Andrew Kozlik
173bb7ed13
core/bitcoin: Replace TxInputType parameter in input_derive_script.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
a901573ea2
core/bitcoin: Move script types from helpers to common.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
3b6c1e5e6b
core/crypto: Add functions for verifying DER encoded signatures.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
9459c5a5c2
core/common: Add BytearrayReader and basic reader functions.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
99f01cd316
core/sign_tx: Check script_pubkeys of inputs.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
cc655575c8
common: Add witness field to TxInputType.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
872768928b
core/crypto: Fix endianity in DER length encoding.
2020-07-03 11:17:19 +02:00
Andrew Kozlik
e7f230d66e
core/sign_tx: Use varint length encoding for witness stack items.
2020-07-03 11:17:19 +02:00
Tomas Susanka
3a3e5739b0
core, legacy: update changelogs
2020-07-02 09:09:34 +00:00
Tomas Susanka
fc9eb63114
core: add previous commit to changelog
2020-07-01 17:37:47 +00:00
Tomas Susanka
0f9a2459d3
core: make QR code smaller for Monero
2020-07-01 17:20:04 +00:00
Tomas Susanka
ca3dd2bfb9
common: skip deprecated fields during generation; deprecate overwintered field in Zcash
2020-06-30 16:02:21 +02:00
matejcik
e6e3043096
all: implement support for pre-overwinter prevtx ( fixes #1030 )
2020-06-30 15:19:31 +02:00
Andrew Kozlik
f382f77c89
core/ui: Fix repaint bug in QR code rendering #1067 .
2020-06-25 12:25:41 +02:00
Tomas Susanka
e534ae3ad7
legacy, core: rename Features.pin_cached to unlocked and unify
2020-06-19 21:26:36 +02:00
Tomas Susanka
b6c8cbc24c
core: add 'initialized' to changelog
2020-06-16 11:31:29 +02:00
Tomas Susanka
a6acefbdf5
core: wipe before reset and recovery; introduce 'intialized' field
2020-06-16 11:31:29 +02:00
Andrey
1eeaa1e5cf
Enable extra_data for Zcoin. Changed coininfo.py
2020-06-15 09:53:00 +02:00
Tomas Susanka
b67be7dd9e
core: forbid all settings if not initialized
2020-06-11 18:47:01 +02:00
Tomas Susanka
f8b2f0bb7b
changelogs: change also bootloader changelogs to the new format
2020-06-11 15:48:38 +00:00
Tomas Susanka
9979af3cd2
changelogs: start using more detailed changelog
2020-06-11 17:43:40 +02:00
Tomas Susanka
981d079d7f
core/signverify: add failsafe for an empty message header
2020-06-11 09:08:50 +02:00
Tomas Susanka
56fe5adcfc
Merge branch 'release/2020-06'
2020-06-10 06:51:18 +00:00
Andrew Kozlik
d1690f4317
core/tools: fix pixel-perfect mode for centered text in dialog-designer
2020-06-09 13:31:42 +02:00
Pavol Rusnak
179645e3ad
core: unify usage of TREZOR_MODEL
2020-06-06 21:06:15 +02:00
Ondrej Mikle
c877dc8dd6
core: port storage to T1
2020-06-06 21:06:15 +02:00
Pavol Rusnak
2815b62838
core/tools: implement "pixel-perfect" mode for dialog-designer tool
2020-06-05 14:11:59 +00:00
Pavol Rusnak
5262ef84cf
common/defs/fido: add aws and tutanota
2020-06-05 14:53:13 +02:00
Andrew Kozlik
9c61257e8e
core: Use the Lock icon in the PIN entry dialog only when the device is actually locked.
2020-06-05 11:52:56 +02:00
Pavol Rusnak
5ed64a0736
core/tools: refactor dialog-designer tool
2020-06-04 21:39:47 +02:00
Pavol Rusnak
d9d5511858
core/tools: add quick'n'dirty dialog-designer tool
2020-06-04 19:56:42 +02:00
matejcik
7579ac5274
core: fix rendering issues in homescreens
2020-06-04 16:18:46 +02:00
matejcik
9df7c84c56
core/ui: lower lockscreen brightness
2020-06-04 16:18:46 +02:00
matejcik
8fa7684a9c
core: set a scheduler-safe maximum for autolock
2020-06-04 16:18:46 +02:00
matejcik
872e0fb0e0
core: lower scheduler resolution to milliseconds
...
This avoids problems with large timeouts causing the scheduler queue to
think the time counter has overflown, and ordering the autolock task before
immediate tasks.
The maximum reasonable time difference is 0x20000000, which in
microseconds is ~8 minutes, but in milliseconds a more reasonable ~6
days.
2020-06-04 16:18:46 +02:00
matejcik
847691798b
core: simplify homescreen and lockscreen implementations
2020-06-04 16:18:46 +02:00
matejcik
4bc865794f
core: only unlock storage if it is locked (solves determinism issue in tests)
2020-06-04 16:18:46 +02:00
matejcik
ffa7790ed5
core: start USB after booting apps
...
This prevents a race condition where sometimes an Initialize message
could arrive before the homescreen was fully booted -- and Recovery
homescreen would cancel it as part of its bootup sequence.
2020-06-04 16:18:46 +02:00
matejcik
70f67883c5
core: fix artifacts in click-based UI tests
2020-06-04 16:18:46 +02:00
matejcik
a9d8fd3992
core: debuglink interface avoids workflow management
...
This will have unintended consequences if you call a wirelink function
on the debulink interface. TT allows this ... and will behave badly.
