From 4ffae85325faddf78b9a4a0ece4d540a19f9aa13 Mon Sep 17 00:00:00 2001
From: Joe Testa <jtesta@positronsecurity.com>
Date: Fri, 20 Mar 2020 09:16:41 -0400
Subject: [PATCH] Added hmac-sha3-224 MAC.

---
 README.md    | 2 +-
 ssh-audit.py | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 5ffb5df..af0e10e 100644
--- a/README.md
+++ b/README.md
@@ -72,7 +72,7 @@ $ snap install ssh-audit
 ### v2.2.1-dev (???)
  - Added 1 new host key types: `ssh-rsa1`.
  - Added 1 new ciphers: `blowfish`.
- - Added 1 new MACs: `chacha20-poly1305@openssh.com`
+ - Added 2 new MACs: `chacha20-poly1305@openssh.com`, `hmac-sha3-224`.
  
 ### v2.2.0 (2020-03-11)
  - Marked host key type `ssh-rsa` as weak due to [practical SHA-1 collisions](https://eprint.iacr.org/2020/014.pdf).
diff --git a/ssh-audit.py b/ssh-audit.py
index e4bc63a..9ae6b2a 100755
--- a/ssh-audit.py
+++ b/ssh-audit.py
@@ -488,6 +488,7 @@ class SSH2(object):  # pylint: disable=too-few-public-methods
 				'hmac-sha2-384': [[], [], [WARN_ENCRYPT_AND_MAC]],
 				'hmac-sha2-512': [['5.9,d2013.56,l10.7.0'], [], [WARN_ENCRYPT_AND_MAC]],
 				'hmac-sha2-512-96': [['5.9', '6.0'], [FAIL_OPENSSH61_REMOVE], [WARN_ENCRYPT_AND_MAC]],
+				'hmac-sha3-224': [[], [], [WARN_ENCRYPT_AND_MAC]],
 				'hmac-sha3-256': [[], [], [WARN_ENCRYPT_AND_MAC]],
 				'hmac-sha3-384': [[], [], [WARN_ENCRYPT_AND_MAC]],
 				'hmac-sha3-512': [[], [], [WARN_ENCRYPT_AND_MAC]],