From cbbb4b5b45fa2df058bd9143a171e3bacd412219 Mon Sep 17 00:00:00 2001
From: Michael Baentsch <info@baentsch.ch>
Date: Thu, 27 May 2021 18:02:29 +0200
Subject: [PATCH] Adding all algorithms (#97)

* added all algorithms from current liboqs main
* caveats for McEliece and Rainbow documented
---
 .circleci/config.yml                          |    8 +-
 README.md                                     |   52 +-
 kex.c                                         |  100 +
 kex.h                                         |  600 +++++
 kexgen.c                                      | 1000 ++++++++
 kexoqs.c                                      | 2012 +++++++++++++++-
 kexoqsecdh.c                                  | 2062 ++++++++++++++++-
 match.c                                       |    2 +-
 monitor.c                                     |  100 +
 myproposal.h                                  |  102 +-
 oqs-template/README.md/list_all_kexs.fragment |    2 +-
 oqs-template/README.md/list_all_sigs.fragment |    2 +-
 oqs-template/generate.py                      |   13 +-
 oqs-template/generate.yml                     |  963 +++++++-
 oqs-test/try_connection.py                    |  167 +-
 oqs-utils.c                                   |   24 +-
 oqs-utils.h                                   |   25 +-
 packet.c                                      |    3 +-
 pathnames.h                                   |   50 +-
 readconf.c                                    |   28 +-
 regress/keygen-comment.sh                     |   10 +-
 servconf.c                                    |   40 +-
 sk-api.h                                      |   29 +-
 ssh-add.c                                     |   25 +-
 ssh-keygen.c                                  |  181 +-
 ssh-keyscan.c                                 |  286 ++-
 ssh-keysign.c                                 |   27 +-
 ssh-oqs.c                                     |  232 +-
 ssh-rsa.c                                     |    5 +-
 ssh.c                                         |   31 +-
 ssh_api.c                                     |  200 ++
 sshconnect2.c                                 |  100 +
 sshd.c                                        |  100 +
 sshkey.c                                      |  300 ++-
 sshkey.h                                      |   45 +-
 35 files changed, 8655 insertions(+), 271 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index c69f14f68f73..31a54735b6a7 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -38,11 +38,11 @@ jobs:
           name: Build OpenSSH
           command: env WITH_OPENSSL=<< parameters.WITH_OPENSSL >> ./oqs-scripts/build_openssh.sh
       - run:
-          name: Run tests
-          command: ./oqs-test/run_tests.sh
+          name: Run short tests
+          command: make tests LTESTS=""
       - run:
-          name: Ensure we have the ssh and sshd syntax right
-          command: python3 oqs-test/try_connection.py
+          name: Ensure we have the ssh and sshd syntax right once for each algorithm
+          command: python3 oqs-test/try_connection.py doone
 workflows:
   version: 2.1
   build:
diff --git a/README.md b/README.md
index 88c399830f70..ed681a257d2a 100644
--- a/README.md
+++ b/README.md
@@ -57,8 +57,16 @@ The following quantum-safe algorithms from liboqs are supported (assuming they h
 
 - `oqs-default-sha256` (see [here](https://github.com/open-quantum-safe/openssh-portable/wiki/Using-liboqs-supported-algorithms-in-the-fork) for what this denotes)
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_START -->
-- **FrodoKEM**: `frodokem-640-aes-sha256`, `frodokem-976-aes-sha384`, `frodokem-1344-aes-sha512`
-- **SIKE**: `sike-p434-sha256`
+- **BIKE**: `bike1-l1-cpa-sha512`, `bike1-l1-fo-sha512`, `bike1-l3-cpa-sha512`, `bike1-l3-fo-sha512`
+- **ClassicMcEliece**: `classic-mceliece-348864-sha256`, `classic-mceliece-348864f-sha256`, `classic-mceliece-460896-sha512`, `classic-mceliece-460896f-sha512`, `classic-mceliece-6688128-sha512`, `classic-mceliece-6688128f-sha512`, `classic-mceliece-6960119-sha512`, `classic-mceliece-6960119f-sha512`, `classic-mceliece-8192128-sha512`, `classic-mceliece-8192128f-sha512`
+- **FrodoKEM**: `frodokem-640-aes-sha256`, `frodokem-976-aes-sha384`, `frodokem-1344-aes-sha512`, `frodokem-640-shake-sha256`, `frodokem-976-shake-sha384`, `frodokem-1344-shake-sha512`
+- **HQC**: `hqc-128-sha256`, `hqc-192-sha384`, `hqc-256-sha512`†
+- **Kyber**: `kyber-512-sha256`, `kyber-768-sha384`, `kyber-1024-sha512`, `kyber-512-90s-sha256`, `kyber-768-90s-sha384`, `kyber-1024-90s-sha512`
+- **NTRU**: `ntru-hps2048509-sha512`, `ntru-hps2048677-sha512`, `ntru-hrss701-sha512`, `ntru-hps4096821-sha512`
+- **NTRU-PRIME**: `ntruprime-ntrulpr653-sha256`, `ntruprime-sntrup653-sha256`, `ntruprime-ntrulpr761-sha384`, `ntruprime-sntrup761-sha384`, `ntruprime-ntrulpr857-sha384`, `ntruprime-sntrup857-sha384`
+- **SIDH**: `sidh-p434-sha256`, `sidh-p434-compressed-sha256`, `sidh-p610-sha256`, `sidh-p610-compressed-sha256`, `sidh-p751-sha256`, `sidh-p751-compressed-sha256`
+- **SIKE**: `sike-p434-sha256`, `sike-p434-compressed-sha256`, `sike-p610-sha256`, `sike-p610-compressed-sha256`, `sike-p751-sha256`, `sike-p751-compressed-sha256`
+- **Saber**: `saber-lightsaber-sha256`, `saber-saber-sha384`, `saber-firesaber-sha512`
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_END -->
 
 For each `<KEX>` listed above, the following hybrid algorithms are made available as follows:
@@ -71,13 +79,18 @@ Note that algorithms marked with a dagger (†) have large stack usage and may c
 
 #### Digital Signature
 
-The following digital signature algorithms from liboqs are supported (assuming they have been enabled in liboqs). Note that only L1 signature and all **Rainbow** variants are enabled by default, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-for://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-fork#code-generation).
+The following digital signature algorithms from liboqs are supported (assuming they have been enabled in liboqs). Note that only select L3 signature variants are enabled by default, and should you wish to enable additional variants, consult [the "Code Generation" section of the documentation in the wiki](https://github.com/open-quantum-safe/openssh/wiki/Using-liboqs-supported-algorithms-in-the-fork#code-generation). Note that enabling Rainbow will introduce a substantial execution delay to all operations. If doing it inadvertently, tests will fail and all kind of headaches occur. You have been warned.
 
 - `oqsdefault` (see [here](https://github.com/open-quantum-safe/openssh-portable/wiki/Using-liboqs-supported-algorithms-in-the-fork) for what this denotes)
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_START -->
-- **Dilithium**: `dilithium2`, `dilithium3`, `dilithium5`
+- **Dilithium**: `dilithium2`, `dilithium3`*, `dilithium5`, `dilithium2aes`*, `dilithium3aes`, `dilithium5aes`*
+- **Falcon**: `falcon512`*, `falcon1024`*
+- **Picnic**: `picnicL1FS`, `picnicL1UR`, `picnicL1full`*, `picnicL3FS`*, `picnicL3UR`, `picnicL3full`, `picnicL5FS`, `picnicL5UR`, `picnicL5full`
+- **Rainbow**: `rainbowIclassic`, `rainbowIcircumzenithal`, `rainbowIcompressed`, `rainbowIIIclassic`, `rainbowIIIcircumzenithal`, `rainbowIIIcompressed`, `rainbowVclassic`, `rainbowVcircumzenithal`, `rainbowVcompressed`
+- **SPHINCS**: `sphincsharaka128frobust`, `sphincsharaka128fsimple`*, `sphincsharaka128srobust`, `sphincsharaka128ssimple`, `sphincssha256128frobust`, `sphincssha256128srobust`, `sphincssha256128fsimple`, `sphincssha256128ssimple`, `sphincsshake256128frobust`, `sphincsshake256128srobust`, `sphincsshake256128fsimple`, `sphincsshake256128ssimple`, `sphincsharaka192frobust`*, `sphincsharaka192srobust`, `sphincsharaka192fsimple`, `sphincsharaka192ssimple`, `sphincssha256192frobust`, `sphincssha256192srobust`, `sphincssha256192fsimple`, `sphincssha256192ssimple`, `sphincsshake256192frobust`, `sphincsshake256192srobust`, `sphincsshake256192fsimple`, `sphincsshake256192ssimple`, `sphincsharaka256frobust`, `sphincsharaka256srobust`, `sphincsharaka256fsimple`, `sphincsharaka256ssimple`, `sphincssha256256frobust`, `sphincssha256256srobust`, `sphincssha256256fsimple`, `sphincssha256256ssimple`, `sphincsshake256256frobust`, `sphincsshake256256srobust`, `sphincsshake256256fsimple`, `sphincsshake256256ssimple`
 <!--- OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END -->
 
+
 The following hybrid algorithms are supported; they combine a quantum-safe algorithm listed above with a traditional digital signature algorithm (`<SIG>` is any one of the algorithms listed above):
 
 - if `<SIG>` has L1 security, then the fork provides the methods `rsa3072-<SIG>` and `ecdsa-nistp256-<SIG>`, which combine `<SIG>` with RSA3072 and with ECDSA using NIST's P256 curve respectively.
@@ -86,7 +99,7 @@ The following hybrid algorithms are supported; they combine a quantum-safe algor
 
 ## Quickstart
 
-The steps below have been confirmed to work on macOS 10.14 (clang 10.0.0) and Ubuntu 18.04.1 Bionic (gcc-7).
+The steps below have been confirmed to work on Ubuntu 20.04.1 Focal
 
 ### Building OQS-OpenSSH
 
@@ -131,7 +144,6 @@ Building liboqs requires your system to have OpenSSL 1.1.1 or higher already ins
 In `<OPENSSH_ROOT>`, first run:
 
 ```
-export LIBOQS_INSTALL=<path-to-liboqs>
 export OPENSSH_INSTALL=<path-to-install-openssh>
 autoreconf
 ```
@@ -143,25 +155,17 @@ Then, run the following:
 	            --with-libs=-lm                          \
 	            --prefix=$OPENSSH_INSTALL                \
 	            --sysconfdir=$OPENSSH_INSTALL            \
-	            --with-liboqs-dir=$LIBOQS_INSTALL
-	make -j
+	            --with-liboqs-dir=`pwd`/oqs
+	make 
 	make install
 
-To test the build, run:
-
-	make tests
+Again, the `path-to-openssl` (1.1.1) does not need to be specified if it is in one of the standard locations.
 
