Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.org

using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP
coupled with X25519 as a stop-loss. Not enabled by default.

introduce KEM API; a simplified framework for DH-ish KEX methods.

from markus@ feedback & ok djm@

1 files changed, 17 insertions, 1 deletions

diff --git a/usr.bin/ssh/crypto_api.h b/usr.bin/ssh/crypto_api.h
index e1e08f48534..d3eaa0ae0c1 100644
--- a/usr.bin/ssh/crypto_api.h
+++ b/usr.bin/ssh/crypto_api.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto_api.h,v 1.4 2017/12/14 21:07:39 naddy Exp $ */
+/* $OpenBSD: crypto_api.h,v 1.5 2019/01/21 10:20:12 djm Exp $ */
 
 /*
  * Assembled from generated headers and source files by Markus Friedl.
@@ -11,10 +11,15 @@
 #include <stdint.h>
 #include <stdlib.h>
 
+typedef int8_t crypto_int8;
+typedef uint8_t crypto_uint8;
+typedef int16_t crypto_int16;
+typedef uint16_t crypto_uint16;
 typedef int32_t crypto_int32;
 typedef uint32_t crypto_uint32;
 
 #define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len))
+#define small_random32() arc4random()
 
 #define crypto_hash_sha512_BYTES 64U
 
@@ -33,4 +38,15 @@ int	crypto_sign_ed25519_open(unsigned char *, unsigned long long *,
     const unsigned char *, unsigned long long, const unsigned char *);
 int	crypto_sign_ed25519_keypair(unsigned char *, unsigned char *);
 
+#define crypto_kem_sntrup4591761_PUBLICKEYBYTES 1218
+#define crypto_kem_sntrup4591761_SECRETKEYBYTES 1600
+#define crypto_kem_sntrup4591761_CIPHERTEXTBYTES 1047
+#define crypto_kem_sntrup4591761_BYTES 32
+
+int	crypto_kem_sntrup4591761_enc(unsigned char *cstr, unsigned char *k,
+    const unsigned char *pk);
+int	crypto_kem_sntrup4591761_dec(unsigned char *k,
+    const unsigned char *cstr, const unsigned char *sk);
+int	crypto_kem_sntrup4591761_keypair(unsigned char *pk, unsigned char *sk);
+
 #endif /* crypto_api_h */