Completely remove Jitter CPU from library artifact if not enabled

[torben-hansen]

Description of changes:

Previously, we disabled jitter cpu by default; instead enabling the passive strategy by default. This is a build-time configuration. That is, if jitter cpu is not explicitly enabled, jitter cpu is not used as the source in FIPS mode and is redundant.

However, the previous work didn't completely remove jitter cpu object code from resulting library artifacts when FIPS is enabled:

$ ar -t crypto/libcrypto.a | grep jitter
jitterentropy-base.c.o
jitterentropy-gcd.c.o
jitterentropy-health.c.o
jitterentropy-noise.c.o
jitterentropy-sha3.c.o
jitterentropy-timer.c.o

There is no escaped issue, but it takes up space in the library artifact. In additional, it imposes jitter cpu latency at power-on time since the initialisation function is executed in BORINGSSL_bcm_power_on_self_test().

The last point above also means that the linker doesn't even elide the jitter cpu object code at link-editor time when using the static aws-lc libcrypto; Because bcm.o has a dependency on the jitter cpu object in the aws-lc static archive...

Hence, this change will:

• improve library size slightly.
• improve power-on since we no longer (accidentally) initialise jitter cpu even though it's unused.

Call-outs:

Unfortunately, this is a bit of an annoying issue to resolve; it requires several code changes in the build and source code adding more pre-processing logic.

Firstly, I originally made jitter cpu build independent of FIPS (i.e. always build it) such that I could simplify the speed tool (remove macro's etc). But I ended up reverting it, since it would increase the set of platforms jitter cpu would be build on. Currently, the number of platforms is reduced since it's only ever build in the FIPS configuration. There is definitely a likelihood of a build regression if increasing scope. I'm not ready to make that change.

Secondly, the prng modeling test actually supports jitter entropy now (since 6ba258c). I removed the cmake script stuff dealing with it (it was also unused at this point).

Finally, I need pre-processing logic in the power-on workflow. We still need to support initialising jitter cpu if enabled.

Testing:

No longer any lingering jitter cpu object code:

$ ar -t crypto/libcrypto.a | grep jitter
<empty>
$ objdump -d crypto/libcrypto.a | grep jitter
<empty>

If enabling jitter cpu, we can successfully run tests:

$ ./crypto/crypto_test --gtest_filter=CPUJitterEntropyTest.*
Note: Google Test filter = CPUJitterEntropyTest.*
[==========] Running 1 test from 1 test suite.
[----------] Global test environment set-up.
[----------] 1 test from CPUJitterEntropyTest
[ RUN      ] CPUJitterEntropyTest.Basic
[       OK ] CPUJitterEntropyTest.Basic (81 ms)
[----------] 1 test from CPUJitterEntropyTest (81 ms total)

[----------] Global test environment tear-down
[==========] 1 test from 1 test suite ran. (81 ms total)
[  PASSED  ] 1 test.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.