2020-06-04 16:18:46 +02:00
matejcik
bc9247e18d
core: add Cancel to a list of allowed messages while locked
2020-06-04 16:18:46 +02:00
matejcik
f32c2f9e23
core: replace workflow.kill_default with workflow.close_others
2020-06-04 16:18:46 +02:00
matejcik
01832d5ae9
core: call close_others() in place of ButtonRequest
...
this makes sense, really: close_others() requests UI exclusivity, and
that is something that generally happens at the same places we emit a
ButtonRequest
2020-06-04 16:18:46 +02:00
matejcik
6f53ca0ac6
core: rework wait_layout()
...
The original wait_layout was unreliable, because there are no guarantees
re order of arrival of the respective events. Still, TT's event handling
is basically deterministic, so as long as the host sent its messages
close enough to each other, the order worked out.
This is no longer the case with the introduction of loop.spawn: TT's
behavior is still deterministic, but now ButtonAck is processed *before*
the corresponding wait_layout, so the waiting side waits forever.
In the new process, the host must first register to receive layout
events, and then receives all of them (so the number of calls to
wait_layout must match the number of layout changes).
DebugLinkWatchLayout message must be version-gated, because of an
unfortunate collection of bugs in previous versions wrt unknown message
handling; and this interests us because upgrade-tests are using
wait_layout feature.
2020-06-04 16:18:46 +02:00
matejcik
5d823ff5ea
core: use ButtonRequestType.PinEntry for PIN entry
2020-06-04 16:18:46 +02:00
matejcik
bbfce4e303
common: introduce ButtonRequestType.PinEntry
2020-06-04 16:18:46 +02:00
matejcik
3dbd9c9eca
core/loop: prevent finalizers from doing things when task is closed externally
2020-06-04 16:18:46 +02:00
matejcik
42e7c43c7c
core: make sure that auto-lock shuts down running workflows
2020-06-04 16:18:46 +02:00
matejcik
2d0206c043
core: replace workflow.on_start/on_close with workflow.spawn
2020-06-04 16:18:46 +02:00
matejcik
02565f3bfb
core/loop: introduce spawn syscall
2020-06-04 16:18:46 +02:00
matejcik
a4f47ddd21
core/lockscreen: ignore exception when user taps "unlock" and then cancels
2020-06-04 16:18:46 +02:00
matejcik
7ff1251ee1
core: dim lockscreen ( fixes #974 )
2020-06-04 16:18:46 +02:00
matejcik
4035aad51b
core: implement auto-lock after a configurable timeout ( fixes #75 )
2020-06-04 16:18:46 +02:00
matejcik
67b723e4ca
core: add a global idle timer
2020-06-04 16:18:46 +02:00
Andrew Kozlik
5469acfabf
core/webauthn: Cache user verification for 3 minutes.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
b867ac1d01
core/webauthn: Implement FIDO2 unlocking from softlock.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
0f81886c9f
core/webauthn: Allow confirm_dialog() to return a new state as an alternative to the user response.
2020-06-04 16:18:46 +02:00
Andrew Kozlik
c8ae5c157e
core/webauthn: Implement U2F unlocking from softlock.
2020-06-04 16:18:46 +02:00
matejcik
06aed7135a
core: do not prompt for PIN just to lock the device again
2020-06-04 16:18:46 +02:00
matejcik
2cedc687e6
core: disable trezor-crypto BIP32 cache
2020-06-04 16:18:46 +02:00
matejcik
246998910a
core: refactor usage of input_signals
...
this prevents a certain class of UI test failure. It also localizes the
use of debuglink signals into the layout classes instead of call sites,
which is a design we were already using for confirm_signals
2020-06-04 16:18:46 +02:00
matejcik
afeeafd5cd
core: hide some fields when softlocked
2020-06-04 16:18:46 +02:00
matejcik
b9bd9ea3d0
core: only softlock when PIN is set
2020-06-04 16:18:46 +02:00
matejcik
a9ddc2a8e2
core/boot: modify initial lockscreen label
2020-06-04 16:18:46 +02:00
matejcik
09af8aed4e
core: consider lockscreen to be a separate homescreen
...
this involves some changes to the workflow defaults:
* workflow.start_default() takes no arguments
* workflow.set_default() (originally replace_default) configures the
default that will be started by next call to start_default().
The intended usecase is to set_default() first and then start it
separately.
* apps.base.set_homescreen() factors out the logic originally in
main.py, that decides which homescreen should be launched. This uses
set_default() call. start_default() is then used explicitly in main.py
2020-06-04 16:18:46 +02:00
matejcik
d73480bc9d
core: introduce PIN soft-locking
2020-06-04 16:18:46 +02:00
matejcik
04c8b2803d
core: refactor homescreen app, include lockscreen in it
2020-06-04 16:18:46 +02:00
matejcik
9197623d83
core: factor out the decision whether to lock the device
2020-06-04 16:18:46 +02:00
matejcik
0600d87c8c
common: rename ClearSession to LockDevice, introduce EndSession
2020-06-04 16:18:46 +02:00
matejcik
32fcc4ad9c
core: make verify_user_pin accept a Context argument
2020-06-04 16:18:46 +02:00
matejcik
8ca7ffc3b8
core: use wire.PinCancelled/PinInvalid instead of custom versions
...
also refactor show_pin_invalid and its usages so that it raises directly
note that we are now using PinCancelled instead of ActionCancelled where
appropriate
2020-06-04 16:18:46 +02:00
matejcik
eabfcab9b9
core: add default messages to some error codes
2020-06-04 16:18:46 +02:00
matejcik
341c5b7d10
core/wire: make handler lookup pluggable
2020-06-04 16:18:46 +02:00
matejcik
837c4df61f
core: expose storage_is_unlocked() as config.is_unlocked()
2020-06-04 16:18:46 +02:00
matejcik
87433995b0
core: add BITCOIN_ONLY to mock file
2020-06-04 16:18:46 +02:00
matejcik
d5e45c02bb
core: move base functions from "homescreen" app to "base"
2020-06-04 16:18:46 +02:00
Tomas Susanka
8859d103f4
core, legacy: bump versions
2020-06-03 15:39:25 +00:00
Tomas Susanka
e2629eb921
core, legacy: update Changelogs to reflect the release
2020-06-03 15:35:30 +00:00
matejcik
bd5b3a3f21
common: drop Theta and VeChain ERC tokens, refresh market caps
...
fixes #1022
fixes #1023
2020-05-29 12:12:30 +02:00
matejcik
5209804fc3
core: relax path checks on GetPublicKey
...
