Enable shaext path for sha1.

This makes sha1 ~2x faster on Amd Rome:

BM_SHA1Hash/2               10.9MB/s ± 1%           14.0MB/s ± 1%  +28.77%        (p=0.000 n=10+10)
BM_SHA1Hash/4               21.9MB/s ± 1%           28.2MB/s ± 1%  +28.56%        (p=0.000 n=10+10)
BM_SHA1Hash/8               43.9MB/s ± 1%           56.3MB/s ± 2%  +28.36%        (p=0.000 n=10+10)
BM_SHA1Hash/16              88.1MB/s ± 1%          114.8MB/s ± 2%  +30.40%         (p=0.000 n=9+10)
BM_SHA1Hash/32               178MB/s ± 1%            229MB/s ± 2%  +28.64%        (p=0.000 n=10+10)
BM_SHA1Hash/64               240MB/s ± 1%            363MB/s ± 2%  +51.57%        (p=0.000 n=10+10)
BM_SHA1Hash/512              629MB/s ± 1%           1129MB/s ± 2%  +79.54%         (p=0.000 n=9+10)
BM_SHA1Hash/4k               794MB/s ± 0%           1538MB/s ± 1%  +93.76%         (p=0.000 n=8+10)
BM_SHA1Hash/32k              820MB/s ± 1%           1610MB/s ± 2%  +96.44%        (p=0.000 n=10+10)
BM_SHA1Hash/256k             822MB/s ± 1%           1624MB/s ± 1%  +97.48%        (p=0.000 n=10+10)
BM_SHA1Hash/1M               822MB/s ± 1%           1625MB/s ± 1%  +97.63%        (p=0.000 n=10+10)
BM_SHA1Hash/2M               824MB/s ± 1%           1626MB/s ± 1%  +97.32%        (p=0.000 n=10+10)
BM_SHA1Hash/4M               826MB/s ± 1%           1631MB/s ± 0%  +97.56%         (p=0.000 n=10+8)
BM_SHA1Hash/8M               824MB/s ± 1%           1625MB/s ± 1%  +97.14%        (p=0.000 n=10+10)
BM_SHA1Hash/16M              823MB/s ± 1%           1625MB/s ± 1%  +97.40%        (p=0.000 n=10+10)

Change-Id: Ic75eb717a71b35d0ca775c309e08396b2ab77641
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41884
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/fipsmodule/sha/asm/sha1-x86_64.pl b/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
index 5e98962..0b0c151 100755
--- a/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
+++ b/crypto/fipsmodule/sha/asm/sha1-x86_64.pl
@@ -108,10 +108,7 @@
 # versions, but BoringSSL is intended to be used with pre-generated perlasm
 # output, so this isn't useful anyway.
 $avx = 2;
-
-# TODO(davidben): Consider enabling the Intel SHA Extensions code once it's
-# been tested.
-$shaext=0;	### set to zero if compiling for 1.0.1
+$shaext=1;	### set to zero if compiling for 1.0.1
 
 open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
 *STDOUT=*OUT;