Inject FIPS hash without running module.
Previously, inject-hash would run the FIPS module in order to trigger a
failure and then extract the calculated hash value from the output. This
makes cross-compiling difficult because the build process needs to run a
binary for the target platform.
This change drops this step. Instead, inject-hash.go parses the object
file itself and calculates the hash without needing to run the module.
Change-Id: I2593daa03094b0a17b498c2e8be6915370669596
Reviewed-on: https://boringssl-review.googlesource.com/14964
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/util/generate_build_files.py b/util/generate_build_files.py
index 4225cf2..8e23040 100644
--- a/util/generate_build_files.py
+++ b/util/generate_build_files.py
@@ -650,9 +650,7 @@
for path in FindCFiles(os.path.join('src', 'crypto'), OnlyTests):
if IsGTest(path):
crypto_test_files.append(path)
- # bcm_hashunset_test.c is only used in the FIPS build process.
- elif path != os.path.join('src', 'crypto', 'fipsmodule',
- 'bcm_hashunset_test.c'):
+ else:
test_c_files.append(path)
ssl_test_files = FindCFiles(os.path.join('src', 'ssl'), OnlyTests)