(cherry picked from commit 554d8949f5
)
2020-05-27 06:58:30 +00:00
matejcik
554d8949f5
core: relax path checks on GetPublicKey
2020-05-27 08:56:50 +02:00
matejcik
d59ffe553f
make gen
2020-05-25 16:14:05 +02:00
Ondřej Vejpustek
24ceb0ab6b
crypto/bignum: change limb size to 29, add tests
2020-05-24 14:36:38 +00:00
Andrew Kozlik
cb32ae2e4b
core/tests: add request_meta queries to unit tests (needed for transaction streaming)
2020-05-24 14:36:38 +00:00
Andrew Kozlik
42eddf8e04
core/sign_tx: validate prevout amount in all cases
2020-05-24 14:36:38 +00:00
Andrew Kozlik
7db3e930d4
core/sign_tx: Add further message sanitization checks.
2020-05-24 14:36:37 +00:00
matejcik
72ef86d79a
all: enable extra_data for komodo
2020-05-24 14:36:37 +00:00
matejcik
7a3637d5b0
core/sign_tx: add checks for version_group_id and branch_id fields
2020-05-24 14:36:37 +00:00
Ondrej Mikle
b01b24f090
core: change startup firmware file from .s to .S which enables preprocessing and fixes TT boot
2020-05-24 12:28:38 +02:00
Tomas Susanka
675ff459db
core, legacy: update changelogs
2020-05-22 11:55:55 +00:00
Tomas Susanka
9dfc08ca61
core/bitcoin: drop decred_script_version
2020-05-21 19:14:39 +02:00
matejcik
eeb46eabca
common: refresh token list
2020-05-21 13:29:13 +02:00
matejcik
2f665c8f84
core: add exception to GetPublicKey for PSBT master fingerprint ( fixes #999 )
2020-05-21 13:26:53 +02:00
Ondrej Mikle
10f0f107e0
core: Adds T1 core port FW flashing options for for openocd and jlink
2020-05-21 10:05:12 +02:00
Ondrej Mikle
0d65d684f0
core: T1 port can run on T1 bootloader with MEMORY_PROTECT=0
2020-05-21 08:49:59 +02:00
Tomas Susanka
a2f790167d
core/bitcoin: fix step 1 and 2 comments in signing
2020-05-19 12:58:45 +00:00
Tomas Susanka
1ac0f60550
core: update isort config to place relative imports last
2020-05-18 14:31:51 +02:00
Tomas Susanka
aa115b6320
core: move decred writers to decred.py
2020-05-18 14:31:51 +02:00
Tomas Susanka
3084ee1eed
core/bitcoin: move write_bitcoin_varint to common writers
2020-05-18 14:31:51 +02:00
Tomas Susanka
445f56d387
core/bitcoin: finalize bitcoin refactor
...
- core/bitcoin: move common files to the app's root
- core/bitcoin: use require_confirm instead of confirm
- core: move bitcoin unrelated functions from 'bitcoin' to a new 'misc' app
- core/bitcoin: use relative imports inside the app
- core: rename wallet app to bitcoin
- core/wallet: replace SigningErrors and the other exception classes with wire.Errors
2020-05-18 14:31:51 +02:00
matejcik
aa52fc3903
core/extmod: drop unused rfc6979 module
2020-05-18 14:31:00 +02:00
matejcik
050936d0d7
core: enable finalizers on extmod classes
2020-05-18 14:31:00 +02:00
matejcik
123b07e3ad
core: drop support for pre-registering keychain namespaces
2020-05-15 16:30:41 +02:00
matejcik
3e06f4779a
core/tests: add new keychain tests
2020-05-15 14:08:29 +02:00
matejcik
de9e73dcbc
core/tests: update unit tests for new keychain API
2020-05-15 14:08:29 +02:00
matejcik
f3f6e2101a
core/cardano: explanation about seed derivation
2020-05-15 14:08:29 +02:00
matejcik
a31b2cd1bc
core/wallet: implement keychain for apps.wallet
2020-05-15 14:08:29 +02:00
matejcik
0dff3853a7
core/ethereum: introduce custom keychain decorators
2020-05-15 14:08:29 +02:00
matejcik
b594248ac2
core: use new keychain decorators where appropriate
2020-05-15 14:08:29 +02:00
matejcik
fd9e945308
core/cardano: use caching decorators and new Keychain API for Cardano as well
2020-05-15 14:08:29 +02:00
matejcik
7541d529a3
core: refactor keychain API, introduce SLIP44 decorator
2020-05-15 14:08:29 +02:00
matejcik
8c4cb58098
core: introduce caching decorators
2020-05-15 14:08:29 +02:00
matejcik
63dfcb17a7
core: make mypy happy about importing fatfs
2020-05-15 14:08:29 +02:00
matejcik
7f2e7b0003
core: add Ethereum constants to mocks
2020-05-15 14:08:29 +02:00
Pavol Rusnak
6704ed86a1
Merge pull request #995 from trezor/omikle/t1-core-port
...
core port to Trezor One
2020-05-14 16:48:18 +02:00
Ondrej Mikle
7eddafe487
core: better formatting for common parts of T1 and TT header
2020-05-14 16:10:42 +02:00
Ondrej Mikle
c4c341b3f9
core: setup stack when running core on T1
2020-05-14 12:46:25 +02:00
Dusan Klinec
6b8fc9c894
xmr: major protocol upgrade, CLSAG support added
...
