Update PQ Algorithms

This aligns the algorithms supported by the OQS OpenSSH fork with the algorithms available in liboqs.

- Added support for ML-KEM-IPD using the ML-KEM alias and the names/curves documented by the [PQ SSH draft RFC](https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/).
- Added support for ML-DSA-IPD using the ML-DSA alias following the conventions from the Dilithium implementation. The Dilithium signatures have been disabled.
- Updated from BIKE Round 3 to Round 4. This adds a new parameter set for BIKE-L5.
- Added support for the Falcon PADDED format. It is disabled by default to preserve entries in the bit-mask.
- Added support for MAYO. The level 1 variant is left disabled.

The KEX algorithms specified by the draft RFC do not match the security
level pairing convention followed by Kyber so we chose to prefer the
pairings specified in the document. There were no proposed parameter
sets for ML-KEM-512 so we defaulted to the conventional parameters.
x25519 hybrids are currently not handled by the oqs-openssh fork so
we've omitted `mlkem768x25519-sha256` support for now.

This does not add support for sntrup761 as that requires handling the conflict with the upstream OpenSSH implementation.

Related to Issue open-quantum-safe#163

Author: geedo0

README.md

@@ -65,21 +65,23 @@ If an algorithm is provided by liboqs but is not listed below, it can still be u
 The following quantum-safe algorithms from liboqs are supported (assuming they have been enabled in liboqs):
 
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_START -->
-- **BIKE**: `bike-l1-sha512`, `bike-l3-sha512`
+- **BIKE**: `bike-l1-sha512`, `bike-l3-sha512`, `bike-l5-sha512`
 - **ClassicMcEliece**: `classic-mceliece-348864-sha256`, `classic-mceliece-348864f-sha256`, `classic-mceliece-460896-sha512`, `classic-mceliece-460896f-sha512`, `classic-mceliece-6688128-sha512`, `classic-mceliece-6688128f-sha512`, `classic-mceliece-6960119-sha512`, `classic-mceliece-6960119f-sha512`, `classic-mceliece-8192128-sha512`, `classic-mceliece-8192128f-sha512`
 - **FrodoKEM**: `frodokem-640-aes-sha256`, `frodokem-976-aes-sha384`, `frodokem-1344-aes-sha512`, `frodokem-640-shake-sha256`, `frodokem-976-shake-sha384`, `frodokem-1344-shake-sha512`
 - **HQC**: `hqc-128-sha256`, `hqc-192-sha384`, `hqc-256-sha512`†
 - **Kyber**: `kyber-512-sha256`, `kyber-768-sha384`, `kyber-1024-sha512`
+- **ML-KEM**: `ml-kem-512-sha256`, `ml-kem-768-sha256`, `ml-kem-1024-sha384`
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_END -->
 
 The following hybrid algorithms are made available:
 
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_HYBRID_KEXS_START -->
-- **BIKE**: `ecdh-nistp256-bike-l1r3-sha512@openquantumsafe.org` `ecdh-nistp384-bike-l3r3-sha512@openquantumsafe.org`
+- **BIKE**: `ecdh-nistp256-bike-l1r4-sha512@openquantumsafe.org` `ecdh-nistp384-bike-l3r4-sha512@openquantumsafe.org` `ecdh-nistp521-bike-l5r4-sha512@openquantumsafe.org`
 - **ClassicMcEliece**: `ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org` `ecdh-nistp256-classic-mceliece-348864fr4-sha256@openquantumsafe.org` `ecdh-nistp384-classic-mceliece-460896r4-sha512@openquantumsafe.org` `ecdh-nistp384-classic-mceliece-460896fr4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6688128r4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6688128fr4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6960119r4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-6960119fr4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-8192128r4-sha512@openquantumsafe.org` `ecdh-nistp521-classic-mceliece-8192128fr4-sha512@openquantumsafe.org`
 - **FrodoKEM**: `ecdh-nistp256-frodokem-640-aesr2-sha256@openquantumsafe.org` `ecdh-nistp384-frodokem-976-aesr2-sha384@openquantumsafe.org` `ecdh-nistp521-frodokem-1344-aesr2-sha512@openquantumsafe.org` `ecdh-nistp256-frodokem-640-shaker2-sha256@openquantumsafe.org` `ecdh-nistp384-frodokem-976-shaker2-sha384@openquantumsafe.org` `ecdh-nistp521-frodokem-1344-shaker2-sha512@openquantumsafe.org`
 - **HQC**: `ecdh-nistp256-hqc-128r3-sha256@openquantumsafe.org` `ecdh-nistp384-hqc-192r3-sha384@openquantumsafe.org` `ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org`
 - **Kyber**: `ecdh-nistp256-kyber-512r3-sha256-d00@openquantumsafe.org` `ecdh-nistp384-kyber-768r3-sha384-d00@openquantumsafe.org` `ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org`
+- **ML-KEM**: `ecdh-nistp256-ml-kem-512-sha256@openquantumsafe.org` `mlkem768nistp256-sha256` `mlkem1024nistp384-sha384`
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_HYBRID_KEXS_END -->
 