-To run OQS-specific tests of all the post-quantum key-exchanges:
+So, in summary, if OpenSSL is installed in a default location and `oqs-openssh` is to be installed in `/opt/openssh` this command builds and installs `oqs-openssh`: `export OPENSSH_INSTALL=/opt/openssh && autoreconf && ./configure --with-libs=-lm --prefix=$OPENSSH_INSTALL --sysconfdir=$OPENSSH_INSTALL --with-liboqs-dir=`pwd`/oqs && make && make install`
 
-```
-python3 -m nose --rednose --verbose
-```
+As not all stock `openssh` tests are passing, be sure to execute `oqs-test/run_tests.sh` instead of simply executing `make tests` to ensure the build was successful.
 
-To run OQS-specific tests of all combinations of post-quantum key-exchange and authentication algorithms:
-
-```
-env WITH_PQAUTH=true python3 -m nose --rednose --verbose
-```
+To execute a connection test with one of the supported quantum-safe algorithms (chosen at random), run `python3 oqs-test/try_connection.py`. If all algorithms should be exercized, pass a parameter to this command, e.g., like this: `python3 oqs-test/try_connection.py all`. Be aware that this test can take a long time due to the number of algorithm combinations available.
 
 ### Running OQS-OpenSSH
 
@@ -197,7 +201,7 @@ In one terminal, run a server:
 	                            -o AuthorizedKeysFile=<absolute-path-to>/ssh_server/authorized_keys \
 	                            -o HostKeyAlgorithms=ssh-<SIG> \
 	                            -o PubkeyAcceptedKeyTypes=ssh-<SIG> \
-	                            -h <absolute-path-to>/ssh_server/id_<SIG>]
+	                            -h <absolute-path-to>/ssh_server/id_<SIG>
 
 `<KEX>` and `<SIG>` are respectively one of the key exchange and signature (PQ-only or hybrid) algorithms listed in the [Supported Algorithms](#supported-algorithms) section above.
 
@@ -205,16 +209,17 @@ The `-o` options can also be added to the server/client configuration file inste
 
 The server automatically supports all available hybrid and PQ-only key exchange algorithms.  `sudo` is required on Linux so that sshd can read the shadow password file.
 
-In another terminal, run a client(the arguments between `[...]` can be omitted if only classical authentication is required):
+In another terminal, run a client:
 
 	<path-to-openssh>/bin/ssh -p 2222 localhost \
 	                          -o KexAlgorithms=<KEX> \
 	                          -o HostKeyAlgorithms=ssh-<SIG>\
 	                          -o PubkeyAcceptedKeyTypes=ssh-<SIG> \
 	                          -o StrictHostKeyChecking=no \
+	                          -o PasswordAuthentication=no \
 	                          -i ~/ssh_client/id_<SIG>
 
-The `StrictHostKeyChecking` option is used to allow trusting the newly generated server key; alternatively, the key could be added manually to the client's trusted keys.
+The `StrictHostKeyChecking` option is used to allow trusting the newly generated server key; alternatively, the key could be added manually to the client's trusted keys. The `PasswordAuthentication` option is used to ensure the test server does not fall back to password authentication if public key authentication fails for some reason.
 
 ## Contributing
 
@@ -236,6 +241,7 @@ Contributors to this fork of OpenSSH include:
 - Christian Paquin (Microsoft Research)
 - Douglas Stebila (University of Waterloo)
 - Goutam Tamvada (University of Waterloo)
+- Michael Baentsch
 
 Contributors to an earlier OQS fork of OpenSSH included:
 
diff --git a/kex.c b/kex.c
index 4c281358d8e2..bec8d30c4b1b 100644
--- a/kex.c
+++ b/kex.c
@@ -120,13 +120,113 @@ static const struct kexalg kexalgs[] = {
 	{ KEX_FRODOKEM_640_AES_SHA256, KEX_KEM_FRODOKEM_640_AES_SHA256, 0, SSH_DIGEST_SHA256 },
 	{ KEX_FRODOKEM_976_AES_SHA384, KEX_KEM_FRODOKEM_976_AES_SHA384, 0, SSH_DIGEST_SHA384 },
 	{ KEX_FRODOKEM_1344_AES_SHA512, KEX_KEM_FRODOKEM_1344_AES_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_FRODOKEM_640_SHAKE_SHA256, KEX_KEM_FRODOKEM_640_SHAKE_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_FRODOKEM_976_SHAKE_SHA384, KEX_KEM_FRODOKEM_976_SHAKE_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_FRODOKEM_1344_SHAKE_SHA512, KEX_KEM_FRODOKEM_1344_SHAKE_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_SIDH_P434_SHA256, KEX_KEM_SIDH_P434_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P434_COMPRESSED_SHA256, KEX_KEM_SIDH_P434_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P610_SHA256, KEX_KEM_SIDH_P610_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P610_COMPRESSED_SHA256, KEX_KEM_SIDH_P610_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P751_SHA256, KEX_KEM_SIDH_P751_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P751_COMPRESSED_SHA256, KEX_KEM_SIDH_P751_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 },
 	{ KEX_SIKE_P434_SHA256, KEX_KEM_SIKE_P434_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P434_COMPRESSED_SHA256, KEX_KEM_SIKE_P434_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P610_SHA256, KEX_KEM_SIKE_P610_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P610_COMPRESSED_SHA256, KEX_KEM_SIKE_P610_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P751_SHA256, KEX_KEM_SIKE_P751_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P751_COMPRESSED_SHA256, KEX_KEM_SIKE_P751_COMPRESSED_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SABER_LIGHTSABER_SHA256, KEX_KEM_SABER_LIGHTSABER_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_SABER_SABER_SHA384, KEX_KEM_SABER_SABER_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_SABER_FIRESABER_SHA512, KEX_KEM_SABER_FIRESABER_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_KYBER_512_SHA256, KEX_KEM_KYBER_512_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_KYBER_768_SHA384, KEX_KEM_KYBER_768_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_KYBER_1024_SHA512, KEX_KEM_KYBER_1024_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_KYBER_512_90S_SHA256, KEX_KEM_KYBER_512_90S_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_KYBER_768_90S_SHA384, KEX_KEM_KYBER_768_90S_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_KYBER_1024_90S_SHA512, KEX_KEM_KYBER_1024_90S_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L1_CPA_SHA512, KEX_KEM_BIKE1_L1_CPA_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L1_FO_SHA512, KEX_KEM_BIKE1_L1_FO_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L3_CPA_SHA512, KEX_KEM_BIKE1_L3_CPA_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L3_FO_SHA512, KEX_KEM_BIKE1_L3_FO_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HPS2048509_SHA512, KEX_KEM_NTRU_HPS2048509_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HPS2048677_SHA512, KEX_KEM_NTRU_HPS2048677_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HRSS701_SHA512, KEX_KEM_NTRU_HRSS701_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HPS4096821_SHA512, KEX_KEM_NTRU_HPS4096821_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_348864_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_CLASSIC_MCELIECE_348864F_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_CLASSIC_MCELIECE_460896_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_460896F_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6688128_SHA512, KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6688128F_SHA512, KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6960119_SHA512, KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6960119F_SHA512, KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_8192128_SHA512, KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_8192128F_SHA512, KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_HQC_128_SHA256, KEX_KEM_HQC_128_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_HQC_192_SHA384, KEX_KEM_HQC_192_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_HQC_256_SHA512, KEX_KEM_HQC_256_SHA512, 0, SSH_DIGEST_SHA512 },
+	{ KEX_NTRUPRIME_NTRULPR653_SHA256, KEX_KEM_NTRUPRIME_NTRULPR653_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_NTRUPRIME_SNTRUP653_SHA256, KEX_KEM_NTRUPRIME_SNTRUP653_SHA256, 0, SSH_DIGEST_SHA256 },
+	{ KEX_NTRUPRIME_NTRULPR761_SHA384, KEX_KEM_NTRUPRIME_NTRULPR761_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_SNTRUP761_SHA384, KEX_KEM_NTRUPRIME_SNTRUP761_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_NTRULPR857_SHA384, KEX_KEM_NTRUPRIME_NTRULPR857_SHA384, 0, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_SNTRUP857_SHA384, KEX_KEM_NTRUPRIME_SNTRUP857_SHA384, 0, SSH_DIGEST_SHA384 },
 #ifdef OPENSSL_HAS_ECC
 	{ KEX_OQS_DEFAULT_ECDH_NISTP256_SHA256, KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
 	{ KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
 	{ KEX_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
 	{ KEX_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512, KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256, KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384, KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512, KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_SIDH_P434_ECDH_NISTP256_SHA256, KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256, KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P610_ECDH_NISTP384_SHA256, KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256, KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P751_ECDH_NISTP521_SHA256, KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 },
+	{ KEX_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256, KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 },
 	{ KEX_SIKE_P434_ECDH_NISTP256_SHA256, KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256, KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P610_ECDH_NISTP384_SHA256, KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256, KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256, NID_secp384r1, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P751_ECDH_NISTP521_SHA256, KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 },
+	{ KEX_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256, KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256, NID_secp521r1, SSH_DIGEST_SHA256 },
+	{ KEX_SABER_LIGHTSABER_ECDH_NISTP256_SHA256, KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_SABER_SABER_ECDH_NISTP384_SHA384, KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_SABER_FIRESABER_ECDH_NISTP521_SHA512, KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_KYBER_512_ECDH_NISTP256_SHA256, KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_KYBER_768_ECDH_NISTP384_SHA384, KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_KYBER_1024_ECDH_NISTP521_SHA512, KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_KYBER_512_90S_ECDH_NISTP256_SHA256, KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_KYBER_768_90S_ECDH_NISTP384_SHA384, KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_KYBER_1024_90S_ECDH_NISTP521_SHA512, KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L1_CPA_ECDH_NISTP256_SHA512, KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512, NID_X9_62_prime256v1, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L1_FO_ECDH_NISTP256_SHA512, KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512, NID_X9_62_prime256v1, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L3_CPA_ECDH_NISTP384_SHA512, KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
+	{ KEX_BIKE1_L3_FO_ECDH_NISTP384_SHA512, KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HPS2048509_ECDH_NISTP256_SHA512, KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512, NID_X9_62_prime256v1, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HPS2048677_ECDH_NISTP384_SHA512, KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HRSS701_ECDH_NISTP384_SHA512, KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
+	{ KEX_NTRU_HPS4096821_ECDH_NISTP521_SHA512, KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256, KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512, KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512, NID_secp384r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512, KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512, KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512, KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512, KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512, KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512, KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_HQC_128_ECDH_NISTP256_SHA256, KEX_KEM_HQC_128_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_HQC_192_ECDH_NISTP384_SHA384, KEX_KEM_HQC_192_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_HQC_256_ECDH_NISTP521_SHA512, KEX_KEM_HQC_256_ECDH_NISTP521_SHA512, NID_secp521r1, SSH_DIGEST_SHA512 },
+	{ KEX_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256, KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256, KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256, NID_X9_62_prime256v1, SSH_DIGEST_SHA256 },
+	{ KEX_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384, KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384, KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384, KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
+	{ KEX_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384, KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384, NID_secp384r1, SSH_DIGEST_SHA384 },
 #endif /* OPENSSL_HAS_ECC */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ALGS_END
 
