Add support for "hmac-sha2-512-etm@openssh.com"
Change-Id: I0203881afd7ad72e68f76650817451d7e292c91b
GitHub-Last-Rev: 42b4119e1987e7a46aa06a2b142d5fd3ef6f216a
GitHub-Pull-Request: golang/crypto#129
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/226982
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
Auto-Submit: Han-Wen Nienhuys <hanwen@google.com>
Reviewed-by: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
diff --git a/ssh/common.go b/ssh/common.go
index e6a77f2..dc6f301 100644
--- a/ssh/common.go
+++ b/ssh/common.go
@@ -85,7 +85,7 @@
// This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
// because they have reached the end of their useful life.
var supportedMACs = []string{
- "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
+ "hmac-sha2-512-etm@openssh.com", "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
}
var supportedCompressions = []string{compressionNone}
diff --git a/ssh/mac.go b/ssh/mac.go
index c07a062..0a21af4 100644
--- a/ssh/mac.go
+++ b/ssh/mac.go
@@ -10,6 +10,7 @@
"crypto/hmac"
"crypto/sha1"
"crypto/sha256"
+ "crypto/sha512"
"hash"
)
@@ -46,6 +47,9 @@
func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }
var macModes = map[string]*macMode{
+ "hmac-sha2-512-etm@openssh.com": {64, true, func(key []byte) hash.Hash {
+ return hmac.New(sha512.New, key)
+ }},
"hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash {
return hmac.New(sha256.New, key)
}},
