Add support for HMAC-SHA512.

I saw a post on comp.security.ssh just now where someone had encountered an SSH server that would _only_ speak that, which makes it worth bothering to implement. The totally obvious implementation works, and passes the test cases from RFC 6234.
2025-07-01 11:32:48 -05:00 · 2023-04-21 20:17:43 +01:00
parent d67c13eeb8
commit b77e985513
6 changed files with 44 additions and 8 deletions
--- a/ssh/transport2.c
+++ b/ssh/transport2.c
@ -20,7 +20,8 @@ const struct ssh_signkey_with_user_pref_id ssh2_hostkey_algs[] = {
 };

 const static ssh2_macalg *const macs[] = {
-    &ssh_hmac_sha256, &ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
+    &ssh_hmac_sha512, &ssh_hmac_sha256,
+    &ssh_hmac_sha1, &ssh_hmac_sha1_96, &ssh_hmac_md5
 };
 const static ssh2_macalg *const buggymacs[] = {
    &ssh_hmac_sha1_buggy, &ssh_hmac_sha1_96_buggy, &ssh_hmac_md5