1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-23 07:58:09 +00:00
Commit Graph

258 Commits

Author SHA1 Message Date
Martin Milata
927ee0812b core: add hard limit for transaction fees
The hard limit is set to 10*fee_warning_threshold. The limit is not
enforced when `safety_checks` is set to "Prompt".
2020-08-17 16:12:33 +02:00
Martin Milata
75fa9dee77 test_msg_signtx: proto -> messages 2020-08-17 16:12:33 +02:00
matejcik
5385617eda core: increase address length limit to accomodate CRW (fixes #1139) 2020-08-07 12:45:43 +02:00
matejcik
a94c0d074d tests: use improved API in authorize_coinjoin test 2020-08-05 16:45:56 +02:00
matejcik
e585d35f34 python: clarify session and feature management API
init_device() should be used to initialize a session. Reuses existing
session if available.

end_session() explicitly closes any existing session and requests a new
one

lock() enables soft-lock

clear_session() is the equivalent of lock() + end_session()

A new function ensure_unlocked() can be used to open a session and
prompt for PIN and passphrase before further operations.
2020-08-05 16:45:56 +02:00
matejcik
d776cc931b tests: fix test_msg_webauthn on-device
by not asking for a full-capacity list of credentials, which will
usually not fit in an unfragmented chunk of memory
2020-08-05 13:47:35 +02:00
gabrielkerekes
8d39ba8314 Add test case for multiple inputs and regenerate UI fixtures 2020-08-04 20:35:13 +02:00
Andrew Kozlik
ad3f39d829 tests: Add device test for multiple CoinJoin authorizations in different sessions. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
77b931e217 tests: Add device test for CancelAuthorization message. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
3cbfb98f38 tests: Add device test for a CoinJoin transaction which does not give the user's outputs a gain in anonymity. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
07d9b780a6 core/bitcoin: Change CoinJoin round ID length to 32 bytes and remove rate limiting. 2020-08-04 17:32:44 +02:00
Andrew Kozlik
4fd229b500 tests: Add device tests for AuthorizeCoinJoin and CoinJoin SignTx. 2020-08-04 17:32:44 +02:00
gabrielkerekes
12132ea64b Fix rebase and regenerate ui tests 2020-07-30 17:17:03 +02:00
gabrielkerekes
7a1e773b49 Validate transaction metadata 2020-07-30 17:17:03 +02:00
gabrielkerekes
f2ee450410 Include metadata in transaction signing 2020-07-30 17:17:03 +02:00
gabrielkerekes
a729ef1c26 Update tests
Add certificates, withdrawals and metadata hash
2020-07-30 17:17:03 +02:00
Martin Milata
10387e1869 core: drop zcash v3 tx signing support 2020-07-30 15:14:18 +02:00
gabrielkerekes
b5f3511c1c Add support for script addresses in tx outputs 2020-07-30 14:43:32 +02:00
matejcik
741fca0156 tests: watch_layout must be explicit (fixes #1142) 2020-07-29 11:50:47 +02:00
Gabriel Kerekeš
d2c1624602 Cardano shelley update 2/3 (#1112) 2020-07-27 13:11:23 +02:00
gabrielkerekes
e1615e60ec Update Cardano to support Shelley era 1/3
Update protobuf

- Previous transactions don't need to be sent anymore, because fee is
  included in the transaction now. Thus transactions_count can be
  removed from CardanoSignTx message and the CardanoTxAck and
  CardanoTxRequest messages can be removed altogether.
- CardanoTxInputType.type is unused so remove it

Add NULL (None type) serialisation to CBOR

- Transaction metada must either have a valid structure or CBOR NULL
  must be used (if metadata is empty) - it can't be simply left out.

Add protocol_magics file

- Just to have a nicer way of representing protocol magics

Update transaction signing

- Previous transactions no longer need to be requested
- Output building is simplified, since fee doesn't need to be calculated
- Remove transaction class since it is no longer needed (only functions
  remained)
- Reorder functions so it reads top to bottom

Add protocol magic to byron address on testnet

- This has always been a part of the spec, but it hasn't been
  implemented before, because it wasn't really needed.