- CLSAG signature scheme added
- type hints added
xmr: optimize protocol, send only required data
- real_out_additional_tx_keys contains only one element as nothing more is needed during signature
- only src_entr.outputs[index] is HMACed and always present. Other outputs are present only if needed which reduces comm and CPU overhead.
- getting rid of subaddresses dictionary (memory requirements), now subaddr indices are present per source entry so keys are computed when needed
xmr: prepare for permutation sending removal, specify index
- specify source entry ordering index prior sorting by key images as original HMAC keys are generated based on these.
- permutation checked just by valid HMACs, size of the set, key image sort order
- sending permutation is now deprecated, will be removed in the following protocol versions
- more strict state transition checks, guard strict check with respect to steps ordering
2020-05-13 11:13:19 +02:00
Tomas Susanka
25d2d130a0
tests: use maxfail
option for fido2 tests
2020-05-12 09:48:23 +00:00
Ondrej Mikle
fb5a220b46
core: use legacy sign script for T1 core port binary to be flashable
2020-05-11 18:05:46 +02:00
Ondrej Mikle
e429085e96
core: copy firmware header for T1 port into final binary
2020-05-11 17:33:47 +02:00
Ondrej Mikle
d8115a7992
core: firmware header for T1 port
2020-05-11 15:43:43 +02:00
Tomas Susanka
53c43ac305
core/tests: initialize emu with slip14 before running fido2 test suite
2020-05-06 14:36:04 +00:00
Andrew Kozlik
3de565c33c
core/sign_tx: In write_tx_header() rename has_segwit parameter to witness_marker and clarify usage.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
846116a666
core/sign_tx: Improve comments.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
7370077d0c
core/sign_tx: Get rid of internal TxOutputBinType messages.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
9f9618944a
core/sign_tx: Explicitly pass script to write_tx_input() instead of setting it in txi.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
04bdf1dc6c
core/sign_tx: Remove unused index parameters.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c9814e50ba
core/sign_tx: Set decred_script_version to 0 by default for decred coins.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
dccf415e0b
core/sign_tx: Add write_tx_output() to signer class and override it in Decred.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
bdd1d25979
core/sign_tx: Require change-outputs to be for a non-zero amount.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d5faeb3f51
core/sign_tx: Clarify sign_nonsegwit_input().
2020-05-06 13:18:32 +02:00
matejcik
9005093435
core/sign_tx: improve documentation on MatchCheckers
2020-05-06 13:18:32 +02:00
matejcik
0209768ff2
core/sign_tx: improve type hints
2020-05-06 13:18:32 +02:00
matejcik
ff41e5c304
core/sign_tx: improve signer selection readability
2020-05-06 13:18:32 +02:00
Andrew Kozlik
8b89a30955
core/sign_tx: Remove get_prevouts_hash(), get_sequence_hash(), get_outputs_hash() methods from signer classes, because they are only used internally.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
22933587be
core/sign_tx: Merge bip143 classes into signer classes.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
6ad3baeab2
core/sign_tx: Refactor BIP-143 signing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d58cd3987b
core/sign_tx: Minor updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be39f271b0
core/sign_tx: Rework transaction footer writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
b60f267da9
core/sign_tx: Rework transaction header writing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c1effcc374
core/sign_tx: Updates based on code review.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c2a0f83558
core/sign_tx: Move script derivation to scripts module.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
d0b80bddc8
core/tests: Fix unit tests after sign_tx refactor.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
be7e98aa47
core/sign_tx: Move Bitcoin class to bitcoin.py.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
a07e125793
core/sign_tx: Consolidate wallet path and multisig fingerprint checking.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
27e6720f3d
core/sign_tx: cleanup
2020-05-06 13:18:32 +02:00
Andrew Kozlik
987b70f1f5
core/sign_tx: Move header prepending up by one level.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
2ceb091d68
core/sign_tx: Use a preallocated buffer for transaction serialization.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
555259d6a9
core/sign_tx: Remove last_output_bytes in Decred, which is no longer needed.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
f1801764a1
core/sign_tx: Fix segwit/non-segwit input interleaving bug.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
514f2ac649
core/sign_tx: Refactor to use template method.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
95fad83024
core/sign_tx: Derive Zip143 and DecredPrefixHasher from Bip143.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
e9900df18d
core/sign_tx: Move Overwintered class to zcash.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
60dbec95ac
core/sign_tx: Reuse get_prevtx_output_value() in Decred.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
2b74513e49
core: Fix mypy.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
50c08274b9
core/sign_tx: Move overwintered functionality to separate class.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
c190eed7fc
core/sign_tx: Move non-Bitcoin functionality to Bitcoinlike class.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
613c81ea66
core/sign_tx: Refactor wallet_path functions and input_check_multisig_fingerprint.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
0d9984671e
core/sign_tx: Fix typing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
79c60615de
core: Fix typing.
2020-05-06 13:18:32 +02:00
Andrew Kozlik
ba8b34b2d7
core: Refactor signing.
