trezor-firmware

mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-31 01:41:18 +00:00

Go to file

Jochen Hoenicke 286ee0525c PIN handling - constant time. This diff contains three changes. 1. Make timing isPinCorrect independent of storage.pin, to avoid timing attacks 2. Only update failed PIN counter if the user entered a PIN. Of course, the fail counter is still incremented, before the PIN is checked. 3. Don't cache the PIN, but just the fact that the PIN was entered. The cache should be in sync with storage.pin in any case.		2015-02-22 15:42:31 +01:00
bootloader	rework layoutProgress functions	2014-12-21 18:58:56 +01:00
demo	update trezor-crypto	2014-10-30 01:38:40 +01:00
firmware	PIN handling - constant time.	2015-02-22 15:42:31 +01:00
gen	speed up public ckd (used in multisig)	2015-02-15 20:47:53 +01:00
trezor-common@69d476a3ba	update protobuf	2015-02-20 19:01:45 +01:00
trezor-crypto@d814f58a3b	use const char * const * for wordlist	2015-02-14 12:40:32 +01:00
trezor-qrenc@1da1cedfd6	enable OP_RETURN	2015-02-04 20:04:59 +01:00
.gitignore	bootloader source code	2014-10-23 18:09:41 +02:00
.gitmodules	implement GetAddress.show_display	2014-08-13 11:08:15 +02:00
buttons.c	import v1.0.0	2014-04-29 14:38:32 +02:00
buttons.h	adapt to new opencm3 include structure	2014-06-19 00:12:31 +02:00
COPYING	import v1.0.0	2014-04-29 14:38:32 +02:00
Dockerfile	check gpg key in Dockerfile	2015-02-13 18:26:32 +01:00
firmware-docker-build.sh	bump version to 1.3.1	2015-02-16 15:23:30 +01:00
firmware-fingerprint.sh	prepare 1.2.0 release	2014-07-03 01:20:34 +02:00
layout.c	speed up public ckd (used in multisig)	2015-02-15 20:47:53 +01:00
layout.h	rework layoutProgress functions	2014-12-21 18:58:56 +01:00
Makefile	import v1.0.0	2014-04-29 14:38:32 +02:00
Makefile.include	Disable assertion checking	2015-02-14 11:50:12 +01:00
memory_app_0.0.0.ld	import v1.0.0	2014-04-29 14:38:32 +02:00
memory_app_1.0.0.ld	import v1.0.0	2014-04-29 14:38:32 +02:00
memory.c	use hdnode_private_ckd_cached where appropriate	2015-01-26 20:24:07 +01:00
memory.h	import v1.0.0	2014-04-29 14:38:32 +02:00
memory.ld	import v1.0.0	2014-04-29 14:38:32 +02:00
oled.c	correctly skip utf-8 characters	2015-02-13 17:42:23 +01:00
oled.h	refactor font handling	2015-02-13 15:37:23 +01:00
README.rst	update README	2014-08-20 10:46:48 +02:00
rng.c	use Knuth shuffles	2015-02-13 20:51:02 +01:00
rng.h	use Knuth shuffles	2015-02-13 20:51:02 +01:00
serialno.c	enable stack protector	2014-07-31 19:44:03 +02:00
serialno.h	import v1.0.0	2014-04-29 14:38:32 +02:00
setup.c	move APPVER guards from includes to app code	2014-07-07 15:03:34 +02:00
setup.h	move APPVER guards from includes to app code	2014-07-07 15:03:34 +02:00
util.c	import v1.0.0	2014-04-29 14:38:32 +02:00
util.h	import v1.0.0	2014-04-29 14:38:32 +02:00

README.rst

TREZOR Firmware
===============

http://bitcointrezor.com/

How to build Trezor firmware?
-----------------------------

1. Install Docker (from docker.com or from your distribution repositories)
2. ``git clone https://github.com/trezor/trezor-mcu.git``
3. ``cd trezor-mcu``
4. ``./firmware-docker-build.sh``

This creates trezor.bin in current directory and prints its fingerprint at the last line of the build log.

How to get fingerprint of firmware signed and distributed by SatoshiLabs?
-------------------------------------------------------------------------

1. Pick version of firmware binary listed on https://mytrezor.com/data/firmware/releases.json
2. Download it: ``wget -O trezor.signed.bin.hex https://mytrezor.com/data/firmware/trezor-1.1.0.bin.hex``
3. ``xxd -r -p trezor.signed.bin.hex trezor.signed.bin``
4. ``./firmware-fingerprint.sh trezor.signed.bin``

Step 4 should produce the same sha256 fingerprint like your local build.

The reasoning for ``firmware-fingerprint.sh`` script is that signed firmware has special header holding signatures themselves, which must be avoided while calculating the fingerprint.