1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-23 06:48:16 +00:00
Commit Graph

946 Commits

Author SHA1 Message Date
Martin Milata
314cd260eb feat(common): add experimental_features setting 2020-10-16 13:53:31 +02:00
Pavol Rusnak
d8534b5ee6
perf(core/extmod): replace HMAC Python implementation with C
We keep Python implementation of HMAC for Monero in
core/src/apps/monero/xmr/crypto/__init__.py
2020-10-12 16:33:13 +02:00
Andrew Kozlik
d90c3af6ea docs(core): Fix typos in slip39.py. 2020-10-11 00:31:24 +02:00
Martin Milata
542f32d3b1 feat(core): add auto_lock_delay and display_rotation to Features 2020-10-02 11:06:16 +02:00
Martin Milata
b2c4bbdaa2 feat(common): add auto_lock_delay and display_rotation to Features 2020-10-02 11:06:16 +02:00
matejcik
e4785d47e0 style: apply black 20.8b1 2020-09-29 11:30:40 +02:00
Rafael Korbas
2173ad97bc Refactor t<page number> to page<page_number> in cardano get_address call 2020-09-29 08:55:28 +02:00
Rafael Korbas
66dbdc2462 Enforce network id/protocol magic consistency for cardano show address 2020-09-29 08:55:28 +02:00
Juraj Muravsky
638977db7d Swap path with address type on screen in cardano get address 2020-09-29 08:55:28 +02:00
matejcik
0eed360037 chore: make tx type names shorter
as suggested by @andrewkozlik:
TxAckInputType -> TxInput
TxAckOutputType -> TxOutput
TxAckPrevTxType -> PrevTx
TxAckPrevInputType -> PrevInput
TxAckPrevOutputType -> PrevOutput
2020-09-23 16:00:10 +02:00
matejcik
244b264b47 chore(core): fix typing and kwargs usage 2020-09-23 16:00:10 +02:00
matejcik
ef4022fbf5 auto: regenerate protobuf classes 2020-09-23 16:00:10 +02:00
matejcik
37025e2a84 feat(core): use specialized protobufs in apps.bitcoin, enable typing 2020-09-23 16:00:10 +02:00
matejcik
b0a2297b14 feat(core): convert protobuf decoding errors to DataErrors 2020-09-23 16:00:10 +02:00
matejcik
6ba08526e1 fix(core): fix type annotations on CoinInfo 2020-09-23 16:00:10 +02:00
matejcik
90ee5f3d38 feat!: implement protobuf required fields and default values
BREAKING CHANGE: this makes arguments to protobuf constructors
keyword-only, and arguments corresponding to required fields are now
mandatory
2020-09-23 16:00:10 +02:00
Pavol Rusnak
f8489f16e4 fix(common/defs): remove FSN, ICX which migrated to mainnet 2020-09-23 11:31:09 +02:00
Martin Milata
cff4955f93 core: implement SafetyChecks.PromptTemporarily
Also reword safety checks confirmation dialogs.
2020-09-18 09:02:40 +02:00
Martin Milata
7d37b2c90f common: add PromptTemporarily to SafetyChecks enum 2020-09-18 09:02:40 +02:00
Martin Milata
9d2ad96ad4 core: add SafetyCheckLevel to Features 2020-09-18 09:02:40 +02:00
Martin Milata
9f066e877d common: add SafetyCheckLevel to Features 2020-09-18 09:02:40 +02:00
Andrew Kozlik
295710c37d core/bitcoin: Check ownership proofs using the provided commitment data. 2020-09-08 19:36:10 +02:00
Andrew Kozlik
5d745d5d04 common/protob: Add commitment_data to TxInputType. 2020-09-08 19:36:10 +02:00
Dusan Klinec
9d7b0bf50c xmr: fix new transaction type for CLSAG, HF=13 2020-09-07 17:50:38 +02:00
Andrew Kozlik
dad2852db9 core/bitcoin: Stream prev_tx after confirmation. 2020-09-04 14:36:39 +02:00
Tomas Susanka
ebc99435ab Revert "core: remove ownership messages from the public api for now"
This reverts commit 0d5f00668f.
2020-09-03 14:56:27 +02:00
Tomas Susanka
b99b8b3df3 Merge remote-tracking branch 'origin/release/2020-09' 2020-09-03 13:17:23 +02:00
Martin Milata
b8bb63fbef core: drop unused FONT_SIZE constant 2020-09-01 19:57:46 +02:00
Tomas Susanka
19461398d7 core/cardano: reuse derived Shamir seed (fixes #1007) 2020-09-01 16:14:41 +02:00
Tomas Susanka
0d5f00668f
core: remove ownership messages from the public api for now 2020-09-01 15:56:57 +02:00
matejcik
e0583dd5cb all: use a specific error code for "invalid session" 2020-08-28 15:37:06 +02:00
matejcik
4909821f35 core: implement EndSession 2020-08-28 15:37:06 +02:00
Martin Milata
df5421e7d6 common/defs: update maxfee_kb to 10USD/tx
Except bitcoin.