2020-05-06 13:18:32 +02:00
Pavol Rusnak
066866488b
core: add temporary "src1" folder
2020-05-04 16:00:29 +00:00
matejcik
a623799a11
core: remove f-strings from headertool (python 3.5 compatibility)
2020-05-04 11:29:03 +02:00
Pavol Rusnak
25cc836660
core/extmod: fix build of modtrezorui when TREZOR_MODEL is set to '1'
2020-04-30 15:07:26 +00:00
Tomas Susanka
20d66adddd
core: disable passphrase_always_on_device when turning off passphrase
2020-04-28 14:54:18 +02:00
Tomas Susanka
47f104bceb
core, legacy: bump versions
2020-04-24 17:12:20 +00:00
Pavol Rusnak
4b5a84eab7
core+legacy: update changelogs
2020-04-16 14:20:18 +02:00
Ondřej Vejpustek
c461692f3a
core: implement random delay interrupts
2020-04-16 11:51:28 +02:00
Ondřej Vejpustek
d5bfe6b32f
crypto: add chacha_drbg
2020-04-16 11:51:28 +02:00
matejcik
72cde5a57d
core: disallow parsing options after command ( fixes #951 )
2020-04-16 11:24:15 +02:00
matejcik
5885978c83
Merge branch 'release/2020-04'
2020-04-15 15:00:23 +02:00
Andrew Kozlik
9e4a8ca785
core/webauthn: Improve error codes for uninitialized device. Return ERR_OPERATION_DENIED only upon user decline or timeout, otherwise it cancels the operation on all connected authenticators.
2020-04-14 12:24:17 +02:00
matejcik
2ccebd3175
core: raise SystemExit when exitting emulator (now that sys.exit is removed)
2020-04-14 10:17:37 +02:00
matejcik
4bddeefea0
core: unify mpconfigports for emulator and board
...
Changes in firmware/mpconfigport.h are minimal:
* $VFS_FAT is dropped because it is irrelevant without $VFS
* $REVERSE_SPECIAL_METHODS is added, to push down on code size
* $THREAD is disabled unconditionally
unix/mpconfigport.h is reordered and modified to match
firmware/mpconfigport.h as much as possible, while selectively enabling
some needed features.
Notably, $USE_READLINE is enabled unconditionally
2020-04-14 10:17:37 +02:00
matejcik
d0f709b8cc
core: fix and use MAKEMODULEDEFS instead of explicit registration
2020-04-14 10:17:37 +02:00
matejcik
a6976355c3
core: remove readline from built firmware
2020-04-14 10:17:37 +02:00
Dusan Klinec
25b6e9058f
xmr: proto - add fields for protocol optimization
2020-04-13 22:19:56 +02:00
Andrew Kozlik
bc4e8eaa16
core/webauth: Update readme with Ed25519 algorithm and certificates.
2020-04-09 21:05:28 +02:00
Pavol Rusnak
197218338a
Merge pull request #936 from trezor/rework-serialize-deserialize
...
crypto: rework serialize/deserialize API
2020-04-09 09:53:23 +02:00
matejcik
eec0615444
core: drop sys.pyi from mocks ( fixes #934 )
...
A change introduced in mypy 0.770 disallows overriding some system
modules, including `sys`.
We only need the override for `sys.print_exception`, and the simplest
solution is to make mypy ignore that particular call.
2020-04-08 11:19:26 +02:00
Andrew Kozlik
c57bc62a05
core/tools: Add attestation certificate generator for FIDO2.
2020-04-06 18:29:05 +02:00
Andrew Kozlik
fca92d7344
core/webauthn: Update attestation certificate to comply with WebAuthn requirements.
2020-04-06 18:29:05 +02:00
Pavol Rusnak
a7806d08d7
core/crypto: remove unused bip32.deserialize function
2020-04-06 18:04:24 +02:00
Pavol Rusnak
1695228d80
core/crypto: remove unused serialize_private function
2020-04-06 15:49:36 +00:00
Pavol Rusnak
f07ff17fad
core/crypto: add missing field to Blake2b constructor
2020-04-06 12:28:36 +00:00
Andrew Kozlik
25a39ea729
core/webauthn: Fix handling of interleaving frames to comply with the U2F HID specification.
2020-04-06 09:53:42 +02:00
jagdeep sidhu
e58c5f63d5
common/defs: update SYS ( #928 )
2020-04-02 00:22:47 +02:00
Tomas Susanka
0b7a8449f8
core: style
2020-03-30 16:04:05 +00:00
Tomas Susanka
bf20537f41
core: add option to omit cancel button in HoldToConfirm; add it to reset
2020-03-30 16:00:12 +00:00
Pavol Rusnak
336a417233
core/bootloader: distinguish between a vendor change and downgrade with wipe
2020-03-25 15:15:12 +01:00
Andrew Kozlik
8ae0535e69
core/webauthn: Fix attestation statement format to use a list in the x5c field.
2020-03-24 16:18:37 +01:00
Tomas Susanka
aa71c20f2c
core: require hold to confirm
2020-03-24 09:20:10 +00:00
Ondrej Mikle
634ed5aabc
core: commands for flashing via JLink ( #911 )
2020-03-23 10:40:06 +01:00
Tomas Susanka
025436db47
core/changelog: add FIDO2's Ed25519
2020-03-23 08:00:31 +00:00
Tomas Susanka
f786d75a6f
core: drop obsolete check for ANYONECANSPEND segwit outputs
2020-03-20 14:19:31 +00:00
Tomas Susanka
d0d41c884e
legacy: move script type checks to separate functions and unify with core
2020-03-20 14:19:31 +00:00
matejcik
bd9e15bb8c
core/tests: add unit tests for prevhash writers
2020-03-20 14:19:31 +00:00
matejcik
a9faa4d4ab
core/tests: fix inline variant of assertRaises
...
