Remove doubled sha256 implementation

Porting Adam's PR #9 to current master. Citing its description:
```
Fix doubled sha256 implementations and the resulting compilation error
 - sha256 implementation kept in atecc508a.c, deleted from u2f_atecc.c
 - sha256 functions delcared as extern
 - the above solution solves the SETUP config compilation error
originated from line 34 in u2f_atecc.c which messed up the scope of the
doubled sha256 implementations
```

Tested with current wkey/rkey setup on UB10 and https://u2f.bin.coffee/

Signed-off-by: Szczepan Zalega <szczepan@nitrokey.com>

firmware/inc/atecc508a.h

@@ -156,6 +156,15 @@ struct atecc_key_config
 	uint8_t x509id : 2;
 };
 
+extern uint8_t SHA_FLAGS;
+extern uint8_t SHA_HMAC_KEY;
+extern struct  atecc_response res_digest;
+
+extern void u2f_sha256_start  ();
+extern void u2f_sha256_update (uint8_t * buf, uint8_t len);
+extern void u2f_sha256_finish ();
+extern void compute_key_hash  (uint8_t * key, uint8_t * mask, int slot);
+
 void atecc_idle();
 void atecc_wake();
 void atecc_sleep();

firmware/src/atecc508a.c

@@ -37,6 +37,12 @@
 #include "bsp.h"
 
 
+uint8_t shabuf[70];
+uint8_t shaoffset = 0;
+uint8_t SHA_FLAGS = 0;
+uint8_t SHA_HMAC_KEY = 0;
+struct atecc_response res_digest;
+
 
 int8_t atecc_send(uint8_t cmd, uint8_t p1, uint16_t p2,
 					uint8_t * buf, uint8_t len)
@@ -176,46 +182,6 @@ int8_t atecc_send_recv(uint8_t cmd, uint8_t p1, uint16_t p2,
 }
 
 
-#ifdef ATECC_SETUP_DEVICE
-
-int8_t atecc_write_eeprom(uint8_t base, uint8_t offset, uint8_t* srcbuf, uint8_t len)
-{
-	uint8_t buf[7];
-	struct atecc_response res;
-
-	uint8_t * dstbuf = srcbuf;
-	if (offset + len > 4)
-		return -1;
-	if (len < 4)
-	{
-		atecc_send_recv(ATECC_CMD_READ,
-				ATECC_RW_CONFIG, base, NULL, 0,
-				buf, sizeof(buf), &res);
-
-		dstbuf = res.buf;
-		memmove(res.buf + offset, srcbuf, len);
-	}
-
-	atecc_send_recv(ATECC_CMD_WRITE,
-			ATECC_RW_CONFIG, base, dstbuf, 4,
-			buf, sizeof(buf), &res);
-
-	if (res.buf[0])
-	{
-		set_app_error(-res.buf[0]);
-		return -1;
-	}
-	return 0;
-}
-
-
-
-static uint8_t shabuf[70];
-static uint8_t shaoffset = 0;
-uint8_t SHA_FLAGS = 0;
-uint8_t SHA_HMAC_KEY = 0;
-static struct atecc_response res_digest;
-
 void u2f_sha256_start()
 {
 	shaoffset = 0;
@@ -253,6 +219,65 @@ void u2f_sha256_finish()
 	SHA_FLAGS = 0;
 }
 
+void compute_key_hash(uint8_t * key, uint8_t * mask, int slot)
+{
+	// key must start with 4 zeros
+	memset(appdata.tmp,0,28);
+	memmove(appdata.tmp + 28, key, 36);
+
+	u2f_sha256_start();
+
+	u2f_sha256_update(mask,32);
+
+
+	appdata.tmp[0] = ATECC_CMD_PRIVWRITE;
+	appdata.tmp[1] = ATECC_PRIVWRITE_ENC;
+	appdata.tmp[2] = slot;
+	appdata.tmp[3] = 0;
+	appdata.tmp[4] = 0xee;
+	appdata.tmp[5] = 0x01;
+	appdata.tmp[6] = 0x23;
+
+	u2f_sha256_update(appdata.tmp,28 + 36);
+	u2f_sha256_finish();
+}
+
+
+#ifdef ATECC_SETUP_DEVICE
+
+int8_t atecc_write_eeprom(uint8_t base, uint8_t offset, uint8_t* srcbuf, uint8_t len)
+{
+	uint8_t buf[7];
+	struct atecc_response res;
+
+	uint8_t * dstbuf = srcbuf;
+	if (offset + len > 4)
+		return -1;
+	if (len < 4)
+	{
+		atecc_send_recv(ATECC_CMD_READ,
+				ATECC_RW_CONFIG, base, NULL, 0,
+				buf, sizeof(buf), &res);
+
+		dstbuf = res.buf;
+		memmove(res.buf + offset, srcbuf, len);
+	}
+
+	atecc_send_recv(ATECC_CMD_WRITE,
+			ATECC_RW_CONFIG, base, dstbuf, 4,
+			buf, sizeof(buf), &res);
+
+	if (res.buf[0])
+	{
+		set_app_error(-res.buf[0]);
+		return -1;
+	}
+	return 0;
+}
+
+
+
+
 static uint8_t get_signature_length(uint8_t * sig)
 {
 	return 0x46 + ((sig[32] & 0x80) == 0x80) + ((sig[0] & 0x80) == 0x80);
@@ -489,28 +514,7 @@ int atecc_privwrite(uint16_t keyslot, uint8_t * key, uint8_t * mask, uint8_t * d
 	return 0;
 }
 