 Note that algorithms marked with a dagger (†) have large stack usage and may cause failures when run on threads or in constrained environments. For example, McEliece require building `oqs-openssh` with a large(r) stack provision than is default: Adding `LDFLAGS="-Wl,--stack,20000000"` to [the `./configure` command below](#step-2-build-the-fork) is required to allow cygwin-based testing to pass.
@@ -89,8 +91,10 @@ Note that algorithms marked with a dagger (†) have large stack usage and may c
 The following digital signature algorithms from liboqs are supported (assuming they have been enabled in liboqs). Note that only select L3 signature variants are enabled by default. In general, algorithms that are enabled by default are marked with an asterisk, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-fork#code-generation).
 
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_START -->
-- **Dilithium**: `dilithium2`\*, `dilithium3`\*, `dilithium5`\*
-- **Falcon**: `falcon512`\*, `falcon1024`\*
+- **Dilithium**: `dilithium2`, `dilithium3`, `dilithium5`
+- **Falcon**: `falcon512`\*, `falcon1024`\*, `falconpadded512`, `falconpadded1024`
+- **MAYO**: `mayo1`, `mayo2`\*, `mayo3`\*, `mayo5`\*
+- **ML-DSA**: `mldsa44`\*, `mldsa65`\*, `mldsa87`\*
 - **SPHINCS**: `sphincssha2128fsimple`\*, `sphincssha2128ssimple`, `sphincsshake128fsimple`, `sphincsshake128ssimple`, `sphincssha2192fsimple`, `sphincssha2192ssimple`, `sphincsshake192fsimple`, `sphincsshake192ssimple`, `sphincssha2256fsimple`\*, `sphincssha2256ssimple`, `sphincsshake256fsimple`, `sphincsshake256ssimple`
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END -->
 

kex.c

@@ -131,6 +131,7 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_KYBER_1024_SHA512, KEX_KEM_KYBER_1024_SHA512, 0, SSH_DIGEST_SHA512 },
 	{ KEX_BIKE_L1_SHA512, KEX_KEM_BIKE_L1_SHA512, 0, SSH_DIGEST_SHA512 },
 	{ KEX_BIKE_L3_SHA512, KEX_KEM_BIKE_L3_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE_L5_SHA512, KEX_KEM_BIKE_L5_SHA512, 0, SSH_DIGEST_SHA512 },
 	{ KEX_CLASSIC_MCELIECE_348864_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864_SHA256, 0, SSH_DIGEST_SHA256 },
 	{ KEX_CLASSIC_MCELIECE_348864F_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256, 0, SSH_DIGEST_SHA256 },
 	{ KEX_CLASSIC_MCELIECE_460896_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896_SHA512, 0, SSH_DIGEST_SHA512 },
@@ -144,6 +145,9 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_HQC_128_SHA256, KEX_KEM_HQC_128_SHA256, 0, SSH_DIGEST_SHA256 },
 	{ KEX_HQC_192_SHA384, KEX_KEM_HQC_192_SHA384, 0, SSH_DIGEST_SHA384 },
 	{ KEX_HQC_256_SHA512, KEX_KEM_HQC_256_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_ML_KEM_512_SHA256, KEX_KEM_ML_KEM_512_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_ML_KEM_768_SHA256, KEX_KEM_ML_KEM_768_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_ML_KEM_1024_SHA384, KEX_KEM_ML_KEM_1024_SHA384, 0, SSH_DIGEST_SHA384 },
 #ifdef OPENSSL_HAS_ECC
 	{ KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
 	{ KEX_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
@@ -156,6 +160,7 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_KYBER_1024_ECDH_NISTP521_SHA512, KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
 	{ KEX_BIKE_L1_ECDH_NISTP256_SHA512, KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512, NID_X9_62_prime256v1, SSH_DIGEST_SHA512 },
 	{ KEX_BIKE_L3_ECDH_NISTP384_SHA512, KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE_L5_ECDH_NISTP521_SHA512, KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
 	{ KEX_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
 	{ KEX_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
 	{ KEX_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
@@ -169,6 +174,9 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_HQC_128_ECDH_NISTP256_SHA256, KEX_KEM_HQC_128_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
 	{ KEX_HQC_192_ECDH_NISTP384_SHA384, KEX_KEM_HQC_192_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
 	{ KEX_HQC_256_ECDH_NISTP521_SHA512, KEX_KEM_HQC_256_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_ML_KEM_512_ECDH_NISTP256_SHA256, KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_ML_KEM_768_ECDH_NISTP256_SHA256, KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_ML_KEM_1024_ECDH_NISTP384_SHA384, KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
 #endif /* OPENSSL_HAS_ECC */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ALGS_END
 