(cherry picked from commit f51fac3410)
2020-08-25 18:06:54 +02:00
Martin Milata
f51fac3410 common/defs: update maxfee_kb to 10USD/tx
Except bitcoin.
2020-08-25 18:05:29 +02:00
Pavol Rusnak
41f5237967
common/defs: enable extra_data for FLO
(cherry picked from commit 534695313c)
2020-08-24 11:08:02 +02:00
Pavol Rusnak
534695313c
common/defs: enable extra_data for FLO 2020-08-24 11:06:12 +02:00
Andrew Kozlik
f2d669ecdc core/bitcoin: Use dynamic dispatch for confirmation dialogs in sign_tx. 2020-08-21 21:30:15 +02:00
Andrew Kozlik
02da5b7593 core/bitcoin: Show warning if nLockTime is set but ineffective due to all nSequence values being 0xffffffff. 2020-08-21 21:30:15 +02:00
Pavol Rusnak
cdf0f68bb0 core: show passphrase on device 2020-08-21 21:30:15 +02:00
Martin Milata
1b982659c4
core: fix boot loop after uploading invalid homescreen (#1205) 2020-08-21 12:00:42 +02:00
Pavol Rusnak
0620911e46 core: allow spending coins from Bitcoin paths if the coin ...
has implemented strong replay protection via SIGHASH_FORKID
2020-08-21 11:49:03 +02:00
Alexis Hernandez
96c38315df
common/defs: enable extra_data for XSN (#1208) 2020-08-20 20:40:30 +02:00
Andrew Kozlik
dd540a2ccd core/ui: Initialize Qr class properly. 2020-08-20 18:13:09 +02:00
gabrielkerekes
431a25b119 Add Cardano README.md 2020-08-20 16:02:10 +02:00
Pavol Rusnak
c3ce9de3ea core: regenerate coins+tokens 2020-08-19 19:29:18 +02:00
Martin Milata
3f21e8f400 core: display coin name when signing message
Also when verifying message.
2020-08-18 13:45:49 +02:00
Martin Milata
927ee0812b core: add hard limit for transaction fees
The hard limit is set to 10*fee_warning_threshold. The limit is not
enforced when `safety_checks` is set to "Prompt".
2020-08-17 16:12:33 +02:00
Tomas Susanka
c9dc38c9f3 core: allow 49/x not 49/x' for Casa 2020-08-17 08:54:08 +02:00
Pavol Rusnak
d1973b7486
pipenv: update Pipfile 2020-08-08 18:03:32 +02:00
Pavol Rusnak
4e11735d22 core/modtrezorui: remove prefill from text functions
use display.bar where needed to prefill the areas
2020-08-07 15:08:14 +02:00
matejcik
51ea8ccecd common: update token support 2020-08-07 11:49:26 +02:00
Pavol Rusnak
65805c9145
core: fix non-determinism in resources.py.mako 2020-08-05 17:10:22 +02:00
matejcik
cea634158a core: make sure Homescreen is properly initialized (fixes #1095) 2020-08-05 14:22:06 +02:00
Tomas Susanka
16827c3135 core: make templates 2020-08-05 13:55:36 +02:00
gabrielkerekes
afa26e7560 Use correct paths for Cardano Byron witnesses 2020-08-04 20:35:13 +02:00
Andrew Kozlik
292d909235 core/base: Implement CancelAuthorization message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
8bcb3d8fb6 core/storage: Add delete() method to storage.cache. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
5c1f197602 common/protob: Add CancelAuthorization message. 2020-08-04 17:32:44 +02:00
matejcik
cd86f9f477 core/bitcoin: make change check more robust against short paths 2020-08-04 17:32:44 +02:00
Andrew Kozlik
07d9b780a6 core/bitcoin: Change CoinJoin round ID length to 32 bytes and remove rate limiting. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
377bff68f4 core/bitcoin: Implement DoPreauthorized message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
2c30dd62fc common: Add DoPreauthorized message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
b9cfecb8b8 core/bitcoin: Support preauthorization in SignTx message for CoinJoin. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
97fc9b74ab core/bitcoin: Implement CoinJoinApprover. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
d6ee542deb core/bitcoin: Move transaction confirmation logic from Bitcoin to BasicApprover class. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
00258f2d4d core/bitcoin: Support preauthorization in GetOwnershipProof message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
c772de9d3c core/bitcoin: Support preauthorization in @with_keychain decorator. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
208283e13e core/bitcoin: Implement AuthorizeCoinJoin message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
48a331aa1d core/bitcoin: Add CoinJoinAuthorization class. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
dc32a17335 core/bitcoin: Move BIP32_WALLET_DEPTH to common. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
bbab13f6e7 common/protob: Add AuthorizeCoinJoin message. 2020-08-04 17:32:44 +02:00
gabrielkerekes
683d7420ff Fix Cardano Shelley public key validation
In Shelley Cardano started using the purpose 1852'. Unfortunately,
we completely missed that the public key path validation fuction checks
for purpose 44' explicitly, which means that the user is shown a warning
when deriving public key with the purpose 1852'. Which is always when
"logging in" to a wallet. This commit should fix that.

