From 16222386f4de802a3c27c1714b0bcc28c0fd5397 Mon Sep 17 00:00:00 2001 From: Stefan Klein Date: Thu, 2 Apr 2020 23:39:47 +0000 Subject: [PATCH] Add support for "hmac-sha2-512-etm@openssh.com" Change-Id: I0203881afd7ad72e68f76650817451d7e292c91b GitHub-Last-Rev: 42b4119e1987e7a46aa06a2b142d5fd3ef6f216a GitHub-Pull-Request: golang/crypto#129 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/226982 Run-TryBot: Han-Wen Nienhuys Reviewed-by: Han-Wen Nienhuys Auto-Submit: Han-Wen Nienhuys Reviewed-by: David Chase TryBot-Result: Gopher Robot --- ssh/common.go | 2 +- ssh/mac.go | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/ssh/common.go b/ssh/common.go index e6a77f26a0..dc6f301de4 100644 --- a/ssh/common.go +++ b/ssh/common.go @@ -85,7 +85,7 @@ var supportedHostKeyAlgos = []string{ // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed // because they have reached the end of their useful life. var supportedMACs = []string{ - "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96", + "hmac-sha2-512-etm@openssh.com", "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96", } var supportedCompressions = []string{compressionNone} diff --git a/ssh/mac.go b/ssh/mac.go index c07a06285e..0a21af47e8 100644 --- a/ssh/mac.go +++ b/ssh/mac.go @@ -10,6 +10,7 @@ import ( "crypto/hmac" "crypto/sha1" "crypto/sha256" + "crypto/sha512" "hash" ) @@ -46,6 +47,9 @@ func (t truncatingMAC) Size() int { func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() } var macModes = map[string]*macMode{ + "hmac-sha2-512-etm@openssh.com": {64, true, func(key []byte) hash.Hash { + return hmac.New(sha512.New, key) + }}, "hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash { return hmac.New(sha256.New, key) }},