diff --git a/kex.h b/kex.h
index c7c6c6d4ecb1..77a528b519b9 100644
--- a/kex.h
+++ b/kex.h
@@ -69,14 +69,114 @@
 #define	KEX_FRODOKEM_640_AES_SHA256	"frodokem-640-aes-sha256"
 #define	KEX_FRODOKEM_976_AES_SHA384	"frodokem-976-aes-sha384"
 #define	KEX_FRODOKEM_1344_AES_SHA512	"frodokem-1344-aes-sha512"
+#define	KEX_FRODOKEM_640_SHAKE_SHA256	"frodokem-640-shake-sha256"
+#define	KEX_FRODOKEM_976_SHAKE_SHA384	"frodokem-976-shake-sha384"
+#define	KEX_FRODOKEM_1344_SHAKE_SHA512	"frodokem-1344-shake-sha512"
+#define	KEX_SIDH_P434_SHA256	"sidh-p434-sha256"
+#define	KEX_SIDH_P434_COMPRESSED_SHA256	"sidh-p434-compressed-sha256"
+#define	KEX_SIDH_P610_SHA256	"sidh-p610-sha256"
+#define	KEX_SIDH_P610_COMPRESSED_SHA256	"sidh-p610-compressed-sha256"
+#define	KEX_SIDH_P751_SHA256	"sidh-p751-sha256"
+#define	KEX_SIDH_P751_COMPRESSED_SHA256	"sidh-p751-compressed-sha256"
 #define	KEX_SIKE_P434_SHA256	"sike-p434-sha256"
+#define	KEX_SIKE_P434_COMPRESSED_SHA256	"sike-p434-compressed-sha256"
+#define	KEX_SIKE_P610_SHA256	"sike-p610-sha256"
+#define	KEX_SIKE_P610_COMPRESSED_SHA256	"sike-p610-compressed-sha256"
+#define	KEX_SIKE_P751_SHA256	"sike-p751-sha256"
+#define	KEX_SIKE_P751_COMPRESSED_SHA256	"sike-p751-compressed-sha256"
+#define	KEX_SABER_LIGHTSABER_SHA256	"saber-lightsaber-sha256"
+#define	KEX_SABER_SABER_SHA384	"saber-saber-sha384"
+#define	KEX_SABER_FIRESABER_SHA512	"saber-firesaber-sha512"
+#define	KEX_KYBER_512_SHA256	"kyber-512-sha256"
+#define	KEX_KYBER_768_SHA384	"kyber-768-sha384"
+#define	KEX_KYBER_1024_SHA512	"kyber-1024-sha512"
+#define	KEX_KYBER_512_90S_SHA256	"kyber-512-90s-sha256"
+#define	KEX_KYBER_768_90S_SHA384	"kyber-768-90s-sha384"
+#define	KEX_KYBER_1024_90S_SHA512	"kyber-1024-90s-sha512"
+#define	KEX_BIKE1_L1_CPA_SHA512	"bike1-l1-cpa-sha512"
+#define	KEX_BIKE1_L1_FO_SHA512	"bike1-l1-fo-sha512"
+#define	KEX_BIKE1_L3_CPA_SHA512	"bike1-l3-cpa-sha512"
+#define	KEX_BIKE1_L3_FO_SHA512	"bike1-l3-fo-sha512"
+#define	KEX_NTRU_HPS2048509_SHA512	"ntru-hps2048509-sha512"
+#define	KEX_NTRU_HPS2048677_SHA512	"ntru-hps2048677-sha512"
+#define	KEX_NTRU_HRSS701_SHA512	"ntru-hrss701-sha512"
+#define	KEX_NTRU_HPS4096821_SHA512	"ntru-hps4096821-sha512"
+#define	KEX_CLASSIC_MCELIECE_348864_SHA256	"classic-mceliece-348864-sha256"
+#define	KEX_CLASSIC_MCELIECE_348864F_SHA256	"classic-mceliece-348864f-sha256"
+#define	KEX_CLASSIC_MCELIECE_460896_SHA512	"classic-mceliece-460896-sha512"
+#define	KEX_CLASSIC_MCELIECE_460896F_SHA512	"classic-mceliece-460896f-sha512"
+#define	KEX_CLASSIC_MCELIECE_6688128_SHA512	"classic-mceliece-6688128-sha512"
+#define	KEX_CLASSIC_MCELIECE_6688128F_SHA512	"classic-mceliece-6688128f-sha512"
+#define	KEX_CLASSIC_MCELIECE_6960119_SHA512	"classic-mceliece-6960119-sha512"
+#define	KEX_CLASSIC_MCELIECE_6960119F_SHA512	"classic-mceliece-6960119f-sha512"
+#define	KEX_CLASSIC_MCELIECE_8192128_SHA512	"classic-mceliece-8192128-sha512"
+#define	KEX_CLASSIC_MCELIECE_8192128F_SHA512	"classic-mceliece-8192128f-sha512"
+#define	KEX_HQC_128_SHA256	"hqc-128-sha256"
+#define	KEX_HQC_192_SHA384	"hqc-192-sha384"
+#define	KEX_HQC_256_SHA512	"hqc-256-sha512"
+#define	KEX_NTRUPRIME_NTRULPR653_SHA256	"ntruprime-ntrulpr653-sha256"
+#define	KEX_NTRUPRIME_SNTRUP653_SHA256	"ntruprime-sntrup653-sha256"
+#define	KEX_NTRUPRIME_NTRULPR761_SHA384	"ntruprime-ntrulpr761-sha384"
+#define	KEX_NTRUPRIME_SNTRUP761_SHA384	"ntruprime-sntrup761-sha384"
+#define	KEX_NTRUPRIME_NTRULPR857_SHA384	"ntruprime-ntrulpr857-sha384"
+#define	KEX_NTRUPRIME_SNTRUP857_SHA384	"ntruprime-sntrup857-sha384"
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 #define	KEX_OQS_DEFAULT_ECDH_NISTP256_SHA256	"ecdh-nistp256-oqs-default-sha256"
 #define	KEX_FRODOKEM_640_AES_ECDH_NISTP256_SHA256	"ecdh-nistp256-frodokem-640-aes-sha256"
 #define	KEX_FRODOKEM_976_AES_ECDH_NISTP384_SHA384	"ecdh-nistp384-frodokem-976-aes-sha384"
 #define	KEX_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512	"ecdh-nistp521-frodokem-1344-aes-sha512"
+#define	KEX_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256	"ecdh-nistp256-frodokem-640-shake-sha256"
+#define	KEX_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384	"ecdh-nistp384-frodokem-976-shake-sha384"
+#define	KEX_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512	"ecdh-nistp521-frodokem-1344-shake-sha512"
+#define	KEX_SIDH_P434_ECDH_NISTP256_SHA256	"ecdh-nistp256-sidh-p434-sha256"
+#define	KEX_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256	"ecdh-nistp256-sidh-p434-compressed-sha256"
+#define	KEX_SIDH_P610_ECDH_NISTP384_SHA256	"ecdh-nistp384-sidh-p610-sha256"
+#define	KEX_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256	"ecdh-nistp384-sidh-p610-compressed-sha256"
+#define	KEX_SIDH_P751_ECDH_NISTP521_SHA256	"ecdh-nistp521-sidh-p751-sha256"
+#define	KEX_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256	"ecdh-nistp521-sidh-p751-compressed-sha256"
 #define	KEX_SIKE_P434_ECDH_NISTP256_SHA256	"ecdh-nistp256-sike-p434-sha256"
+#define	KEX_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256	"ecdh-nistp256-sike-p434-compressed-sha256"
+#define	KEX_SIKE_P610_ECDH_NISTP384_SHA256	"ecdh-nistp384-sike-p610-sha256"
+#define	KEX_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256	"ecdh-nistp384-sike-p610-compressed-sha256"
+#define	KEX_SIKE_P751_ECDH_NISTP521_SHA256	"ecdh-nistp521-sike-p751-sha256"
+#define	KEX_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256	"ecdh-nistp521-sike-p751-compressed-sha256"
+#define	KEX_SABER_LIGHTSABER_ECDH_NISTP256_SHA256	"ecdh-nistp256-saber-lightsaber-sha256"
+#define	KEX_SABER_SABER_ECDH_NISTP384_SHA384	"ecdh-nistp384-saber-saber-sha384"
+#define	KEX_SABER_FIRESABER_ECDH_NISTP521_SHA512	"ecdh-nistp521-saber-firesaber-sha512"
+#define	KEX_KYBER_512_ECDH_NISTP256_SHA256	"ecdh-nistp256-kyber-512-sha256"
+#define	KEX_KYBER_768_ECDH_NISTP384_SHA384	"ecdh-nistp384-kyber-768-sha384"
+#define	KEX_KYBER_1024_ECDH_NISTP521_SHA512	"ecdh-nistp521-kyber-1024-sha512"
+#define	KEX_KYBER_512_90S_ECDH_NISTP256_SHA256	"ecdh-nistp256-kyber-512-90s-sha256"
+#define	KEX_KYBER_768_90S_ECDH_NISTP384_SHA384	"ecdh-nistp384-kyber-768-90s-sha384"
+#define	KEX_KYBER_1024_90S_ECDH_NISTP521_SHA512	"ecdh-nistp521-kyber-1024-90s-sha512"
+#define	KEX_BIKE1_L1_CPA_ECDH_NISTP256_SHA512	"ecdh-nistp256-bike1-l1-cpa-sha512"
+#define	KEX_BIKE1_L1_FO_ECDH_NISTP256_SHA512	"ecdh-nistp256-bike1-l1-fo-sha512"
+#define	KEX_BIKE1_L3_CPA_ECDH_NISTP384_SHA512	"ecdh-nistp384-bike1-l3-cpa-sha512"
+#define	KEX_BIKE1_L3_FO_ECDH_NISTP384_SHA512	"ecdh-nistp384-bike1-l3-fo-sha512"
+#define	KEX_NTRU_HPS2048509_ECDH_NISTP256_SHA512	"ecdh-nistp256-ntru-hps2048509-sha512"
+#define	KEX_NTRU_HPS2048677_ECDH_NISTP384_SHA512	"ecdh-nistp384-ntru-hps2048677-sha512"
+#define	KEX_NTRU_HRSS701_ECDH_NISTP384_SHA512	"ecdh-nistp384-ntru-hrss701-sha512"
+#define	KEX_NTRU_HPS4096821_ECDH_NISTP521_SHA512	"ecdh-nistp521-ntru-hps4096821-sha512"
+#define	KEX_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256	"ecdh-nistp256-classic-mceliece-348864-sha256"
+#define	KEX_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256	"ecdh-nistp256-classic-mceliece-348864f-sha256"
+#define	KEX_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512	"ecdh-nistp384-classic-mceliece-460896-sha512"
+#define	KEX_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512	"ecdh-nistp384-classic-mceliece-460896f-sha512"
+#define	KEX_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512	"ecdh-nistp521-classic-mceliece-6688128-sha512"
+#define	KEX_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512	"ecdh-nistp521-classic-mceliece-6688128f-sha512"
+#define	KEX_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512	"ecdh-nistp521-classic-mceliece-6960119-sha512"
+#define	KEX_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512	"ecdh-nistp521-classic-mceliece-6960119f-sha512"
+#define	KEX_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512	"ecdh-nistp521-classic-mceliece-8192128-sha512"
+#define	KEX_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512	"ecdh-nistp521-classic-mceliece-8192128f-sha512"
+#define	KEX_HQC_128_ECDH_NISTP256_SHA256	"ecdh-nistp256-hqc-128-sha256"
+#define	KEX_HQC_192_ECDH_NISTP384_SHA384	"ecdh-nistp384-hqc-192-sha384"
+#define	KEX_HQC_256_ECDH_NISTP521_SHA512	"ecdh-nistp521-hqc-256-sha512"
+#define	KEX_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256	"ecdh-nistp256-ntruprime-ntrulpr653-sha256"
+#define	KEX_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256	"ecdh-nistp256-ntruprime-sntrup653-sha256"
+#define	KEX_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384	"ecdh-nistp384-ntruprime-ntrulpr761-sha384"
+#define	KEX_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384	"ecdh-nistp384-ntruprime-sntrup761-sha384"
+#define	KEX_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384	"ecdh-nistp384-ntruprime-ntrulpr857-sha384"
+#define	KEX_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384	"ecdh-nistp384-ntruprime-sntrup857-sha384"
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEX_PRETTY_NAMES_END
@@ -124,14 +224,114 @@ enum kex_exchange {
 	KEX_KEM_FRODOKEM_640_AES_SHA256,
 	KEX_KEM_FRODOKEM_976_AES_SHA384,
 	KEX_KEM_FRODOKEM_1344_AES_SHA512,
+	KEX_KEM_FRODOKEM_640_SHAKE_SHA256,
+	KEX_KEM_FRODOKEM_976_SHAKE_SHA384,
+	KEX_KEM_FRODOKEM_1344_SHAKE_SHA512,
+	KEX_KEM_SIDH_P434_SHA256,
+	KEX_KEM_SIDH_P434_COMPRESSED_SHA256,
+	KEX_KEM_SIDH_P610_SHA256,
+	KEX_KEM_SIDH_P610_COMPRESSED_SHA256,
+	KEX_KEM_SIDH_P751_SHA256,
+	KEX_KEM_SIDH_P751_COMPRESSED_SHA256,
 	KEX_KEM_SIKE_P434_SHA256,
+	KEX_KEM_SIKE_P434_COMPRESSED_SHA256,
+	KEX_KEM_SIKE_P610_SHA256,
+	KEX_KEM_SIKE_P610_COMPRESSED_SHA256,
+	KEX_KEM_SIKE_P751_SHA256,
+	KEX_KEM_SIKE_P751_COMPRESSED_SHA256,
+	KEX_KEM_SABER_LIGHTSABER_SHA256,
+	KEX_KEM_SABER_SABER_SHA384,
+	KEX_KEM_SABER_FIRESABER_SHA512,
+	KEX_KEM_KYBER_512_SHA256,
+	KEX_KEM_KYBER_768_SHA384,
+	KEX_KEM_KYBER_1024_SHA512,
+	KEX_KEM_KYBER_512_90S_SHA256,
+	KEX_KEM_KYBER_768_90S_SHA384,
+	KEX_KEM_KYBER_1024_90S_SHA512,
+	KEX_KEM_BIKE1_L1_CPA_SHA512,
+	KEX_KEM_BIKE1_L1_FO_SHA512,
+	KEX_KEM_BIKE1_L3_CPA_SHA512,
+	KEX_KEM_BIKE1_L3_FO_SHA512,
+	KEX_KEM_NTRU_HPS2048509_SHA512,
+	KEX_KEM_NTRU_HPS2048677_SHA512,
+	KEX_KEM_NTRU_HRSS701_SHA512,
+	KEX_KEM_NTRU_HPS4096821_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_348864_SHA256,
+	KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256,
+	KEX_KEM_CLASSIC_MCELIECE_460896_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512,
+	KEX_KEM_HQC_128_SHA256,
+	KEX_KEM_HQC_192_SHA384,
+	KEX_KEM_HQC_256_SHA512,
+	KEX_KEM_NTRUPRIME_NTRULPR653_SHA256,
+	KEX_KEM_NTRUPRIME_SNTRUP653_SHA256,
+	KEX_KEM_NTRUPRIME_NTRULPR761_SHA384,
+	KEX_KEM_NTRUPRIME_SNTRUP761_SHA384,
+	KEX_KEM_NTRUPRIME_NTRULPR857_SHA384,
+	KEX_KEM_NTRUPRIME_SNTRUP857_SHA384,
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256,
 	KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256,
 	KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384,
 	KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512,
+	KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256,
+	KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384,
+	KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512,
+	KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256,
+	KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256,
+	KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256,
+	KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256,
+	KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256,
+	KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256,
 	KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256,
+	KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256,
+	KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256,
+	KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256,
+	KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256,
+	KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256,
+	KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256,
+	KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384,
+	KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512,
+	KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256,
+	KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384,