I've also updated type hinting in get_public_key.
2020-08-04 13:03:57 +02:00
Gabriel Kerekeš
c0eba979c6 Fix bare 'except' style error - catch Exception instead
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
2020-07-30 17:17:03 +02:00
gabrielkerekes
7a1e773b49 Validate transaction metadata 2020-07-30 17:17:03 +02:00
gabrielkerekes
f2ee450410 Include metadata in transaction signing 2020-07-30 17:17:03 +02:00
gabrielkerekes
0438f318b4 Bring back cbor.Raw - to be used for metadata 2020-07-30 17:17:03 +02:00
gabrielkerekes
1ed8b56b7c Include Byron witness once for each input path 2020-07-30 17:17:03 +02:00
gabrielkerekes
7bf5cab840 Update sign_tx
Add certificates, withdrawals and metadata hash
2020-07-30 17:17:03 +02:00
gabrielkerekes
a25444efd1 Move to_account_path() to utils 2020-07-30 17:17:03 +02:00
gabrielkerekes
e92baf5b02 Update protobuf 2020-07-30 17:17:03 +02:00
Andrew Kozlik
7d07161efe common/fido: Unify application labeling between U2F and FIDO2. 2020-07-30 15:29:54 +02:00
Martin Milata
d955e3f1e5 core: rename class Overwintered to Zcashlike 2020-07-30 15:14:18 +02:00
Martin Milata
10387e1869 core: drop zcash v3 tx signing support 2020-07-30 15:14:18 +02:00
gabrielkerekes
6d02aa23d9 Raise wire.DataError when deriving invalid address type 2020-07-30 14:43:32 +02:00
gabrielkerekes
b5f3511c1c Add support for script addresses in tx outputs 2020-07-30 14:43:32 +02:00
gabrielkerekes
f1b6056edb Fix staking key hash message
When deriving an address with a foreign staking key Trezor would crash
due to forgotten `decode()` on hexlified staking key hash which was to
be displayed.

This wasn't discovered while testing because it weirdly would pass with
a `aaff00` string, but not with longer ones.
2020-07-30 14:43:32 +02:00
matejcik
c008600d08 core/debug: fail if wait_layout is sent without watch_layout 2020-07-29 11:50:47 +02:00
Martin Milata
3021233eaf core: remove unimports from bitcoin sign_tx layouts 2020-07-28 10:51:28 +02:00
Pavol Rusnak
cec87bba50
core: remove mono bold font variant (not used anywhere) 2020-07-27 23:22:34 +02:00
matejcik
4eb5b927c0 core/cardano: simplify keychain implementation 2020-07-27 13:24:51 +02:00
Gabriel Kerekeš
d2c1624602 Cardano shelley update 2/3 (#1112) 2020-07-27 13:11:23 +02:00
gabrielkerekes
e1615e60ec Update Cardano to support Shelley era 1/3
Update protobuf

- Previous transactions don't need to be sent anymore, because fee is
  included in the transaction now. Thus transactions_count can be
  removed from CardanoSignTx message and the CardanoTxAck and
  CardanoTxRequest messages can be removed altogether.
- CardanoTxInputType.type is unused so remove it

Add NULL (None type) serialisation to CBOR

- Transaction metada must either have a valid structure or CBOR NULL
  must be used (if metadata is empty) - it can't be simply left out.

