upstream: Add support for a PQC KEX/KEM:

sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not
enabled by default.

introduce KEM API; a simplified framework for DH-ish KEX methods.

from markus@ feedback & ok djm@

OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7

1 files changed, 17 insertions, 1 deletions

diff --git a/crypto_api.h b/crypto_api.h
index 7f45bbd6..eb05251f 100644
--- a/crypto_api.h
+++ b/crypto_api.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: crypto_api.h,v 1.4 2017/12/14 21:07:39 naddy Exp $ */
+/* $OpenBSD: crypto_api.h,v 1.5 2019/01/21 10:20:12 djm Exp $ */
 
 /*
  * Assembled from generated headers and source files by Markus Friedl.
@@ -15,10 +15,15 @@
 #endif
 #include <stdlib.h>
 
+typedef int8_t crypto_int8;
+typedef uint8_t crypto_uint8;
+typedef int16_t crypto_int16;
+typedef uint16_t crypto_uint16;
 typedef int32_t crypto_int32;
 typedef uint32_t crypto_uint32;
 
 #define randombytes(buf, buf_len) arc4random_buf((buf), (buf_len))
+#define small_random32() arc4random()
 
 #define crypto_hash_sha512_BYTES 64U
 
@@ -37,4 +42,15 @@ int	crypto_sign_ed25519_open(unsigned char *, unsigned long long *,
     const unsigned char *, unsigned long long, const unsigned char *);
 int	crypto_sign_ed25519_keypair(unsigned char *, unsigned char *);
 
+#define crypto_kem_sntrup4591761_PUBLICKEYBYTES 1218
+#define crypto_kem_sntrup4591761_SECRETKEYBYTES 1600
+#define crypto_kem_sntrup4591761_CIPHERTEXTBYTES 1047
+#define crypto_kem_sntrup4591761_BYTES 32
+
+int	crypto_kem_sntrup4591761_enc(unsigned char *cstr, unsigned char *k,
+    const unsigned char *pk);
+int	crypto_kem_sntrup4591761_dec(unsigned char *k,
+    const unsigned char *cstr, const unsigned char *sk);
+int	crypto_kem_sntrup4591761_keypair(unsigned char *pk, unsigned char *sk);
+
 #endif /* crypto_api_h */