-static void compute_key_hash(uint8_t * key, uint8_t * mask, int slot)
-{
-	// key must start with 4 zeros
-	memset(appdata.tmp,0,28);
-	memmove(appdata.tmp + 28, key, 36);
-
-	u2f_sha256_start();
 
-	u2f_sha256_update(mask,32);
-
-
-	appdata.tmp[0] = ATECC_CMD_PRIVWRITE;
-	appdata.tmp[1] = ATECC_PRIVWRITE_ENC;
-	appdata.tmp[2] = slot;
-	appdata.tmp[3] = 0;
-	appdata.tmp[4] = 0xee;
-	appdata.tmp[5] = 0x01;
-	appdata.tmp[6] = 0x23;
-
-	u2f_sha256_update(appdata.tmp,28 + 36);
-	u2f_sha256_finish();
-}
 
 void atecc_setup_init(uint8_t * buf)
 {

firmware/src/u2f_atecc.c

@@ -98,55 +98,6 @@ int8_t u2f_get_user_feedback()
 	return 0;
 }
 
-#ifdef ATECC_SETUP_DEVICE
-#define STATIC_IN_SETUP static
-#else
-#define STATIC_IN_SETUP
-#endif
-
-
-static uint8_t shabuf[70];
-static uint8_t shaoffset = 0;
-STATIC_IN_SETUP uint8_t SHA_FLAGS = 0;
-STATIC_IN_SETUP uint8_t SHA_HMAC_KEY = 0;
-static struct atecc_response res_digest;
-
-STATIC_IN_SETUP void u2f_sha256_start()
-{
-	shaoffset = 0;
-	atecc_send_recv(ATECC_CMD_SHA,
-			SHA_FLAGS, SHA_HMAC_KEY,NULL,0,
-			shabuf, sizeof(shabuf), NULL);
-	SHA_HMAC_KEY = 0;
-}
-
-
-STATIC_IN_SETUP void u2f_sha256_update(uint8_t * buf, uint8_t len)
-{
-	uint8_t i = 0;
-	watchdog();
-	while(len--)
-	{
-		shabuf[shaoffset++] = *buf++;
-		if (shaoffset == 64)
-		{
-			atecc_send_recv(ATECC_CMD_SHA,
-					ATECC_SHA_UPDATE, 64,shabuf,64,
-					shabuf, sizeof(shabuf), NULL);
-			shaoffset = 0;
-		}
-	}
-}
-
-
-STATIC_IN_SETUP void u2f_sha256_finish()
-{
-	if (SHA_FLAGS == ATECC_SHA_START) SHA_FLAGS = ATECC_SHA_END;
-	atecc_send_recv(ATECC_CMD_SHA,
-			SHA_FLAGS, shaoffset,shabuf,shaoffset,
-			shabuf, sizeof(shabuf), &res_digest);
-	SHA_FLAGS = ATECC_SHA_START;
-}
 
 static int atecc_prep_encryption()
 {
@@ -170,28 +121,6 @@ static int atecc_prep_encryption()
 	return 0;
 }
 
-static void compute_key_hash(uint8_t * key, uint8_t * mask)
-{
-	// key must start with 4 zeros
-	memset(appdata.tmp,0,28);
-	memmove(appdata.tmp + 28, key, 36);
-
-	u2f_sha256_start();
-
-	u2f_sha256_update(mask,32);
-
-
-	appdata.tmp[0] = ATECC_CMD_PRIVWRITE;
-	appdata.tmp[1] = ATECC_PRIVWRITE_ENC;
-	appdata.tmp[2] = 2;
-	appdata.tmp[3] = 0;
-	appdata.tmp[4] = 0xee;
-	appdata.tmp[5] = 0x01;
-	appdata.tmp[6] = 0x23;
-
-	u2f_sha256_update(appdata.tmp,28 + 36);
-	u2f_sha256_finish();
-}
 
 static int atecc_privwrite(int keyslot, uint8_t * key, uint8_t * mask, uint8_t * digest)
 {
@@ -272,7 +201,7 @@ int8_t u2f_new_keypair(uint8_t * handle, uint8_t * appid, uint8_t * pubkey)
 		private_key[i] ^= RMASK[i];
 	}
 	watchdog();
-	compute_key_hash(private_key,  WMASK);
+	compute_key_hash(private_key,  WMASK, U2F_TEMP_KEY_SLOT);
 	memmove(handle+4, res_digest.buf, 32);  // size of key handle must be 36+8