Update trezorlib

Update tests

- Transaction messages are no longer required
- Expected values are different since tx format changed
- Common values in test cases have been extracted

Remove unused file

- Progress was used when receiving previous transactions

Add CRC check to output address validation
2020-07-27 13:04:49 +02:00
matejcik
fdcb64ac24 all: rename protobuf unsafe_prompts to safety_checks 2020-07-24 16:37:58 +02:00
matejcik
fd8cb0e061 core/keychain: differentiate error message for ed25519 derivation 2020-07-24 16:37:58 +02:00
matejcik
e3bb39128d tests: add test for unsafe prompts 2020-07-24 16:37:58 +02:00
Martin Milata
fd117a0c9f core: raise error on auto-lock value out of range 2020-07-22 21:38:42 +02:00
Andrew Kozlik
c7bc945d95 tests: Test transaction with multiple change-outputs. 2020-07-09 15:51:23 +02:00
Pavol Rusnak
d720fa3f83
tests: fix flake errors 2020-07-03 17:33:59 +02:00
Andrew Kozlik
39c0ed2ff0 tests/sign_tx: Add device tests for transactions with external inputs in bgold, bcash and zcash. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
866dc72de2 tests: Add device tests for generation of proofs of ownership. 2020-07-03 11:17:19 +02:00
Andrew Kozlik
534bce3f86 tests/sign_tx: Add device tests for transactions with external inputs. 2020-07-03 11:17:19 +02:00
matejcik
e6e3043096 all: implement support for pre-overwinter prevtx (fixes #1030) 2020-06-30 15:19:31 +02:00
matejcik
f09dcc412e tests/zcash: enable "version_group_id_missing" test 2020-06-30 15:19:31 +02:00
Tomas Susanka
e534ae3ad7 legacy, core: rename Features.pin_cached to unlocked and unify 2020-06-19 21:26:36 +02:00
Tomas Susanka
56fe5adcfc Merge branch 'release/2020-06' 2020-06-10 06:51:18 +00:00
matejcik
4bc865794f core: only unlock storage if it is locked (solves determinism issue in tests) 2020-06-04 16:18:46 +02:00
matejcik
0799595b5b tests: update UI test fixtures 2020-06-04 16:18:46 +02:00
matejcik
70f67883c5 core: fix artifacts in click-based UI tests 2020-06-04 16:18:46 +02:00
matejcik
3c128cde38 tests: fix wait_layout() behavior 2020-06-04 16:18:46 +02:00
matejcik
0c3bbef81b tests: move autolock tests to a separate file 2020-06-04 16:18:46 +02:00
matejcik
5d823ff5ea core: use ButtonRequestType.PinEntry for PIN entry 2020-06-04 16:18:46 +02:00
matejcik
e9555a3b0a tests: rename test_address to get_test_address
so that pytest doesn't think it is a testcase
2020-06-04 16:18:46 +02:00
matejcik
a11ec58eb6 tests: enable auto-lock tests for TT 2020-06-04 16:18:46 +02:00
matejcik
b4900f2ab9 test: refactor RecoveryDevice test for TT 2020-06-04 16:18:46 +02:00
matejcik
2499a6d6da tests: refactor T1 changepin test 2020-06-04 16:18:46 +02:00
matejcik
fc6c99c6f9 tests: disable PIN detection, all PIN uses must be explicit 2020-06-04 16:18:46 +02:00
matejcik
4771d2c233 tests: fix test suite for softlock 2020-06-04 16:18:46 +02:00
matejcik
6069173252 python/debuglink: clean out debuglink methods 2020-06-04 16:18:46 +02:00
matejcik
5209804fc3 core: relax path checks on GetPublicKey
(cherry picked from commit 554d8949f5)
2020-05-27 06:58:30 +00:00
matejcik
554d8949f5 core: relax path checks on GetPublicKey 2020-05-27 08:56:50 +02:00
Tomas Susanka
610dedca74 tests/signing: fix mixed inputs test 2020-05-24 14:36:38 +00:00
Andrew Kozlik
7b94cbee54 tests: Fix fake amount attack in test_msg_signtx_segwit to account for segwit transaction streaming. 2020-05-24 14:36:37 +00:00
matejcik
cbc0ceff06 tests: use valid prev_hash in attack test 2020-05-24 14:36:37 +00:00
matejcik
d4390f78a4 tests: add request_meta queries (needed for transaction streaming) 2020-05-24 14:36:37 +00:00
matejcik
4bc0289601 tests: update komodo test with optional message feature 2020-05-24 14:36:37 +00:00
matejcik
396a509725 tests: update bgold test with actual transactions 2020-05-24 14:36:37 +00:00
matejcik
7a3637d5b0 core/sign_tx: add checks for version_group_id and branch_id fields 2020-05-24 14:36:37 +00:00
matejcik
d804680552 tests: simplify code of test_msg_signtx
Instead of a function generating the expected_responses, introduce
shortcuts (request_input, request_output...) so that the static
expected_responses are more readable.