otherwise code like the following would fail:
>>> self.assertRaises(AssertionError, ensure, False)
because the AssertionError raised internally by `ensure` would be
conflated with the AssertionError raised by the tested function
2020-03-20 14:19:31 +00:00
matejcik
da89a17ce5
all: add checks for prev_hash size
2020-03-20 14:19:31 +00:00
matejcik
c15519f707
core/sign_tx: modify get_tx_header to avoid writing unchecked bytes
2020-03-20 14:19:31 +00:00
matejcik
9cab61fbd3
core/sign_tx: remove write_bytes_unchecked where appropriate
2020-03-20 14:19:31 +00:00
matejcik
27f6306e1d
core: introduce safer write_bytes functions
2020-03-20 14:19:30 +00:00
matejcik
9a5f6b025a
core/tezos: factor out writing Michelson instructions
2020-03-20 14:19:30 +00:00
matejcik
694f714719
core/ripple: rename write_bytes to avoid name collision
2020-03-20 14:19:30 +00:00
Tomas Susanka
64584e271c
legacy, core: add and unify validation checks
2020-03-20 14:19:30 +00:00
matejcik
ffdb299c61
all: drop Capricoin support [NO BACKPORT]
2020-03-20 14:19:30 +00:00
matejcik
adea7d6b35
all: make timestamp mandatory on timestamp-enabled coins
2020-03-20 14:19:07 +00:00
matejcik
e2035b4972
all: drop Horizen and BIP-115 support [NO BACKPORT]
2020-03-20 14:19:07 +00:00
matejcik
6f9c6361ea
core: remove negative_fee and cashaddr_prefix from bitcoin-only fw
2020-03-20 14:18:27 +00:00
matejcik
7d5771911c
core: flip condition for force_bip143
...
this should be equivalent because Bitcoin does not have force_bip143 set
2020-03-20 14:18:27 +00:00
matejcik
ed464f3d47
all: ensure expiry, timestamp and extra_data are blocked as appropriate
2020-03-20 14:18:27 +00:00
matejcik
27803ee8c1
all: drop overwintered field from transaction
2020-03-20 14:18:27 +00:00
matejcik
c9fd3f77a5
all: add overwintered field to coin specification
2020-03-20 14:18:27 +00:00
Pavol Rusnak
817b922850
all: add extra_data and timestamp fields to coin specification
2020-03-20 14:18:27 +00:00
matejcik
136307bcae
core: propagate coin info to all sanitize functions
2020-03-20 14:17:44 +00:00
matejcik
303c05aba7
core/sign_tx: check if prev_tx has enough outputs to match prev_index
2020-03-20 14:17:44 +00:00
Andrew Kozlik
a34637c0f2
core/sign_tx: Check multisig fingerprint before signing inputs.
2020-03-20 14:17:44 +00:00
Tomas Susanka
163220e4b7
core/wallet: properly check decred input
2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
6274cfdf8b
core: remove unreachable zcash code
2020-03-20 14:17:44 +00:00
Ondřej Vejpustek
d61181d7e8
core: fix transaction header for mixed segwit inputs
2020-03-20 14:17:44 +00:00
Tomas Susanka
f0a39df75d
core/wallet: check inputs and outputs right after receiving them
2020-03-20 14:17:44 +00:00
Tomas Susanka
0903159d9b
core, legacy: make sure OPRETURN ouput is not marked as change
2020-03-20 14:17:44 +00:00
Tomas Susanka
4af9aa547e
core: forbid unnecessary fields in OPRETURN output
2020-03-20 14:17:44 +00:00
Andrew Kozlik
d800fcbf9f
core/sign_tx: If there is a non-multisig input, then change output cannot be multisig.
...
(cherry picked from commit 8eb6ce0899
)
2020-03-20 14:17:44 +00:00
Andrew Kozlik
b3cd760df0
core/webauthn: Disable CTAPHID_WINK function.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
e5008eb332
core/webauthn: Remove indistinguishable credentials from the allow list.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
cda9de8dd1
core/webauthn: Add maxCredentialCountInList and maxCredentialIdLength to authenticatorGetInfo response.
2020-03-20 15:07:06 +01:00
Andrew Kozlik
0af0e06d5b
core/webauthn: Truncate names in credential data to at most 100 bytes.
2020-03-20 15:07:06 +01:00
matejcik
ccffefd667
core/boot: do not catch OSError in boot wait
2020-03-20 14:03:28 +01:00
matejcik
f6f041e269
core/sdcard: also catch OSError in the formatting phase
2020-03-20 14:03:28 +01:00
matejcik
3a71a5a05c
core/sdcard: show "Wrong SD card" when unlocking SD protect with unformatted card
2020-03-20 14:03:28 +01:00
matejcik
3789a3372b
core/sdcard: modify exception handling in fatfs
...
expose ff.c constants, raise them as arguments to FatFSError
introduce NotMounted and NoFilesystem as subclasses of FatFSError with
the appropriate error code set
2020-03-20 14:03:28 +01:00
Andrew Kozlik
8ee0026637
core: Allow PIN entry even when SD protect is enabled and the card is not present.
2020-03-19 15:04:33 +01:00
Andrew Kozlik
bfd834d1de
storage: Add storage_ensure_not_wipe_code().
2020-03-19 15:04:33 +01:00
Konnor Klashinsky
70a1f957ed
Fix BackupDevice layout on 18-word seed wallets
2020-03-13 13:41:04 +13:00
Andrew Kozlik
2f905a1157
core/webauthn: Add algorithm and curve to WebAuthnListResidentCredentials response.
2020-03-12 15:45:26 +01:00
Andrew Kozlik
f610787f8d
core/webauthn: Clean up bytes/bytearray typing around uctypes.
2020-03-12 15:45:26 +01:00
Andrew Kozlik
e378820f7f
core/webauthn: Implement support for Ed25519 signatures in FIDO2.