Add protocol_magics file

- Just to have a nicer way of representing protocol magics

Update transaction signing

- Previous transactions no longer need to be requested
- Output building is simplified, since fee doesn't need to be calculated
- Remove transaction class since it is no longer needed (only functions
  remained)
- Reorder functions so it reads top to bottom

Add protocol magic to byron address on testnet

- This has always been a part of the spec, but it hasn't been
  implemented before, because it wasn't really needed.

Update trezorlib

Update tests

- Transaction messages are no longer required
- Expected values are different since tx format changed
- Common values in test cases have been extracted

Remove unused file

- Progress was used when receiving previous transactions

Add CRC check to output address validation
2020-07-27 13:04:49 +02:00
matejcik
fdcb64ac24 all: rename protobuf unsafe_prompts to safety_checks 2020-07-24 16:37:58 +02:00
matejcik
19ad1dae8b core/bitcoin: allow compatibility namespaces for Casa/Greenaddress 2020-07-24 16:37:58 +02:00
matejcik
b741560997 core/bitcoin: drop unused validate_path_for_bitcoin_public_key 2020-07-24 16:37:58 +02:00
matejcik
407375b0c4 core/bitcoin: move BITCOIN_NAMES to common 2020-07-24 16:37:58 +02:00
matejcik
fd8cb0e061 core/keychain: differentiate error message for ed25519 derivation 2020-07-24 16:37:58 +02:00
matejcik
0438f83a94 core: use public as named argument instead of comment 2020-07-24 16:37:58 +02:00
matejcik
57b08c98ed core: raise error on setting passphrase-on-device without passphrase 2020-07-24 16:37:58 +02:00
matejcik
c85d768b81 core: update references to keychain everywhere 2020-07-24 16:37:58 +02:00
matejcik
ff4ec2185e core: refactor keychain to only support one curve at a time
also make a cleaner distinction between keychain, seed, path

This enables using `unsafe_prompts`, because with the original code, if
there was no namespace match, we wouldn't know which curve to use.

For ease of implementation, we use a LRU cache for derived keys,
instead of the original design "one cache entry per namespace".

SLIP21 is now treated completely separately, via `slip21_namespaces` and
`derive_slip21` method.
If more slip21-like things come in the future, we can instead hang them
on the keychain: put a per-curve Keychain object accessible by
`keychain[curve_name].derive()`, and the majority usecase will just pass
around `keychain[curve_name]` instead of having to specify the curve in
every `derive()` call.