kex.h

@@ -76,6 +76,7 @@
 #define	KEX_KYBER_1024_SHA512	"kyber-1024-sha512"
 #define	KEX_BIKE_L1_SHA512	"bike-l1-sha512"
 #define	KEX_BIKE_L3_SHA512	"bike-l3-sha512"
+#define	KEX_BIKE_L5_SHA512	"bike-l5-sha512"
 #define	KEX_CLASSIC_MCELIECE_348864_SHA256	"classic-mceliece-348864-sha256"
 #define	KEX_CLASSIC_MCELIECE_348864F_SHA256	"classic-mceliece-348864f-sha256"
 #define	KEX_CLASSIC_MCELIECE_460896_SHA512	"classic-mceliece-460896-sha512"
@@ -89,6 +90,9 @@
 #define	KEX_HQC_128_SHA256	"hqc-128-sha256"
 #define	KEX_HQC_192_SHA384	"hqc-192-sha384"
 #define	KEX_HQC_256_SHA512	"hqc-256-sha512"
+#define	KEX_ML_KEM_512_SHA256	"ml-kem-512-sha256"
+#define	KEX_ML_KEM_768_SHA256	"ml-kem-768-sha256"
+#define	KEX_ML_KEM_1024_SHA384	"ml-kem-1024-sha384"
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 #define	KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256	"ecdh-nistp256-frodokem-640-aesr2-sha256@openquantumsafe.org"
@@ -100,8 +104,9 @@
 #define	KEX_KYBER_512_ECDH_NISTP256_SHA256	"ecdh-nistp256-kyber-512r3-sha256-d00@openquantumsafe.org"
 #define	KEX_KYBER_768_ECDH_NISTP384_SHA384	"ecdh-nistp384-kyber-768r3-sha384-d00@openquantumsafe.org"
 #define	KEX_KYBER_1024_ECDH_NISTP521_SHA512	"ecdh-nistp521-kyber-1024r3-sha512-d00@openquantumsafe.org"
-#define	KEX_BIKE_L1_ECDH_NISTP256_SHA512	"ecdh-nistp256-bike-l1r3-sha512@openquantumsafe.org"
-#define	KEX_BIKE_L3_ECDH_NISTP384_SHA512	"ecdh-nistp384-bike-l3r3-sha512@openquantumsafe.org"
+#define	KEX_BIKE_L1_ECDH_NISTP256_SHA512	"ecdh-nistp256-bike-l1r4-sha512@openquantumsafe.org"
+#define	KEX_BIKE_L3_ECDH_NISTP384_SHA512	"ecdh-nistp384-bike-l3r4-sha512@openquantumsafe.org"
+#define	KEX_BIKE_L5_ECDH_NISTP521_SHA512	"ecdh-nistp521-bike-l5r4-sha512@openquantumsafe.org"
 #define	KEX_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256	"ecdh-nistp256-classic-mceliece-348864r4-sha256@openquantumsafe.org"
 #define	KEX_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256	"ecdh-nistp256-classic-mceliece-348864fr4-sha256@openquantumsafe.org"
 #define	KEX_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512	"ecdh-nistp384-classic-mceliece-460896r4-sha512@openquantumsafe.org"
@@ -115,6 +120,9 @@
 #define	KEX_HQC_128_ECDH_NISTP256_SHA256	"ecdh-nistp256-hqc-128r3-sha256@openquantumsafe.org"
 #define	KEX_HQC_192_ECDH_NISTP384_SHA384	"ecdh-nistp384-hqc-192r3-sha384@openquantumsafe.org"
 #define	KEX_HQC_256_ECDH_NISTP521_SHA512	"ecdh-nistp521-hqc-256r3-sha512@openquantumsafe.org"
+#define	KEX_ML_KEM_512_ECDH_NISTP256_SHA256	"ecdh-nistp256-ml-kem-512-sha256@openquantumsafe.org"
+#define	KEX_ML_KEM_768_ECDH_NISTP256_SHA256	"mlkem768nistp256-sha256"
+#define	KEX_ML_KEM_1024_ECDH_NISTP384_SHA384	"mlkem1024nistp384-sha384"
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_PRETTY_NAMES_END
@@ -169,6 +177,7 @@ enum kex_exchange {
 	KEX_KEM_KYBER_1024_SHA512,
 	KEX_KEM_BIKE_L1_SHA512,
 	KEX_KEM_BIKE_L3_SHA512,
+	KEX_KEM_BIKE_L5_SHA512,
 	KEX_KEM_CLASSIC_MCELIECE_348864_SHA256,
 	KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256,
 	KEX_KEM_CLASSIC_MCELIECE_460896_SHA512,
@@ -182,6 +191,9 @@ enum kex_exchange {
 	KEX_KEM_HQC_128_SHA256,
 	KEX_KEM_HQC_192_SHA384,
 	KEX_KEM_HQC_256_SHA512,
+	KEX_KEM_ML_KEM_512_SHA256,
+	KEX_KEM_ML_KEM_768_SHA256,
+	KEX_KEM_ML_KEM_1024_SHA384,
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256,
@@ -195,6 +207,7 @@ enum kex_exchange {
 	KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512,
 	KEX_KEM_BIKE_L1_ECDH_NISTP256_SHA512,
 	KEX_KEM_BIKE_L3_ECDH_NISTP384_SHA512,
+	KEX_KEM_BIKE_L5_ECDH_NISTP521_SHA512,
 	KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256,
 	KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256,
 	KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512,
@@ -208,6 +221,9 @@ enum kex_exchange {