2020-03-12 15:45:26 +01:00
Pavol Rusnak
624b639ba8
Merge pull request #886 from trezor/onvej-sl/monero-optimizations-squashed
...
xmr/bp: memory optimizations and improvements, fixed style
2020-03-02 17:54:30 +01:00
Tomas Susanka
f8de140271
core: add cancel to hold to confirm dialogs
2020-03-02 13:58:41 +00:00
Dusan Klinec
2658e253fa
xmr/bp: memory optimizations and improvements
...
- different approach to vector manipulation - more on the fly operations. Prepared for fully offloaded operations, BP on Trezor with constant memory.
- memory requirements reduced from (4MN + const) to (2MN + const)
- more raw methods to avoid unnecessary encoding/decoding
- chunking improved, chunk size set as a constant, changed from 64 to 32, missing pieces implemented to cover also BP 16
- proof_v8 support discontinued, old hardfork, not needed anymore
- get_exponent register clash fixed (for large vectors)
- reduced heap fragmentation by removing some temporary allocations
- hashing with len and offset to reduce heap fragmentation by creating a sliced arrays
- use to() wherever possible to avoid allocations and return of mutable private object
- global functions start with _ prefix, reduce import footprint
- use __slots__ in classes to minimize footprint
2020-03-02 12:17:03 +01:00
Tomas Susanka
21676a0662
ore/tezos: better wording in delegation cancel
2020-03-02 08:49:34 +00:00
matejcik
7f91bc571c
core: ensure default task restarts after a passphrase workflow ( fixes #883 )
2020-02-28 15:55:40 +01:00
Tomas Susanka
5ee6e56f56
Merge pull request #880 from trezor/tsusanka/sign-verify-ui
...
Unify sign/verify message dialogs and fix text overflow
2020-02-28 15:47:48 +01:00
matejcik
bd9663af79
common/defs: update token reference, add new tokens to 2.3.0/1.9.0, regenerate coins_details
2020-02-27 19:13:17 +01:00
Tomas Susanka
86b010a18b
Merge pull request #878 from trezor/matejcik/fatfs-corruption
...
FatFS API rework
2020-02-27 15:58:38 +01:00
Tomas Susanka
c8b7d3fb56
core/changelog: SD card protection is part of 2.3.0
2020-02-27 13:57:48 +00:00
Tomas Susanka
a63e6fc4ef
core+legacy: update changelogs
2020-02-27 13:21:17 +00:00
Tomas Susanka
a8af9feebe
core: fix text overflow in some dialogs
2020-02-27 12:43:33 +00:00
Tomas Susanka
744c32991f
core: unify sign/verify functions
...
The UI records are modified because of two changes:
- Added a coin name to the Sign/Verify screen (ETH/Lisk).
- Unified to use mono.
2020-02-27 12:43:33 +00:00
Tomas Susanka
b317613d63
Merge pull request #874 from trezor/tsusanka/test
...
Use wire errors where applicable
2020-02-27 13:38:30 +01:00
Tomas Susanka
495a59c282
core: use wire errors instead of ValueErrors where applicable
2020-02-27 10:46:01 +00:00
matejcik
18ac4fc9ca
core: update Python facing APIs
2020-02-27 10:56:23 +01:00
matejcik
9ab84d2455
core/tests: thoroughly test modified APIs
2020-02-27 10:56:23 +01:00
matejcik
b24411b900
core/sdcard: unmount instance when powering off sdcard
2020-02-27 10:56:23 +01:00
matejcik
c81be584fb
core/fatfs: ensure functions can only be called on a mounted filesystem
...
ff.c has a lazy-mounting feature, where any filesystem call will mount
the volume if it can. This messes with predictability of the mounted
state, so all (except mount/unmount/mkfs) Python functions will first
check if the fs is mounted.
2020-02-27 10:56:23 +01:00
matejcik
fa746e2990
core/fatfs: rework low-level FatFS API
...
Instead of having possibly multiple FatFS objects, each with its own
`fs` struct, there is one global static fs_instance. This is to match
the mode of operation of ff.c, which assumes a global list of mounts,
and all functions operate on the global based on path.
Methods of FatFS were converted to functions on the fatfs module.
fatfs.unmount() does not call ff.c's unmount, but simply invalidates
fs_instance. This is basically what ff.c would do, except without
messing with ff.c's global list of mounts.
2020-02-26 14:18:41 +01:00
Pavol Rusnak
c896f02eb3
core/boardloader: use SRAM as SD card read buffer
...
because DMA can't access the CCMRAM
2020-02-25 17:59:16 +01:00
Andrew Kozlik
2133f7cf29
core: Prevent data loss when writing to USB VCP.
2020-02-25 12:08:07 +01:00
matejcik
b916072389
common: restore PassphraseAck.state
2020-02-24 15:15:09 +01:00
matejcik
d7b9582386
core/sdcard: add ensure_filesystem option ( fixes #868 )
...
It is possible to call `ensure_sdcard` in a way that requires only SD
card be inserted, but not necessarily formatted.
This is useful for SD-protect and possibly other use-cases where the SD
card is read-only, and "not formatted" is identical to "not containing
the right files".
