open-quantum-safe · dstebila · Oct 24, 2021 · Oct 19, 2021 · Oct 22, 2021
diff --git a/README.md b/README.md
@@ -65,7 +65,7 @@ The following quantum-safe algorithms from liboqs are supported (assuming they h
 - **HQC**: `hqc-128-sha256`, `hqc-192-sha384`, `hqc-256-sha512`†
 - **Kyber**: `kyber-512-sha256`, `kyber-768-sha384`, `kyber-1024-sha512`, `kyber-512-90s-sha256`, `kyber-768-90s-sha384`, `kyber-1024-90s-sha512`
 - **NTRU**: `ntru-hps2048509-sha512`, `ntru-hps2048677-sha512`, `ntru-hrss701-sha512`, `ntru-hps4096821-sha512`
-- **NTRU-PRIME**: `ntruprime-ntrulpr653-sha256`, `ntruprime-sntrup653-sha256`, `ntruprime-ntrulpr761-sha384`, `ntruprime-sntrup761-sha384`, `ntruprime-ntrulpr857-sha384`, `ntruprime-sntrup857-sha384`
+- **NTRU-PRIME**: `ntruprime-ntrulpr653-sha256`, `ntruprime-sntrup653-sha256`, `ntruprime-ntrulpr761-sha384`, `ntruprime-sntrup761-sha384`, `ntruprime-ntrulpr857-sha384`, `ntruprime-sntrup857-sha384`, `ntruprime-ntrulpr1277-sha512`, `ntruprime-sntrup1277-sha512`
 - **SIDH**: `sidh-p434-sha256`, `sidh-p434-compressed-sha256`, `sidh-p610-sha256`, `sidh-p610-compressed-sha256`, `sidh-p751-sha256`, `sidh-p751-compressed-sha256`
 - **SIKE**: `sike-p434-sha256`, `sike-p434-compressed-sha256`, `sike-p610-sha256`, `sike-p610-compressed-sha256`, `sike-p751-sha256`, `sike-p751-compressed-sha256`
 - **Saber**: `saber-lightsaber-sha256`, `saber-saber-sha384`, `saber-firesaber-sha512`

diff --git a/appveyor_build.bat b/appveyor_build.bat
@@ -1,5 +1,5 @@
 IF %COMPILER%==cygwin (
     @echo on
     SET "PATH=C:\cywin64\bin;c:\cygwin64;%PATH%"
-    c:\cygwin64\bin\bash.exe -lc "setup-x86_64.exe -qnNdO -R C:/cygwin64 -l C:/cygwin/var/cache/setup -P openssl -P libssl-devel -P zlib -P zlib-devel -P ninja -P cmake -P gcc -P make -P autoconf && cd ${APPVEYOR_BUILD_FOLDER} && openssl version && cygcheck -c && pwd && git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && cd liboqs && mkdir build && cd build && cmake .. -GNinja -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=${APPVEYOR_BUILD_FOLDER}/oqs -DOQS_BUILD_ONLY_LIB=ON && ninja -v && ninja install && cd ${APPVEYOR_BUILD_FOLDER} && mkdir -p -m 0755 /var/empty && export LIBOQS_INSTALL=`pwd`/oqs && autoreconf && LDFLAGS=\"-Wl,--stack,20000000\" ./configure --with-liboqs-dir=`pwd`/oqs --with-libs=-lm && make && make install && TEST_SSH_UNSAFE_PERMISSIONS=1 make tests LTESTS=\"\" "
+    c:\cygwin64\bin\bash.exe -lc "setup-x86_64.exe -qnNdO -R C:/cygwin64 -l C:/cygwin/var/cache/setup -P openssl -P libssl-devel -P zlib -P zlib-devel -P ninja -P cmake -P gcc -P make -P autoconf && cd ${APPVEYOR_BUILD_FOLDER} && openssl version && cygcheck -c && pwd && git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git && cd liboqs && mkdir build && cd build && cmake .. -GNinja -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=${APPVEYOR_BUILD_FOLDER}/oqs -DOQS_BUILD_ONLY_LIB=ON && ninja -v && ninja install && cd ${APPVEYOR_BUILD_FOLDER} && mkdir -p -m 0755 /var/empty && export LIBOQS_INSTALL=`pwd`/oqs && autoreconf && LDFLAGS=\"-Wl,--stack,20000000\" ./configure --without-openssl-header-check --with-liboqs-dir=`pwd`/oqs --with-libs=-lm && make && make install && TEST_SSH_UNSAFE_PERMISSIONS=1 make tests LTESTS=\"\" "
 )
diff --git a/kex.c b/kex.c
@@ -170,6 +170,8 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_NTRUPRIME_SNTRUP761_SHA384, KEX_KEM_NTRUPRIME_SNTRUP761_SHA384, 0, SSH_DIGEST_SHA384 },
 	{ KEX_NTRUPRIME_NTRULPR857_SHA384, KEX_KEM_NTRUPRIME_NTRULPR857_SHA384, 0, SSH_DIGEST_SHA384 },
 	{ KEX_NTRUPRIME_SNTRUP857_SHA384, KEX_KEM_NTRUPRIME_SNTRUP857_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_NTRULPR1277_SHA512, KEX_KEM_NTRUPRIME_NTRULPR1277_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_NTRUPRIME_SNTRUP1277_SHA512, KEX_KEM_NTRUPRIME_SNTRUP1277_SHA512, 0, SSH_DIGEST_SHA512 },
 #ifdef OPENSSL_HAS_ECC
 	{ KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
 	{ KEX_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
@@ -223,6 +225,8 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384, KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
 	{ KEX_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384, KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
 	{ KEX_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384, KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512, KEX_KEM_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512, KEX_KEM_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
 #endif /* OPENSSL_HAS_ECC */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ALGS_END
 