 	KEX_KEM_HQC_128_ECDH_NISTP256_SHA256,
 	KEX_KEM_HQC_192_ECDH_NISTP384_SHA384,
 	KEX_KEM_HQC_256_ECDH_NISTP521_SHA512,
+	KEX_KEM_ML_KEM_512_ECDH_NISTP256_SHA256,
+	KEX_KEM_ML_KEM_768_ECDH_NISTP256_SHA256,
+	KEX_KEM_ML_KEM_1024_ECDH_NISTP384_SHA384,
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ENUMS_END
@@ -397,6 +413,10 @@ int	 kex_kem_bike_l1_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 int	 kex_kem_bike_l3_keypair(struct kex *);
 int	 kex_kem_bike_l3_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_bike_l3_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike_l5 prototypes */
+int	 kex_kem_bike_l5_keypair(struct kex *);
+int	 kex_kem_bike_l5_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike_l5_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 /* classic_mceliece_348864 prototypes */
 int	 kex_kem_classic_mceliece_348864_keypair(struct kex *);
 int	 kex_kem_classic_mceliece_348864_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
@@ -449,6 +469,18 @@ int	 kex_kem_hqc_192_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 int	 kex_kem_hqc_256_keypair(struct kex *);
 int	 kex_kem_hqc_256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_hqc_256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ml_kem_512 prototypes */
+int	 kex_kem_ml_kem_512_keypair(struct kex *);
+int	 kex_kem_ml_kem_512_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ml_kem_512_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ml_kem_768 prototypes */
+int	 kex_kem_ml_kem_768_keypair(struct kex *);
+int	 kex_kem_ml_kem_768_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ml_kem_768_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ml_kem_1024 prototypes */
+int	 kex_kem_ml_kem_1024_keypair(struct kex *);
+int	 kex_kem_ml_kem_1024_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ml_kem_1024_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 /* frodokem_640_aes_nistp256 prototypes */
@@ -495,6 +527,10 @@ int	 kex_kem_bike_l1_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, stru
 int	 kex_kem_bike_l3_ecdh_nistp384_keypair(struct kex *);
 int	 kex_kem_bike_l3_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_bike_l3_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike_l5_nistp521 prototypes */
+int	 kex_kem_bike_l5_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_bike_l5_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike_l5_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 /* classic_mceliece_348864_nistp256 prototypes */
 int	 kex_kem_classic_mceliece_348864_ecdh_nistp256_keypair(struct kex *);
 int	 kex_kem_classic_mceliece_348864_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
@@ -547,6 +583,18 @@ int	 kex_kem_hqc_192_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, stru
 int	 kex_kem_hqc_256_ecdh_nistp521_keypair(struct kex *);
 int	 kex_kem_hqc_256_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_hqc_256_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ml_kem_512_nistp256 prototypes */
+int	 kex_kem_ml_kem_512_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_ml_kem_512_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ml_kem_512_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ml_kem_768_nistp256 prototypes */
+int	 kex_kem_ml_kem_768_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_ml_kem_768_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ml_kem_768_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ml_kem_1024_nistp384 prototypes */
+int	 kex_kem_ml_kem_1024_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_ml_kem_1024_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ml_kem_1024_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DECLARE_KEX_PROTOTYPES_END