+	KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512,
+	KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256,
+	KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384,
+	KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512,
+	KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512,
+	KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512,
+	KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512,
+	KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512,
+	KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512,
+	KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512,
+	KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512,
+	KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256,
+	KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256,
+	KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512,
+	KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512,
+	KEX_KEM_HQC_128_ECDH_NISTP256_SHA256,
+	KEX_KEM_HQC_192_ECDH_NISTP384_SHA384,
+	KEX_KEM_HQC_256_ECDH_NISTP521_SHA512,
+	KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256,
+	KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256,
+	KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384,
+	KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384,
+	KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384,
+	KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384,
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEX_ENUMS_END
@@ -276,10 +476,210 @@ int	 kex_kem_frodokem_976_aes_dec(struct kex *, const struct sshbuf *, struct ss
 int	 kex_kem_frodokem_1344_aes_keypair(struct kex *);
 int	 kex_kem_frodokem_1344_aes_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_frodokem_1344_aes_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* frodokem_640_shake prototypes */
+int	 kex_kem_frodokem_640_shake_keypair(struct kex *);
+int	 kex_kem_frodokem_640_shake_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_frodokem_640_shake_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* frodokem_976_shake prototypes */
+int	 kex_kem_frodokem_976_shake_keypair(struct kex *);
+int	 kex_kem_frodokem_976_shake_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_frodokem_976_shake_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* frodokem_1344_shake prototypes */
+int	 kex_kem_frodokem_1344_shake_keypair(struct kex *);
+int	 kex_kem_frodokem_1344_shake_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_frodokem_1344_shake_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p434 prototypes */
+int	 kex_kem_sidh_p434_keypair(struct kex *);
+int	 kex_kem_sidh_p434_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p434_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p434_compressed prototypes */
+int	 kex_kem_sidh_p434_compressed_keypair(struct kex *);
+int	 kex_kem_sidh_p434_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p434_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p610 prototypes */
+int	 kex_kem_sidh_p610_keypair(struct kex *);
+int	 kex_kem_sidh_p610_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p610_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p610_compressed prototypes */
+int	 kex_kem_sidh_p610_compressed_keypair(struct kex *);
+int	 kex_kem_sidh_p610_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p610_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p751 prototypes */
+int	 kex_kem_sidh_p751_keypair(struct kex *);
+int	 kex_kem_sidh_p751_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p751_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p751_compressed prototypes */
+int	 kex_kem_sidh_p751_compressed_keypair(struct kex *);
+int	 kex_kem_sidh_p751_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p751_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 /* sike_p434 prototypes */
 int	 kex_kem_sike_p434_keypair(struct kex *);
 int	 kex_kem_sike_p434_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_sike_p434_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p434_compressed prototypes */
+int	 kex_kem_sike_p434_compressed_keypair(struct kex *);
+int	 kex_kem_sike_p434_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p434_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p610 prototypes */
+int	 kex_kem_sike_p610_keypair(struct kex *);
+int	 kex_kem_sike_p610_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p610_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p610_compressed prototypes */
+int	 kex_kem_sike_p610_compressed_keypair(struct kex *);
+int	 kex_kem_sike_p610_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p610_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p751 prototypes */
+int	 kex_kem_sike_p751_keypair(struct kex *);
+int	 kex_kem_sike_p751_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p751_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p751_compressed prototypes */
+int	 kex_kem_sike_p751_compressed_keypair(struct kex *);
+int	 kex_kem_sike_p751_compressed_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p751_compressed_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* saber_lightsaber prototypes */
+int	 kex_kem_saber_lightsaber_keypair(struct kex *);
+int	 kex_kem_saber_lightsaber_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_saber_lightsaber_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* saber_saber prototypes */
+int	 kex_kem_saber_saber_keypair(struct kex *);
+int	 kex_kem_saber_saber_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_saber_saber_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* saber_firesaber prototypes */
+int	 kex_kem_saber_firesaber_keypair(struct kex *);
+int	 kex_kem_saber_firesaber_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_saber_firesaber_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_512 prototypes */
+int	 kex_kem_kyber_512_keypair(struct kex *);
+int	 kex_kem_kyber_512_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_512_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_768 prototypes */
+int	 kex_kem_kyber_768_keypair(struct kex *);
+int	 kex_kem_kyber_768_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_768_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_1024 prototypes */
+int	 kex_kem_kyber_1024_keypair(struct kex *);
+int	 kex_kem_kyber_1024_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_1024_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_512_90s prototypes */
+int	 kex_kem_kyber_512_90s_keypair(struct kex *);
+int	 kex_kem_kyber_512_90s_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_512_90s_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_768_90s prototypes */
+int	 kex_kem_kyber_768_90s_keypair(struct kex *);
+int	 kex_kem_kyber_768_90s_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_768_90s_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_1024_90s prototypes */
+int	 kex_kem_kyber_1024_90s_keypair(struct kex *);
+int	 kex_kem_kyber_1024_90s_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_1024_90s_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l1_cpa prototypes */
+int	 kex_kem_bike1_l1_cpa_keypair(struct kex *);
+int	 kex_kem_bike1_l1_cpa_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l1_cpa_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l1_fo prototypes */
+int	 kex_kem_bike1_l1_fo_keypair(struct kex *);
+int	 kex_kem_bike1_l1_fo_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l1_fo_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l3_cpa prototypes */
+int	 kex_kem_bike1_l3_cpa_keypair(struct kex *);
+int	 kex_kem_bike1_l3_cpa_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l3_cpa_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l3_fo prototypes */
+int	 kex_kem_bike1_l3_fo_keypair(struct kex *);
+int	 kex_kem_bike1_l3_fo_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l3_fo_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hps2048509 prototypes */
+int	 kex_kem_ntru_hps2048509_keypair(struct kex *);
+int	 kex_kem_ntru_hps2048509_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hps2048509_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hps2048677 prototypes */
+int	 kex_kem_ntru_hps2048677_keypair(struct kex *);
+int	 kex_kem_ntru_hps2048677_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hps2048677_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hrss701 prototypes */
+int	 kex_kem_ntru_hrss701_keypair(struct kex *);
+int	 kex_kem_ntru_hrss701_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hrss701_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hps4096821 prototypes */
+int	 kex_kem_ntru_hps4096821_keypair(struct kex *);
+int	 kex_kem_ntru_hps4096821_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hps4096821_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_348864 prototypes */
+int	 kex_kem_classic_mceliece_348864_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_348864_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_348864_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_348864f prototypes */
+int	 kex_kem_classic_mceliece_348864f_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_348864f_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_348864f_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_460896 prototypes */
+int	 kex_kem_classic_mceliece_460896_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_460896_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_460896_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_460896f prototypes */
+int	 kex_kem_classic_mceliece_460896f_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_460896f_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_460896f_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6688128 prototypes */
+int	 kex_kem_classic_mceliece_6688128_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6688128_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6688128_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6688128f prototypes */
+int	 kex_kem_classic_mceliece_6688128f_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6688128f_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6688128f_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6960119 prototypes */
+int	 kex_kem_classic_mceliece_6960119_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6960119_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6960119_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6960119f prototypes */
+int	 kex_kem_classic_mceliece_6960119f_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6960119f_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6960119f_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_8192128 prototypes */
+int	 kex_kem_classic_mceliece_8192128_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_8192128_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_8192128_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_8192128f prototypes */
+int	 kex_kem_classic_mceliece_8192128f_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_8192128f_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_8192128f_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* hqc_128 prototypes */
+int	 kex_kem_hqc_128_keypair(struct kex *);
+int	 kex_kem_hqc_128_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_hqc_128_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* hqc_192 prototypes */
+int	 kex_kem_hqc_192_keypair(struct kex *);
+int	 kex_kem_hqc_192_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_hqc_192_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* hqc_256 prototypes */
+int	 kex_kem_hqc_256_keypair(struct kex *);
+int	 kex_kem_hqc_256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_hqc_256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr653 prototypes */
+int	 kex_kem_ntruprime_ntrulpr653_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr653_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr653_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup653 prototypes */
+int	 kex_kem_ntruprime_sntrup653_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup653_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup653_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr761 prototypes */