diff --git a/kex.h b/kex.h
@@ -116,6 +116,8 @@
 #define	KEX_NTRUPRIME_SNTRUP761_SHA384	"ntruprime-sntrup761-sha384"
 #define	KEX_NTRUPRIME_NTRULPR857_SHA384	"ntruprime-ntrulpr857-sha384"
 #define	KEX_NTRUPRIME_SNTRUP857_SHA384	"ntruprime-sntrup857-sha384"
+#define	KEX_NTRUPRIME_NTRULPR1277_SHA512	"ntruprime-ntrulpr1277-sha512"
+#define	KEX_NTRUPRIME_SNTRUP1277_SHA512	"ntruprime-sntrup1277-sha512"
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 #define	KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256	"ecdh-nistp256-frodokem-640-aes-sha256"
@@ -170,6 +172,8 @@
 #define	KEX_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384	"ecdh-nistp384-ntruprime-sntrup761-sha384"
 #define	KEX_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384	"ecdh-nistp384-ntruprime-ntrulpr857-sha384"
 #define	KEX_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384	"ecdh-nistp384-ntruprime-sntrup857-sha384"
+#define	KEX_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512	"ecdh-nistp521-ntruprime-ntrulpr1277-sha512"
+#define	KEX_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512	"ecdh-nistp521-ntruprime-sntrup1277-sha512"
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_PRETTY_NAMES_END
@@ -266,6 +270,8 @@ enum kex_exchange {
 	KEX_KEM_NTRUPRIME_SNTRUP761_SHA384,
 	KEX_KEM_NTRUPRIME_NTRULPR857_SHA384,
 	KEX_KEM_NTRUPRIME_SNTRUP857_SHA384,
+	KEX_KEM_NTRUPRIME_NTRULPR1277_SHA512,
+	KEX_KEM_NTRUPRIME_SNTRUP1277_SHA512,
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256,
@@ -320,6 +326,8 @@ enum kex_exchange {
 	KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384,
 	KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384,
 	KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384,
+	KEX_KEM_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512,
+	KEX_KEM_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512,
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ENUMS_END
@@ -656,6 +664,14 @@ int	 kex_kem_ntruprime_ntrulpr857_dec(struct kex *, const struct sshbuf *, struc
 int	 kex_kem_ntruprime_sntrup857_keypair(struct kex *);
 int	 kex_kem_ntruprime_sntrup857_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_ntruprime_sntrup857_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr1277 prototypes */
+int	 kex_kem_ntruprime_ntrulpr1277_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr1277_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr1277_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup1277 prototypes */
+int	 kex_kem_ntruprime_sntrup1277_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup1277_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup1277_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 /* frodokem_640_aes_nistp256 prototypes */
@@ -866,6 +882,14 @@ int	 kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_dec(struct kex *, const struct s
 int	 kex_kem_ntruprime_sntrup857_ecdh_nistp384_keypair(struct kex *);
 int	 kex_kem_ntruprime_sntrup857_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_ntruprime_sntrup857_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr1277_nistp521 prototypes */
+int	 kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup1277_nistp521 prototypes */
+int	 kex_kem_ntruprime_sntrup1277_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup1277_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup1277_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DECLARE_KEX_PROTOTYPES_END

