commit 25d501c775b04ab3e0855552f61f9219668be96a
author Adam Langley <alangley@gmail.com> Thu Jun 24 15:47:37 2021 -0700
committer Adam Langley <agl@google.com> Fri Jun 25 17:52:52 2021 +0000
tree 5f19b38d401953b281f4779720296993fa2c5bf0
parent b90cdddcdc27995abe530c3805adb8ccca594aa4

SHA-256 is used on AArch64, even if NO_ASM.

Change-Id: I6cc25dd27e8a6a82821aa370a34fb115c5987f1a
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48246
Reviewed-by: David Benjamin <davidben@google.com>

crypto/fipsmodule/CMakeLists.txt

diff --git a/crypto/fipsmodule/CMakeLists.txt b/crypto/fipsmodule/CMakeLists.txt
index d22100f..7b9e1b1 100644
--- a/crypto/fipsmodule/CMakeLists.txt
+++ b/crypto/fipsmodule/CMakeLists.txt
@@ -199,12 +199,15 @@
   set_target_properties(bcm_hashunset PROPERTIES LINKER_LANGUAGE C)
 
   set(MAYBE_INJECT_HASH_SHA256_FLAG "")
-  if (ARCH STREQUAL "aarch64")
+  # If building with OPENSSL_NO_ASM then ARCH will be "generic", but we still
+  # need to use SHA-256. Since this only matters for FIPS, we only need to
+  # worry about the Linux spelling of AArch64.
+  if (ARCH STREQUAL "aarch64" OR ${CMAKE_SYSTEM_PROCESSOR} STREQUAL "aarch64")
     set(MAYBE_INJECT_HASH_SHA256_FLAG "-sha256")
   endif()
 
   go_executable(inject_hash
-	        boringssl.googlesource.com/boringssl/util/fipstools/inject_hash)
+                boringssl.googlesource.com/boringssl/util/fipstools/inject_hash)
   add_custom_command(
     OUTPUT bcm.o
     COMMAND ./inject_hash -o bcm.o -in-archive $<TARGET_FILE:bcm_hashunset> ${MAYBE_INJECT_HASH_SHA256_FLAG}