+int	 kex_kem_ntruprime_ntrulpr761_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr761_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr761_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup761 prototypes */
+int	 kex_kem_ntruprime_sntrup761_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup761_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup761_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr857 prototypes */
+int	 kex_kem_ntruprime_ntrulpr857_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr857_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr857_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup857 prototypes */
+int	 kex_kem_ntruprime_sntrup857_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup857_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup857_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 /* oqs_default_nistp256 prototypes */
@@ -298,10 +698,210 @@ int	 kex_kem_frodokem_976_aes_ecdh_nistp384_dec(struct kex *, const struct sshbu
 int	 kex_kem_frodokem_1344_aes_ecdh_nistp521_keypair(struct kex *);
 int	 kex_kem_frodokem_1344_aes_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_frodokem_1344_aes_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* frodokem_640_shake_nistp256 prototypes */
+int	 kex_kem_frodokem_640_shake_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_frodokem_640_shake_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_frodokem_640_shake_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* frodokem_976_shake_nistp384 prototypes */
+int	 kex_kem_frodokem_976_shake_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_frodokem_976_shake_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_frodokem_976_shake_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* frodokem_1344_shake_nistp521 prototypes */
+int	 kex_kem_frodokem_1344_shake_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_frodokem_1344_shake_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_frodokem_1344_shake_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p434_nistp256 prototypes */
+int	 kex_kem_sidh_p434_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_sidh_p434_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p434_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p434_compressed_nistp256 prototypes */
+int	 kex_kem_sidh_p434_compressed_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_sidh_p434_compressed_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p434_compressed_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p610_nistp384 prototypes */
+int	 kex_kem_sidh_p610_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_sidh_p610_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p610_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p610_compressed_nistp384 prototypes */
+int	 kex_kem_sidh_p610_compressed_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_sidh_p610_compressed_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p610_compressed_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p751_nistp521 prototypes */
+int	 kex_kem_sidh_p751_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_sidh_p751_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p751_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sidh_p751_compressed_nistp521 prototypes */
+int	 kex_kem_sidh_p751_compressed_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_sidh_p751_compressed_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sidh_p751_compressed_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 /* sike_p434_nistp256 prototypes */
 int	 kex_kem_sike_p434_ecdh_nistp256_keypair(struct kex *);
 int	 kex_kem_sike_p434_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
 int	 kex_kem_sike_p434_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p434_compressed_nistp256 prototypes */
+int	 kex_kem_sike_p434_compressed_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_sike_p434_compressed_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p434_compressed_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p610_nistp384 prototypes */
+int	 kex_kem_sike_p610_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_sike_p610_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p610_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p610_compressed_nistp384 prototypes */
+int	 kex_kem_sike_p610_compressed_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_sike_p610_compressed_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p610_compressed_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p751_nistp521 prototypes */
+int	 kex_kem_sike_p751_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_sike_p751_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p751_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* sike_p751_compressed_nistp521 prototypes */
+int	 kex_kem_sike_p751_compressed_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_sike_p751_compressed_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_sike_p751_compressed_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* saber_lightsaber_nistp256 prototypes */
+int	 kex_kem_saber_lightsaber_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_saber_lightsaber_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_saber_lightsaber_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* saber_saber_nistp384 prototypes */
+int	 kex_kem_saber_saber_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_saber_saber_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_saber_saber_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* saber_firesaber_nistp521 prototypes */
+int	 kex_kem_saber_firesaber_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_saber_firesaber_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_saber_firesaber_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_512_nistp256 prototypes */
+int	 kex_kem_kyber_512_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_kyber_512_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_512_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_768_nistp384 prototypes */
+int	 kex_kem_kyber_768_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_kyber_768_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_768_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_1024_nistp521 prototypes */
+int	 kex_kem_kyber_1024_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_kyber_1024_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_1024_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_512_90s_nistp256 prototypes */
+int	 kex_kem_kyber_512_90s_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_kyber_512_90s_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_512_90s_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_768_90s_nistp384 prototypes */
+int	 kex_kem_kyber_768_90s_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_kyber_768_90s_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_768_90s_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* kyber_1024_90s_nistp521 prototypes */
+int	 kex_kem_kyber_1024_90s_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_kyber_1024_90s_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_kyber_1024_90s_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l1_cpa_nistp256 prototypes */
+int	 kex_kem_bike1_l1_cpa_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_bike1_l1_cpa_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l1_cpa_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l1_fo_nistp256 prototypes */
+int	 kex_kem_bike1_l1_fo_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_bike1_l1_fo_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l1_fo_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l3_cpa_nistp384 prototypes */
+int	 kex_kem_bike1_l3_cpa_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_bike1_l3_cpa_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l3_cpa_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* bike1_l3_fo_nistp384 prototypes */
+int	 kex_kem_bike1_l3_fo_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_bike1_l3_fo_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_bike1_l3_fo_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hps2048509_nistp256 prototypes */
+int	 kex_kem_ntru_hps2048509_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_ntru_hps2048509_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hps2048509_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hps2048677_nistp384 prototypes */
+int	 kex_kem_ntru_hps2048677_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_ntru_hps2048677_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hps2048677_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hrss701_nistp384 prototypes */
+int	 kex_kem_ntru_hrss701_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_ntru_hrss701_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hrss701_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntru_hps4096821_nistp521 prototypes */
+int	 kex_kem_ntru_hps4096821_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_ntru_hps4096821_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntru_hps4096821_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_348864_nistp256 prototypes */
+int	 kex_kem_classic_mceliece_348864_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_348864_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_348864_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_348864f_nistp256 prototypes */
+int	 kex_kem_classic_mceliece_348864f_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_348864f_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_348864f_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_460896_nistp384 prototypes */
+int	 kex_kem_classic_mceliece_460896_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_460896_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_460896_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_460896f_nistp384 prototypes */
+int	 kex_kem_classic_mceliece_460896f_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_460896f_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_460896f_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6688128_nistp521 prototypes */
+int	 kex_kem_classic_mceliece_6688128_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6688128_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6688128_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6688128f_nistp521 prototypes */
+int	 kex_kem_classic_mceliece_6688128f_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6688128f_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6688128f_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6960119_nistp521 prototypes */
+int	 kex_kem_classic_mceliece_6960119_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6960119_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6960119_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_6960119f_nistp521 prototypes */
+int	 kex_kem_classic_mceliece_6960119f_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_6960119f_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_6960119f_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_8192128_nistp521 prototypes */
+int	 kex_kem_classic_mceliece_8192128_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_8192128_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_8192128_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* classic_mceliece_8192128f_nistp521 prototypes */
+int	 kex_kem_classic_mceliece_8192128f_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_classic_mceliece_8192128f_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_classic_mceliece_8192128f_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* hqc_128_nistp256 prototypes */
+int	 kex_kem_hqc_128_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_hqc_128_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_hqc_128_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* hqc_192_nistp384 prototypes */
