speed: make hmac(sha256) the default hmac

prefer hmac(sha256) rather than hmac(md5). Also, drop the "skip_hmac" label. If we are supposed to do hmac(hash_func) and hash_func cannot be found, then error out immediately. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22793)
2025-02-17 14:32:04 +08:00 · 2023-11-21 00:09:38 -05:00 · 2023-11-21 00:09:38 -05:00 · e580f06dec
commit e580f06dec
parent e7d34d7ae3
2 changed files with 9 additions and 4 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -28,6 +28,11 @@ OpenSSL 3.3

 ### Changes between 3.2 and 3.3 [xx XXX xxxx]

+ * In `openssl speed`, changed the default hash function used with `hmac` from
+   `md5` to `sha256`.
+
+   *James Muir*
+
 * The build of exporters (such as `.pc` files for pkg-config) cleaned up to
   be less hard coded in the build file templates, and to allow easier
   addition of more exporters.  With that, an exporter for CMake is also
--- a/apps/speed.c
+++ b/apps/speed.c
@ -310,7 +310,7 @@ enum {
 /* name of algorithms to test. MUST BE KEEP IN SYNC with above enum ! */
 static const char *names[ALGOR_NUM] = {
    "md2", "mdc2", "md4", "md5", "sha1", "rmd160",
-    "sha256", "sha512", "whirlpool", "hmac(md5)",
+    "sha256", "sha512", "whirlpool", "hmac(sha256)",
    "des-cbc", "des-ede3", "rc4", "idea-cbc", "seed-cbc",
    "rc2-cbc", "rc5-cbc", "blowfish", "cast-cbc",
    "aes-128-cbc", "aes-192-cbc", "aes-256-cbc",
@ -570,7 +570,7 @@ static int run_benchmark(int async_jobs, int (*loop_function) (void *),

 static unsigned int testnum;

-static char *evp_mac_mdname = "md5";
+static char *evp_mac_mdname = "sha256";
 static char *evp_hmac_name = NULL;
 static const char *evp_md_name = NULL;
 static char *evp_mac_ciphername = "aes-128-cbc";
@ -2544,7 +2544,7 @@ int speed_main(int argc, char **argv)
                goto end;

            if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params))
-                goto skip_hmac; /* Digest not found */
+                goto end; /* Digest not found */
        }
        for (testnum = 0; testnum < size_num; testnum++) {
            print_message(names[D_HMAC], lengths[testnum], seconds.sym);
@ -2560,7 +2560,7 @@ int speed_main(int argc, char **argv)
        EVP_MAC_free(mac);
        mac = NULL;
    }
-skip_hmac:
+
    if (doit[D_CBC_DES]) {
        int st = 1;