Also introduce the possibility to include conditional responses (e.g.,
seen only on trezor-core)

WIP
2020-05-24 14:36:37 +00:00
Tomas Susanka
f34e2382fa tests: add segwit attack test for mixed inputs 2020-05-24 14:36:37 +00:00
Tomas Susanka
9dfc08ca61 core/bitcoin: drop decred_script_version 2020-05-21 19:14:39 +02:00
matejcik
2f665c8f84 core: add exception to GetPublicKey for PSBT master fingerprint (fixes #999) 2020-05-21 13:26:53 +02:00
Tomas Susanka
3a3965af9b tests/bitcoin: test segwit/non-segwit input mixing 2020-05-18 14:31:51 +02:00
matejcik
29db769185 tests: update test vectors to use correct paths 2020-05-15 14:08:29 +02:00
Tomas Susanka
20d66adddd core: disable passphrase_always_on_device when turning off passphrase 2020-04-28 14:54:18 +02:00
matejcik
bc926a2dd5 tests: convert signtx tests to use request_* shortcuts for readability 2020-04-25 18:27:29 +02:00
matejcik
feaaaf8973 tests: simplify code of test_msg_signtx
Instead of a function generating the expected_responses, introduce
shortcuts (request_input, request_output...) so that the static
expected_responses are more readable.
2020-04-25 18:27:29 +02:00
Tomas Susanka
a0c8f8f00e tests/signing: add more tests for incorrect script type 2020-04-24 17:19:33 +00:00
matejcik
5885978c83 Merge branch 'release/2020-04' 2020-04-15 15:00:23 +02:00
matejcik
1b50877545 tests: streamline TrezorFailure exception usage 2020-03-26 11:30:06 +01:00
matejcik
b440ca1ec5 python: drop deprecated name CallException 2020-03-26 11:30:06 +01:00
matejcik
9a330f3475 python: unify protobuf-encoding code paths
Protobuf encoding now happens in TrezorClient, and transports get encoded blobs
to (chunkify and) send.  This is a better design because transports don't need
to know about protobuf.

