix byte order for VendorTrust field, reproduce reserved field
this fixes a problem when checking signature (and therefore
reconstructing) of a vendor header that doesn't have a VendorTrust of
all zeroes, e.g., the vendor header for test builds
2018-11-06 13:36:25 +01:00
matejcik
c248946b3d protobuf: make MessageType more dict-like, drop _add_ and _extend_
so that SignTx(**tx) works

_add_x and _extend_x methods are left-overs from google protobuf
and shouldn't be used anymore
2018-11-06 13:36:25 +01:00
matejcik
e5e0759dc8 btc: refactor and cleanup sign_tx api & flow 2018-11-06 13:36:25 +01:00
matejcik
ea675f1e58 client: inline PassphraseState flow into Passphrase flow 2018-11-06 13:36:25 +01:00
Pavol Rusnak
1218a487f6
fix style 2018-11-04 16:06:21 +01:00
Pavol Rusnak
b4e34b98fc
trezorlib: add monero getaddress/getwatchkey + tests 2018-11-04 15:27:45 +01:00