Or alternately we'll just specify the curve in every `derive()` call,
whichever seems more appropriate.
2020-07-24 16:37:58 +02:00
matejcik
8e44132d3c core: replace load_settings with individual setters 2020-07-24 16:37:58 +02:00
matejcik
1109250dcf core: add option to allow unsafe prompts 2020-07-24 16:37:58 +02:00
Martin Milata
03f2dab6bc core: reduce gc.collect calls during bitcon sign_tx 2020-07-24 15:35:09 +02:00
matejcik
c3a61998cb core: generate resdata by Mako, use if/elif trick to save RAM 2020-07-24 14:09:31 +02:00
matejcik
5e7fd3aea6 core: use utils.BufferReader instead of apps.common.BytearrayReader 2020-07-24 14:09:31 +02:00
matejcik
1ff4a0d239 core: separate BufferIO into Reader (read-only) and Writer
also integrates BytearrayReader API into BufferReader
2020-07-24 14:09:31 +02:00
matejcik
3514a31bc9 core: make USB codec resilient to OOM conditions 2020-07-24 14:09:31 +02:00
matejcik
31e2170766 core: make protobuf buffer smaller, dynamically allocate bigger if necessary 2020-07-24 14:09:31 +02:00
matejcik
a000ea5ec8 core/monero: update Monero app to use synchronous protobuf 2020-07-24 14:09:31 +02:00
matejcik
01d695283f core: make protobuf buffer bigger 2020-07-24 14:09:31 +02:00
matejcik
0c3bc53aee core: clean up types for field caching, fix count_message 2020-07-24 14:09:31 +02:00
matejcik
d568afa80d core: improve protobuf field caching 2020-07-24 14:09:31 +02:00
matejcik
85d74ece76 core: implement synchronous v1 codec 2020-07-24 14:09:31 +02:00
Martin Milata
fd117a0c9f core: raise error on auto-lock value out of range 2020-07-22 21:38:42 +02:00
matejcik
051763575d core: touch idle timer in keyboards (fixes #1099) 2020-07-10 14:05:52 +02:00
matejcik
2c4ecff0a4 core: fix synthetic events breaking io.poll delay calculation 2020-07-10 14:05:52 +02:00
Andrew Kozlik
eb28998f98 core/bitcoin: Support multiple change-outputs. 2020-07-09 15:51:23 +02:00
Andrew Kozlik
37f4dcc7e5 core/bitcoin: Rename witness_p2wsh() to witness_multisig(). 2020-07-03 11:17:19 +02:00
Andrew Kozlik
9cd600f79e core/bitcoin: Add special confirmation screen for transactions with external inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
64d9350de2 core/bitcoin: Implement GetOwnershipId message. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
533de50588 common/protob: Add GetOwnershipId message. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
712ec68c1b core/bitcoin: Add support for external inputs with proof of non-ownership. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
956ea9a94f common: Add ownership_proof field to TxInputType. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d4317d1536 core/bitcoin: Implement generation and verification of SLIP-0019 proofs of ownership. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d52de28704 core/bitcoin: Implement BIP-322 SignatureProof container. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
c723c78529 common/protob: Add GetOwnershipProof message. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d48a372ca7 core/sign_tx: Implement support for signed external inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
78f14d286e core/sign_tx: Factor out get_legacy_tx_digest() from sign_nonsegwit_input(). 2020-07-03 11:17:19 +02:00
Andrew Kozlik
61e2d4d5e5 core/bitcoin: Implement signature verifier. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
5378e12ba2 core/bitcoin: Clarify hash_type vs. sighash_type terminology. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
d1e043f417 core/bitcoin: Implement parsing of scripts and witnesses for signature verification. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
173bb7ed13 core/bitcoin: Replace TxInputType parameter in input_derive_script. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
a901573ea2 core/bitcoin: Move script types from helpers to common. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
3b6c1e5e6b core/crypto: Add functions for verifying DER encoded signatures. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
9459c5a5c2 core/common: Add BytearrayReader and basic reader functions. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
99f01cd316 core/sign_tx: Check script_pubkeys of inputs. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
cc655575c8 common: Add witness field to TxInputType. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
872768928b core/crypto: Fix endianity in DER length encoding. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
e7f230d66e core/sign_tx: Use varint length encoding for witness stack items. 2020-07-03 11:17:19 +02:00
Tomas Susanka
0f9a2459d3 core: make QR code smaller for Monero 2020-07-01 17:20:04 +00:00
Tomas Susanka
ca3dd2bfb9 common: skip deprecated fields during generation; deprecate overwintered field in Zcash 2020-06-30 16:02:21 +02:00
matejcik
e6e3043096 all: implement support for pre-overwinter prevtx (fixes #1030) 2020-06-30 15:19:31 +02:00
Andrew Kozlik
f382f77c89 core/ui: Fix repaint bug in QR code rendering #1067. 2020-06-25 12:25:41 +02:00
Tomas Susanka
e534ae3ad7 legacy, core: rename Features.pin_cached to unlocked and unify 2020-06-19 21:26:36 +02:00
Tomas Susanka
a6acefbdf5 core: wipe before reset and recovery; introduce 'intialized' field 2020-06-16 11:31:29 +02:00
Andrey
1eeaa1e5cf Enable extra_data for Zcoin. Changed coininfo.py 2020-06-15 09:53:00 +02:00
Tomas Susanka
b67be7dd9e core: forbid all settings if not initialized 2020-06-11 18:47:01 +02:00
Tomas Susanka
981d079d7f core/signverify: add failsafe for an empty message header 2020-06-11 09:08:50 +02:00
Tomas Susanka
56fe5adcfc Merge branch 'release/2020-06' 2020-06-10 06:51:18 +00:00