It also lays groundwork for sending raw bytes feature (#116)

This commit also removes all vestiges of ProtocolV2 which was never used and
will probably need to be redesigned from the ground up anyway. The code is
still ready for protocol flexibility.
2020-03-26 11:30:06 +01:00
matejcik
9d29952a15 python: move out deprecated ckd_public 2020-03-26 11:30:06 +01:00
matejcik
325dae890e python: completely drop trezorlib.coins and trezorlib.tx_api 2020-03-26 11:30:06 +01:00
matejcik
b3569a53e6 tests: update tx_cache usages 2020-03-26 11:30:06 +01:00
Tomas Susanka
ae4f927a45 tests: test incorrect script type 2020-03-20 14:19:31 +00:00
matejcik
da89a17ce5 all: add checks for prev_hash size 2020-03-20 14:19:31 +00:00
Tomas Susanka
71a39bc0d7 legacy: check inputs' and outputs' script types 2020-03-20 14:19:30 +00:00
matejcik
ffdb299c61 all: drop Capricoin support [NO BACKPORT] 2020-03-20 14:19:30 +00:00
matejcik
adea7d6b35 all: make timestamp mandatory on timestamp-enabled coins 2020-03-20 14:19:07 +00:00
matejcik
ed464f3d47 all: ensure expiry, timestamp and extra_data are blocked as appropriate 2020-03-20 14:18:27 +00:00
matejcik
27803ee8c1 all: drop overwintered field from transaction 2020-03-20 14:18:27 +00:00
matejcik
303c05aba7 core/sign_tx: check if prev_tx has enough outputs to match prev_index 2020-03-20 14:17:44 +00:00
Andrew Kozlik
c98592050b tests: Fix multisig input replacement attack to check correct behavior during the signing phase. 2020-03-20 14:17:44 +00:00
Tomas Susanka
350a67d9a7 tests: test multisig input replacement attack 2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
bbb44405ad tests/singing: mixed inputs in bitcoin gold 2020-03-20 14:17:44 +00:00
Tomas Susanka
8a0a38f948 tests/singing: mixed inputs 2020-03-20 14:17:44 +00:00
Tomas Susanka
f0a39df75d core/wallet: check inputs and outputs right after receiving them 2020-03-20 14:17:44 +00:00
Tomas Susanka
a513f7429b legacy: forbid unnecessary fields in OPRETURN output 2020-03-20 14:17:44 +00:00
Tomas Susanka
4af9aa547e core: forbid unnecessary fields in OPRETURN output 2020-03-20 14:17:44 +00:00
Andrew Kozlik
d800fcbf9f core/sign_tx: If there is a non-multisig input, then change output cannot be multisig.
(cherry picked from commit 8eb6ce0899)
2020-03-20 14:17:44 +00:00
matejcik
a978435819 tests: update SD card test 2020-03-20 14:03:28 +01:00
Andrew Kozlik
8ee0026637 core: Allow PIN entry even when SD protect is enabled and the card is not present. 2020-03-19 15:04:33 +01:00
Andrew Kozlik
b2dc5813fe legacy, tests: Check for invalid PIN. 2020-03-17 11:53:48 +01:00
Tomas Susanka
ad25096f90 tests: test reset device also with another strengths 2020-03-13 10:12:50 +00:00
matejcik
5b7d11e4ee tests: remove explicit timeouts from test suite 2020-03-09 10:31:17 +01:00
matejcik
7f91bc571c core: ensure default task restarts after a passphrase workflow (fixes #883) 2020-02-28 15:55:40 +01:00
matejcik
d7b9582386 core/sdcard: add ensure_filesystem option (fixes #868)
It is possible to call `ensure_sdcard` in a way that requires only SD
card be inserted, but not necessarily formatted.

This is useful for SD-protect and possibly other use-cases where the SD
card is read-only, and "not formatted" is identical to "not containing
the right files".
2020-02-24 13:28:44 +01:00
matejcik
8fed67de08 tests: expand on multi-session tests 2020-02-21 14:40:42 +01:00
Tomas Susanka
6c47bf8230 core: store multiple sessions/caches at the same time 2020-02-21 14:40:42 +01:00
Pavol Rusnak
562671401e
Merge pull request #860 from trezor/prusnak/multisig-show-yours-others
core: show yours/others in get_address for multisig
2020-02-20 13:49:13 +01:00
matejcik
5523c7bbef tests: add SD card format feature tests 2020-02-20 12:51:48 +01:00