2020-02-24 13:28:44 +01:00
matejcik
e9c275c24f
core/sdcard: fix invalid state when filesystem mounting fails
2020-02-24 13:28:44 +01:00
Pavol Rusnak
39ce100608
Merge pull request #864 from trezor/prusnak/bootloader-text-break
...
core/bootloader: split long vendor string
2020-02-21 18:39:20 +01:00
Tomas Susanka
6c47bf8230
core: store multiple sessions/caches at the same time
2020-02-21 14:40:42 +01:00
Pavol Rusnak
562671401e
Merge pull request #860 from trezor/prusnak/multisig-show-yours-others
...
core: show yours/others in get_address for multisig
2020-02-20 13:49:13 +01:00
matejcik
918603ad5c
core: add unit test for sdcard wrapper
2020-02-20 12:51:48 +01:00
matejcik
7983fd34d6
core: fix unit tests
2020-02-20 12:51:48 +01:00
matejcik
4ed6487a19
core/sdcard: add out-of-bounds checks to emulator
2020-02-20 12:51:48 +01:00
matejcik
ddee77ecb6
core: add SD clearing via debuglink
2020-02-20 12:51:48 +01:00
matejcik
d0b1b171f1
core/sdcard: ensure emulator initializes the SD card when first needed
2020-02-20 12:51:48 +01:00
matejcik
5bd8d9b5bb
core/sdcard: make allocating new SD card for emulator fast
2020-02-20 12:51:48 +01:00
matejcik
1e9352b9e0
core: add SD format dialog, generalize sdcard usage
2020-02-20 12:51:48 +01:00
matejcik
5bac85f260
core: use filesystem wrapper instead of the ensure_filesystem decorator
2020-02-20 12:51:48 +01:00
matejcik
d08942be4a
core: introduce filesystem wrapper
2020-02-20 12:51:48 +01:00
matejcik
b2084a19be
core/trezorio: move sdcard functions to a submodule
2020-02-20 12:51:48 +01:00
matejcik
30529d218d
core/sdcard: change SDCard methods to plain functions
2020-02-20 12:51:48 +01:00
matejcik
06b89c57c5
core/sdcard: return proper disk status flags to fatfs
2020-02-20 12:51:48 +01:00
Tomas Susanka
ff1bb67abc
common: return the PasshraseType button request
2020-02-20 08:04:35 +00:00
Pavol Rusnak
dc66bbe3d5
core/bootloader: split long vendor string
2020-02-19 21:40:28 +00:00
Pavol Rusnak
74802a107e
core/modtrezorui: add display_text_split
2020-02-19 21:40:28 +00:00
Pavol Rusnak
c4babd3c0b
Merge pull request #846 from trezor/bootloader-read-retry
...
core/bootloader: make read more benevolent and read error more helpful
2020-02-19 19:45:34 +01:00
Pavol Rusnak
581e46ff87
Merge pull request #845 from trezor/prusnak/webusb-popup
...
Don't show WebUSB popup in firmware, in bootloader only if no firmware present
2020-02-19 18:18:01 +01:00
Pavol Rusnak
7944c1a837
core/monero: add confirmation dialog for unlock_time
2020-02-19 14:31:45 +00:00
Pavol Rusnak
a808cc9190
core/apps: await require_confirm should be called without return
2020-02-19 14:31:45 +00:00
Pavol Rusnak
b9486c0b33
core: show yours/others in get_address for multisig
2020-02-18 22:39:55 +00:00
Tomas Susanka
577daf09fe
tests: introduce --ui-check-missing to test/remove missing tests
2020-02-18 09:33:21 +01:00
matejcik
1d41141a1f
core/emulator: properly ignore inotify problems ( fixes #854 )
2020-02-17 12:33:38 +01:00
Pavol Rusnak
2958a97c87
Merge pull request #830 from trezor/tsusanka/fw-upgrade
...
FW Update: Request a small chunk first to make the UI smoother
2020-02-15 13:08:33 +01:00
matejcik
e61b7d28e9
all: do not send state in PassphraseAck (not needed for compatibility)
2020-02-13 15:44:50 +01:00
Pavol Rusnak
63dfd6c6ab
core/bootloader: make read more benevolent and read error more helpful
2020-02-12 22:05:29 +01:00
Pavol Rusnak
07cd73ce57
core: show webusb popup only in bootloader and only if firmware is not installed
2020-02-12 20:47:05 +00:00
matejcik
4c8c96272c
emu: fix flag options with defaults
...
Click REALLY INSISTS you provide on/off switches for your options.
You can use is_flag, but then the presence of the option changes based
on the default value.
Which makes sense, really:
@option("-f", "foobar", is_flag=True, default=False)
you would expect `./cli -f` to have `foobar is True`
whereas with
@option("-f", "foobar", is_flag=True, default=True)
you would expect `./cli -f` to have `foobar is False`, otherwise it's a
no-op
this becomes fun with `default=os.environ.get("SOMETHING")`, because
then the effect of the option CHANGES with a value of environment
variable!
there's two ways around this:
a) don't use defaults, update the flag explicitly, like:
foobar = foobar or os.environ.get("FOOBAR") == "1"
b) forget about is_flag and specify an on/off switch, where the default
value works as intended
since the latter is also technically speaking more correct, i'm doing it
2020-02-12 13:32:05 +01:00
matejcik
271da3fa39
python: add detailed logging to emulator runner
2020-02-12 13:31:58 +01:00
matejcik
c14429c445
all: shut down emulator on error_shutdown
2020-02-12 13:31:31 +01:00
matejcik
d3b88a37be
core: do not catch SystemExit in handle_session ( #826 )
2020-02-12 10:36:42 +01:00
Tomas Susanka
f947fe97cc
core: fix style
2020-02-11 16:41:43 +01:00
Tomas Susanka
0a13f7a441
core: properly limit passphrase to 50 bytes
2020-02-11 15:39:08 +00:00
Tomas Susanka
2c0504ad1c
Merge pull request #803 from trezor/passphrase
...
Passphrase Redesign
2020-02-11 16:01:59 +01:00
matejcik
05a1d6f771
core/debug: add "show arbitrary screen" capability, for easier prototyping
2020-02-11 11:53:34 +01:00