Could two sha256 calculations happen in parallel?

[jans23]

No description provided.

[szszszsz]

The main concern is, why these two identical implementations are separately supplied to the firmware:

• in atecc508a:
  atecc508a.c#L215
  atecc508a.c#L229
• in u2f_atecc:
  u2f_atecc.c#L110
  u2f_atecc.c#L124

When one was removed and calls redirected to other, the device has stopped accepting attestation key during SETUP phase: dc83516. It had to be reverted to make it work again: 51350a4, and the symbols were hidden to compilation unit scope via static: e27038d.

Either local state (given via SHA_FLAGS and SHA_HMAC_KEY) is not cleaned after one of the operations, or SHA calculations are done concurrently, one during another.

• Pack state variables into structure and store separate copies in both compilation units.
• Make u2f_sha functions work on created structure in object-like manner.
• Remove duplicated code.
• Investigate, why the implementation was doubled in the first place.

[szszszsz]

There is a guess (CC @adamglozik) that compute_key_hash may be causing the issue.
See:

nitrokey-fido-u2f-firmware/firmware/src/u2f_atecc.c

Line 173 in c4f3d6a

static void compute_key_hash(uint8_t * key, uint8_t * mask)

[szszszsz]

Refactoring tasks moved to a separate issue.
Cause lied in a missed hardcoded slot number within compute_key_hash function.
Fix merged to master already. Closing.