diff --git a/kexgen.c b/kexgen.c
@@ -278,6 +278,12 @@ kex_gen_client(struct ssh *ssh)
 	case KEX_KEM_NTRUPRIME_SNTRUP857_SHA384:
 		r = kex_kem_ntruprime_sntrup857_keypair(kex);
 		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR1277_SHA512:
+		r = kex_kem_ntruprime_ntrulpr1277_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP1277_SHA512:
+		r = kex_kem_ntruprime_sntrup1277_keypair(kex);
+		break;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	case KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256:
@@ -436,6 +442,12 @@ kex_gen_client(struct ssh *ssh)
 	case KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384:
 		r = kex_kem_ntruprime_sntrup857_ecdh_nistp384_keypair(kex);
 		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntruprime_sntrup1277_ecdh_nistp521_keypair(kex);
+		break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_CLIENT_SWITCH_CASES_END
@@ -668,6 +680,12 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh)
 	case KEX_KEM_NTRUPRIME_SNTRUP857_SHA384:
 		r = kex_kem_ntruprime_sntrup857_dec(kex, server_blob, &shared_secret);
 		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR1277_SHA512:
+		r = kex_kem_ntruprime_ntrulpr1277_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP1277_SHA512:
+		r = kex_kem_ntruprime_sntrup1277_dec(kex, server_blob, &shared_secret);
+		break;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	case KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256:
@@ -826,6 +844,12 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh)
 	case KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384:
 		r = kex_kem_ntruprime_sntrup857_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
 		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntruprime_sntrup1277_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_REPLY_SWITCH_CASES_END
@@ -1143,6 +1167,14 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh)
 		r = kex_kem_ntruprime_sntrup857_enc(kex, client_pubkey,
 		    &server_pubkey, &shared_secret);
 		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR1277_SHA512:
+		r = kex_kem_ntruprime_ntrulpr1277_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP1277_SHA512:
+		r = kex_kem_ntruprime_sntrup1277_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	case KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256:
@@ -1353,6 +1385,14 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh)
 		r = kex_kem_ntruprime_sntrup857_ecdh_nistp384_enc(kex, client_pubkey,
 		    &server_pubkey, &shared_secret);
 		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntruprime_sntrup1277_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_INIT_SWITCH_CASES_END

diff --git a/kexoqs.c b/kexoqs.c
@@ -2220,4 +2220,84 @@ int kex_kem_ntruprime_sntrup857_dec(struct kex *kex,
     OQS_KEM_free(kem);
     return r;
 }
+/*---------------------------------------------------
+ * NTRUPRIME_NTRULPR1277 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr1277_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_ntrulpr1277_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr1277_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRUPRIME_SNTRUP1277 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup1277_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_sntrup1277_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup1277_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_METHODS_END
diff --git a/kexoqsecdh.c b/kexoqsecdh.c
@@ -2485,6 +2485,88 @@ int kex_kem_ntruprime_sntrup857_ecdh_nistp384_dec(struct kex *kex,
     OQS_KEM_free(kem);
     return r;
 }
+/*---------------------------------------------------------------
+ * NTRUPRIME_NTRULPR1277_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr1277_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRUPRIME_SNTRUP1277_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup1277_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup1277_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup1277_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup1277);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_WITH_EC_METHODS_END
 
 #endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */
diff --git a/monitor.c b/monitor.c
@@ -1791,6 +1791,8 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
 		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR1277_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP1277_SHA512] = kex_gen_server;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 		kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_server;
@@ -1845,6 +1847,8 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
 		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR1277_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP1277_ECDH_NISTP521_SHA512] = kex_gen_server;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_APPLY_KEYSTATE_END