From ddefabc1f5170a6631a11007af83fff14d3212ab Mon Sep 17 00:00:00 2001
From: Franz Bettag <franz@bett.ag>
Date: Thu, 8 Mar 2018 13:19:04 +0100
Subject: [PATCH 1/2] ssh: add hmac-sha2-512.

---
 ssh/common.go | 2 +-
 ssh/mac.go    | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/ssh/common.go b/ssh/common.go
index 04f3620b3d..ed1ae29a0a 100644
--- a/ssh/common.go
+++ b/ssh/common.go
@@ -67,7 +67,7 @@ var supportedHostKeyAlgos = []string{
 // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
 // because they have reached the end of their useful life.
 var supportedMACs = []string{
-	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
+	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-512", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
 }
 
 var supportedCompressions = []string{compressionNone}
diff --git a/ssh/mac.go b/ssh/mac.go
index c07a06285e..57fcc5af48 100644
--- a/ssh/mac.go
+++ b/ssh/mac.go
@@ -10,6 +10,7 @@ import (
 	"crypto/hmac"
 	"crypto/sha1"
 	"crypto/sha256"
+	"crypto/sha512"
 	"hash"
 )
 
@@ -49,6 +50,9 @@ var macModes = map[string]*macMode{
 	"hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}},
+	"hmac-sha2-512": {64, false, func(key []byte) hash.Hash {
+		return hmac.New(sha512.New, key)
+	}},
 	"hmac-sha2-256": {32, false, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}},

From 352aac630592f811a14e98905229b752730db6e7 Mon Sep 17 00:00:00 2001
From: Franz Bettag <franz@bett.ag>
Date: Fri, 13 Jul 2018 00:17:33 +0200
Subject: [PATCH 2/2] ssh: moves hmac-sha2-512 after hmac-sha2-256.

---
 ssh/common.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssh/common.go b/ssh/common.go
index ed1ae29a0a..d361850050 100644
--- a/ssh/common.go
+++ b/ssh/common.go
@@ -67,7 +67,7 @@ var supportedHostKeyAlgos = []string{
 // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
 // because they have reached the end of their useful life.
 var supportedMACs = []string{
-	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-512", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
+	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
 }
 
 var supportedCompressions = []string{compressionNone}