+int	 kex_kem_hqc_192_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_hqc_192_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_hqc_192_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* hqc_256_nistp521 prototypes */
+int	 kex_kem_hqc_256_ecdh_nistp521_keypair(struct kex *);
+int	 kex_kem_hqc_256_ecdh_nistp521_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_hqc_256_ecdh_nistp521_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr653_nistp256 prototypes */
+int	 kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup653_nistp256 prototypes */
+int	 kex_kem_ntruprime_sntrup653_ecdh_nistp256_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup653_ecdh_nistp256_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup653_ecdh_nistp256_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr761_nistp384 prototypes */
+int	 kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup761_nistp384 prototypes */
+int	 kex_kem_ntruprime_sntrup761_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup761_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup761_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_ntrulpr857_nistp384 prototypes */
+int	 kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
+/* ntruprime_sntrup857_nistp384 prototypes */
+int	 kex_kem_ntruprime_sntrup857_ecdh_nistp384_keypair(struct kex *);
+int	 kex_kem_ntruprime_sntrup857_ecdh_nistp384_enc(struct kex *, const struct sshbuf *, struct sshbuf **, struct sshbuf **);
+int	 kex_kem_ntruprime_sntrup857_ecdh_nistp384_dec(struct kex *, const struct sshbuf *, struct sshbuf **);
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DECLARE_KEX_PROTOTYPES_END
diff --git a/kexgen.c b/kexgen.c
index d45f288f13c8..00d229997919 100644
--- a/kexgen.c
+++ b/kexgen.c
@@ -134,9 +134,159 @@ kex_gen_client(struct ssh *ssh)
 	case KEX_KEM_FRODOKEM_1344_AES_SHA512:
 		r = kex_kem_frodokem_1344_aes_keypair(kex);
 		break;
+	case KEX_KEM_FRODOKEM_640_SHAKE_SHA256:
+		r = kex_kem_frodokem_640_shake_keypair(kex);
+		break;
+	case KEX_KEM_FRODOKEM_976_SHAKE_SHA384:
+		r = kex_kem_frodokem_976_shake_keypair(kex);
+		break;
+	case KEX_KEM_FRODOKEM_1344_SHAKE_SHA512:
+		r = kex_kem_frodokem_1344_shake_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P434_SHA256:
+		r = kex_kem_sidh_p434_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P434_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p434_compressed_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P610_SHA256:
+		r = kex_kem_sidh_p610_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P610_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p610_compressed_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P751_SHA256:
+		r = kex_kem_sidh_p751_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P751_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p751_compressed_keypair(kex);
+		break;
 	case KEX_KEM_SIKE_P434_SHA256:
 		r = kex_kem_sike_p434_keypair(kex);
 		break;
+	case KEX_KEM_SIKE_P434_COMPRESSED_SHA256:
+		r = kex_kem_sike_p434_compressed_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P610_SHA256:
+		r = kex_kem_sike_p610_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P610_COMPRESSED_SHA256:
+		r = kex_kem_sike_p610_compressed_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P751_SHA256:
+		r = kex_kem_sike_p751_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P751_COMPRESSED_SHA256:
+		r = kex_kem_sike_p751_compressed_keypair(kex);
+		break;
+	case KEX_KEM_SABER_LIGHTSABER_SHA256:
+		r = kex_kem_saber_lightsaber_keypair(kex);
+		break;
+	case KEX_KEM_SABER_SABER_SHA384:
+		r = kex_kem_saber_saber_keypair(kex);
+		break;
+	case KEX_KEM_SABER_FIRESABER_SHA512:
+		r = kex_kem_saber_firesaber_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_512_SHA256:
+		r = kex_kem_kyber_512_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_768_SHA384:
+		r = kex_kem_kyber_768_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_1024_SHA512:
+		r = kex_kem_kyber_1024_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_512_90S_SHA256:
+		r = kex_kem_kyber_512_90s_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_768_90S_SHA384:
+		r = kex_kem_kyber_768_90s_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_1024_90S_SHA512:
+		r = kex_kem_kyber_1024_90s_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L1_CPA_SHA512:
+		r = kex_kem_bike1_l1_cpa_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L1_FO_SHA512:
+		r = kex_kem_bike1_l1_fo_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L3_CPA_SHA512:
+		r = kex_kem_bike1_l3_cpa_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L3_FO_SHA512:
+		r = kex_kem_bike1_l3_fo_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HPS2048509_SHA512:
+		r = kex_kem_ntru_hps2048509_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HPS2048677_SHA512:
+		r = kex_kem_ntru_hps2048677_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HRSS701_SHA512:
+		r = kex_kem_ntru_hrss701_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HPS4096821_SHA512:
+		r = kex_kem_ntru_hps4096821_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864_SHA256:
+		r = kex_kem_classic_mceliece_348864_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256:
+		r = kex_kem_classic_mceliece_348864f_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896_SHA512:
+		r = kex_kem_classic_mceliece_460896_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512:
+		r = kex_kem_classic_mceliece_460896f_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512:
+		r = kex_kem_classic_mceliece_6688128_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512:
+		r = kex_kem_classic_mceliece_6688128f_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512:
+		r = kex_kem_classic_mceliece_6960119_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512:
+		r = kex_kem_classic_mceliece_6960119f_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512:
+		r = kex_kem_classic_mceliece_8192128_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512:
+		r = kex_kem_classic_mceliece_8192128f_keypair(kex);
+		break;
+	case KEX_KEM_HQC_128_SHA256:
+		r = kex_kem_hqc_128_keypair(kex);
+		break;
+	case KEX_KEM_HQC_192_SHA384:
+		r = kex_kem_hqc_192_keypair(kex);
+		break;
+	case KEX_KEM_HQC_256_SHA512:
+		r = kex_kem_hqc_256_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR653_SHA256:
+		r = kex_kem_ntruprime_ntrulpr653_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP653_SHA256:
+		r = kex_kem_ntruprime_sntrup653_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR761_SHA384:
+		r = kex_kem_ntruprime_ntrulpr761_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP761_SHA384:
+		r = kex_kem_ntruprime_sntrup761_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR857_SHA384:
+		r = kex_kem_ntruprime_ntrulpr857_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP857_SHA384:
+		r = kex_kem_ntruprime_sntrup857_keypair(kex);
+		break;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	case KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256:
@@ -151,9 +301,159 @@ kex_gen_client(struct ssh *ssh)
 	case KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512:
 		r = kex_kem_frodokem_1344_aes_ecdh_nistp521_keypair(kex);
 		break;
+	case KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256:
+		r = kex_kem_frodokem_640_shake_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384:
+		r = kex_kem_frodokem_976_shake_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512:
+		r = kex_kem_frodokem_1344_shake_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256:
+		r = kex_kem_sidh_p434_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256:
+		r = kex_kem_sidh_p434_compressed_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256:
+		r = kex_kem_sidh_p610_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256:
+		r = kex_kem_sidh_p610_compressed_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256:
+		r = kex_kem_sidh_p751_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256:
+		r = kex_kem_sidh_p751_compressed_ecdh_nistp521_keypair(kex);
+		break;
 	case KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256:
 		r = kex_kem_sike_p434_ecdh_nistp256_keypair(kex);
 		break;
+	case KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256:
+		r = kex_kem_sike_p434_compressed_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256:
+		r = kex_kem_sike_p610_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256:
+		r = kex_kem_sike_p610_compressed_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256:
+		r = kex_kem_sike_p751_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256:
+		r = kex_kem_sike_p751_compressed_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256:
+		r = kex_kem_saber_lightsaber_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384:
+		r = kex_kem_saber_saber_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512:
+		r = kex_kem_saber_firesaber_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256:
+		r = kex_kem_kyber_512_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384:
+		r = kex_kem_kyber_768_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512:
+		r = kex_kem_kyber_1024_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256:
+		r = kex_kem_kyber_512_90s_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384:
+		r = kex_kem_kyber_768_90s_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512:
+		r = kex_kem_kyber_1024_90s_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512:
+		r = kex_kem_bike1_l1_cpa_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512:
+		r = kex_kem_bike1_l1_fo_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512:
+		r = kex_kem_bike1_l3_cpa_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512:
+		r = kex_kem_bike1_l3_fo_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512:
+		r = kex_kem_ntru_hps2048509_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512:
+		r = kex_kem_ntru_hps2048677_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512:
+		r = kex_kem_ntru_hrss701_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntru_hps4096821_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256:
+		r = kex_kem_classic_mceliece_348864_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256:
+		r = kex_kem_classic_mceliece_348864f_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512:
+		r = kex_kem_classic_mceliece_460896_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512:
+		r = kex_kem_classic_mceliece_460896f_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6688128_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6688128f_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6960119_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6960119f_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_8192128_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_8192128f_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_HQC_128_ECDH_NISTP256_SHA256:
+		r = kex_kem_hqc_128_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_HQC_192_ECDH_NISTP384_SHA384:
+		r = kex_kem_hqc_192_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_HQC_256_ECDH_NISTP521_SHA512:
+		r = kex_kem_hqc_256_ecdh_nistp521_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256:
+		r = kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256:
+		r = kex_kem_ntruprime_sntrup653_ecdh_nistp256_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_sntrup761_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_keypair(kex);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_sntrup857_ecdh_nistp384_keypair(kex);
+		break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_CLIENT_SWITCH_CASES_END
@@ -239,9 +539,159 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh)
 	case KEX_KEM_FRODOKEM_1344_AES_SHA512:
 		r = kex_kem_frodokem_1344_aes_dec(kex, server_blob, &shared_secret);
 		break;
+	case KEX_KEM_FRODOKEM_640_SHAKE_SHA256:
+		r = kex_kem_frodokem_640_shake_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_976_SHAKE_SHA384:
+		r = kex_kem_frodokem_976_shake_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_1344_SHAKE_SHA512:
+		r = kex_kem_frodokem_1344_shake_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_SHA256:
+		r = kex_kem_sidh_p434_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p434_compressed_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_SHA256:
+		r = kex_kem_sidh_p610_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p610_compressed_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_SHA256:
+		r = kex_kem_sidh_p751_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p751_compressed_dec(kex, server_blob, &shared_secret);
+		break;
 	case KEX_KEM_SIKE_P434_SHA256:
 		r = kex_kem_sike_p434_dec(kex, server_blob, &shared_secret);
 		break;
+	case KEX_KEM_SIKE_P434_COMPRESSED_SHA256:
+		r = kex_kem_sike_p434_compressed_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_SHA256:
+		r = kex_kem_sike_p610_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_COMPRESSED_SHA256:
+		r = kex_kem_sike_p610_compressed_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_SHA256:
+		r = kex_kem_sike_p751_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_COMPRESSED_SHA256:
+		r = kex_kem_sike_p751_compressed_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SABER_LIGHTSABER_SHA256:
+		r = kex_kem_saber_lightsaber_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SABER_SABER_SHA384:
+		r = kex_kem_saber_saber_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SABER_FIRESABER_SHA512:
+		r = kex_kem_saber_firesaber_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_SHA256:
+		r = kex_kem_kyber_512_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_SHA384:
+		r = kex_kem_kyber_768_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_SHA512:
+		r = kex_kem_kyber_1024_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_90S_SHA256:
+		r = kex_kem_kyber_512_90s_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_90S_SHA384:
+		r = kex_kem_kyber_768_90s_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_90S_SHA512:
+		r = kex_kem_kyber_1024_90s_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_CPA_SHA512:
+		r = kex_kem_bike1_l1_cpa_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_FO_SHA512:
+		r = kex_kem_bike1_l1_fo_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_CPA_SHA512:
+		r = kex_kem_bike1_l3_cpa_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_FO_SHA512:
+		r = kex_kem_bike1_l3_fo_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048509_SHA512:
+		r = kex_kem_ntru_hps2048509_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048677_SHA512:
+		r = kex_kem_ntru_hps2048677_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HRSS701_SHA512:
+		r = kex_kem_ntru_hrss701_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS4096821_SHA512:
+		r = kex_kem_ntru_hps4096821_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864_SHA256:
+		r = kex_kem_classic_mceliece_348864_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256:
+		r = kex_kem_classic_mceliece_348864f_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896_SHA512:
+		r = kex_kem_classic_mceliece_460896_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512:
+		r = kex_kem_classic_mceliece_460896f_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512:
+		r = kex_kem_classic_mceliece_6688128_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512:
+		r = kex_kem_classic_mceliece_6688128f_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512:
+		r = kex_kem_classic_mceliece_6960119_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512:
+		r = kex_kem_classic_mceliece_6960119f_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512:
+		r = kex_kem_classic_mceliece_8192128_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512:
+		r = kex_kem_classic_mceliece_8192128f_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_HQC_128_SHA256:
+		r = kex_kem_hqc_128_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_HQC_192_SHA384:
+		r = kex_kem_hqc_192_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_HQC_256_SHA512:
+		r = kex_kem_hqc_256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR653_SHA256:
+		r = kex_kem_ntruprime_ntrulpr653_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP653_SHA256:
+		r = kex_kem_ntruprime_sntrup653_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR761_SHA384:
+		r = kex_kem_ntruprime_ntrulpr761_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP761_SHA384:
+		r = kex_kem_ntruprime_sntrup761_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR857_SHA384:
+		r = kex_kem_ntruprime_ntrulpr857_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP857_SHA384:
+		r = kex_kem_ntruprime_sntrup857_dec(kex, server_blob, &shared_secret);
+		break;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	case KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256:
@@ -256,9 +706,159 @@ input_kex_gen_reply(int type, u_int32_t seq, struct ssh *ssh)
 	case KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512:
 		r = kex_kem_frodokem_1344_aes_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
 		break;
+	case KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256:
+		r = kex_kem_frodokem_640_shake_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384:
+		r = kex_kem_frodokem_976_shake_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512:
+		r = kex_kem_frodokem_1344_shake_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256:
+		r = kex_kem_sidh_p434_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256:
+		r = kex_kem_sidh_p434_compressed_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256:
+		r = kex_kem_sidh_p610_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256:
+		r = kex_kem_sidh_p610_compressed_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256:
+		r = kex_kem_sidh_p751_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256:
+		r = kex_kem_sidh_p751_compressed_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
 	case KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256:
 		r = kex_kem_sike_p434_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
 		break;
+	case KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256:
+		r = kex_kem_sike_p434_compressed_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256:
+		r = kex_kem_sike_p610_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256:
+		r = kex_kem_sike_p610_compressed_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256:
+		r = kex_kem_sike_p751_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256:
+		r = kex_kem_sike_p751_compressed_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256:
+		r = kex_kem_saber_lightsaber_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384:
+		r = kex_kem_saber_saber_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512:
+		r = kex_kem_saber_firesaber_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256:
+		r = kex_kem_kyber_512_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384:
+		r = kex_kem_kyber_768_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512:
+		r = kex_kem_kyber_1024_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256:
+		r = kex_kem_kyber_512_90s_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384:
+		r = kex_kem_kyber_768_90s_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512:
+		r = kex_kem_kyber_1024_90s_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512:
+		r = kex_kem_bike1_l1_cpa_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512:
+		r = kex_kem_bike1_l1_fo_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512:
+		r = kex_kem_bike1_l3_cpa_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512:
+		r = kex_kem_bike1_l3_fo_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512:
+		r = kex_kem_ntru_hps2048509_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512:
+		r = kex_kem_ntru_hps2048677_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512:
+		r = kex_kem_ntru_hrss701_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntru_hps4096821_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256:
+		r = kex_kem_classic_mceliece_348864_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256:
+		r = kex_kem_classic_mceliece_348864f_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512:
+		r = kex_kem_classic_mceliece_460896_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512:
+		r = kex_kem_classic_mceliece_460896f_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6688128_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6688128f_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6960119_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6960119f_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_8192128_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_8192128f_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_HQC_128_ECDH_NISTP256_SHA256:
+		r = kex_kem_hqc_128_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_HQC_192_ECDH_NISTP384_SHA384:
+		r = kex_kem_hqc_192_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_HQC_256_ECDH_NISTP521_SHA512:
+		r = kex_kem_hqc_256_ecdh_nistp521_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256:
+		r = kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256:
+		r = kex_kem_ntruprime_sntrup653_ecdh_nistp256_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_sntrup761_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_sntrup857_ecdh_nistp384_dec(kex, server_blob, &shared_secret);
+		break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_REPLY_SWITCH_CASES_END
@@ -381,10 +981,210 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh)
 		r = kex_kem_frodokem_1344_aes_enc(kex, client_pubkey,
 		    &server_pubkey, &shared_secret);
 		break;
+	case KEX_KEM_FRODOKEM_640_SHAKE_SHA256:
+		r = kex_kem_frodokem_640_shake_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_976_SHAKE_SHA384:
+		r = kex_kem_frodokem_976_shake_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_1344_SHAKE_SHA512:
+		r = kex_kem_frodokem_1344_shake_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_SHA256:
+		r = kex_kem_sidh_p434_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p434_compressed_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_SHA256:
+		r = kex_kem_sidh_p610_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p610_compressed_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_SHA256:
+		r = kex_kem_sidh_p751_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_COMPRESSED_SHA256:
+		r = kex_kem_sidh_p751_compressed_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
 	case KEX_KEM_SIKE_P434_SHA256:
 		r = kex_kem_sike_p434_enc(kex, client_pubkey,
 		    &server_pubkey, &shared_secret);
 		break;
+	case KEX_KEM_SIKE_P434_COMPRESSED_SHA256:
+		r = kex_kem_sike_p434_compressed_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_SHA256:
+		r = kex_kem_sike_p610_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_COMPRESSED_SHA256:
+		r = kex_kem_sike_p610_compressed_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_SHA256:
+		r = kex_kem_sike_p751_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_COMPRESSED_SHA256:
+		r = kex_kem_sike_p751_compressed_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SABER_LIGHTSABER_SHA256:
+		r = kex_kem_saber_lightsaber_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SABER_SABER_SHA384:
+		r = kex_kem_saber_saber_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SABER_FIRESABER_SHA512:
+		r = kex_kem_saber_firesaber_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_SHA256:
+		r = kex_kem_kyber_512_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_SHA384:
+		r = kex_kem_kyber_768_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_SHA512:
+		r = kex_kem_kyber_1024_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_90S_SHA256:
+		r = kex_kem_kyber_512_90s_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_90S_SHA384:
+		r = kex_kem_kyber_768_90s_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_90S_SHA512:
+		r = kex_kem_kyber_1024_90s_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_CPA_SHA512:
+		r = kex_kem_bike1_l1_cpa_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_FO_SHA512:
+		r = kex_kem_bike1_l1_fo_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_CPA_SHA512:
+		r = kex_kem_bike1_l3_cpa_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_FO_SHA512:
+		r = kex_kem_bike1_l3_fo_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048509_SHA512:
+		r = kex_kem_ntru_hps2048509_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048677_SHA512:
+		r = kex_kem_ntru_hps2048677_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HRSS701_SHA512:
+		r = kex_kem_ntru_hrss701_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS4096821_SHA512:
+		r = kex_kem_ntru_hps4096821_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864_SHA256:
+		r = kex_kem_classic_mceliece_348864_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256:
+		r = kex_kem_classic_mceliece_348864f_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896_SHA512:
+		r = kex_kem_classic_mceliece_460896_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512:
+		r = kex_kem_classic_mceliece_460896f_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512:
+		r = kex_kem_classic_mceliece_6688128_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512:
+		r = kex_kem_classic_mceliece_6688128f_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512:
+		r = kex_kem_classic_mceliece_6960119_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512:
+		r = kex_kem_classic_mceliece_6960119f_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512:
+		r = kex_kem_classic_mceliece_8192128_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512:
+		r = kex_kem_classic_mceliece_8192128f_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_HQC_128_SHA256:
+		r = kex_kem_hqc_128_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_HQC_192_SHA384:
+		r = kex_kem_hqc_192_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_HQC_256_SHA512:
+		r = kex_kem_hqc_256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR653_SHA256:
+		r = kex_kem_ntruprime_ntrulpr653_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP653_SHA256:
+		r = kex_kem_ntruprime_sntrup653_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR761_SHA384:
+		r = kex_kem_ntruprime_ntrulpr761_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP761_SHA384:
+		r = kex_kem_ntruprime_sntrup761_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR857_SHA384:
+		r = kex_kem_ntruprime_ntrulpr857_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP857_SHA384:
+		r = kex_kem_ntruprime_sntrup857_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	case KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256:
@@ -403,10 +1203,210 @@ input_kex_gen_init(int type, u_int32_t seq, struct ssh *ssh)
 		r = kex_kem_frodokem_1344_aes_ecdh_nistp521_enc(kex, client_pubkey,
 		    &server_pubkey, &shared_secret);
 		break;
+	case KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256:
+		r = kex_kem_frodokem_640_shake_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384:
+		r = kex_kem_frodokem_976_shake_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512:
+		r = kex_kem_frodokem_1344_shake_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256:
+		r = kex_kem_sidh_p434_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256:
+		r = kex_kem_sidh_p434_compressed_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256:
+		r = kex_kem_sidh_p610_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256:
+		r = kex_kem_sidh_p610_compressed_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256:
+		r = kex_kem_sidh_p751_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256:
+		r = kex_kem_sidh_p751_compressed_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
 	case KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256:
 		r = kex_kem_sike_p434_ecdh_nistp256_enc(kex, client_pubkey,
 		    &server_pubkey, &shared_secret);
 		break;
+	case KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256:
+		r = kex_kem_sike_p434_compressed_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256:
+		r = kex_kem_sike_p610_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256:
+		r = kex_kem_sike_p610_compressed_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256:
+		r = kex_kem_sike_p751_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256:
+		r = kex_kem_sike_p751_compressed_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256:
+		r = kex_kem_saber_lightsaber_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384:
+		r = kex_kem_saber_saber_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512:
+		r = kex_kem_saber_firesaber_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256:
+		r = kex_kem_kyber_512_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384:
+		r = kex_kem_kyber_768_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512:
+		r = kex_kem_kyber_1024_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256:
+		r = kex_kem_kyber_512_90s_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384:
+		r = kex_kem_kyber_768_90s_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512:
+		r = kex_kem_kyber_1024_90s_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512:
+		r = kex_kem_bike1_l1_cpa_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512:
+		r = kex_kem_bike1_l1_fo_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512:
+		r = kex_kem_bike1_l3_cpa_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512:
+		r = kex_kem_bike1_l3_fo_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512:
+		r = kex_kem_ntru_hps2048509_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512:
+		r = kex_kem_ntru_hps2048677_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512:
+		r = kex_kem_ntru_hrss701_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512:
+		r = kex_kem_ntru_hps4096821_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256:
+		r = kex_kem_classic_mceliece_348864_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256:
+		r = kex_kem_classic_mceliece_348864f_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512:
+		r = kex_kem_classic_mceliece_460896_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512:
+		r = kex_kem_classic_mceliece_460896f_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6688128_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6688128f_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6960119_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_6960119f_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_8192128_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512:
+		r = kex_kem_classic_mceliece_8192128f_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_HQC_128_ECDH_NISTP256_SHA256:
+		r = kex_kem_hqc_128_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_HQC_192_ECDH_NISTP384_SHA384:
+		r = kex_kem_hqc_192_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_HQC_256_ECDH_NISTP521_SHA512:
+		r = kex_kem_hqc_256_ecdh_nistp521_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256:
+		r = kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256:
+		r = kex_kem_ntruprime_sntrup653_ecdh_nistp256_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_sntrup761_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
+	case KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384:
+		r = kex_kem_ntruprime_sntrup857_ecdh_nistp384_enc(kex, client_pubkey,
+		    &server_pubkey, &shared_secret);
+		break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_INIT_SWITCH_CASES_END
diff --git a/kexoqs.c b/kexoqs.c
index eb6b580ec524..9e25c1813af6 100644
--- a/kexoqs.c
+++ b/kexoqs.c
@@ -300,13 +300,1733 @@ int kex_kem_frodokem_1344_aes_dec(struct kex *kex,
     OQS_KEM_free(kem);
     return r;
 }
+/*---------------------------------------------------
+ * FRODOKEM_640_SHAKE METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_frodokem_640_shake_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_640_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_frodokem_640_shake_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_640_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_640_shake_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_640_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * FRODOKEM_976_SHAKE METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_frodokem_976_shake_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_976_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_frodokem_976_shake_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_976_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_976_shake_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_976_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * FRODOKEM_1344_SHAKE METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_frodokem_1344_shake_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_1344_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_frodokem_1344_shake_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_1344_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_1344_shake_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_1344_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIDH_P434 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sidh_p434_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sidh_p434_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p434_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIDH_P434_COMPRESSED METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sidh_p434_compressed_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sidh_p434_compressed_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p434_compressed_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIDH_P610 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sidh_p610_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sidh_p610_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p610_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIDH_P610_COMPRESSED METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sidh_p610_compressed_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sidh_p610_compressed_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p610_compressed_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIDH_P751 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sidh_p751_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sidh_p751_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p751_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIDH_P751_COMPRESSED METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sidh_p751_compressed_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sidh_p751_compressed_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p751_compressed_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
 /*---------------------------------------------------
  * SIKE_P434 METHODS
  *---------------------------------------------------
  */
-int kex_kem_sike_p434_keypair(struct kex *kex)
+int kex_kem_sike_p434_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sike_p434_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p434_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIKE_P434_COMPRESSED METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sike_p434_compressed_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sike_p434_compressed_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p434_compressed_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIKE_P610 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sike_p610_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sike_p610_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p610_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIKE_P610_COMPRESSED METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sike_p610_compressed_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sike_p610_compressed_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p610_compressed_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIKE_P751 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sike_p751_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sike_p751_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p751_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SIKE_P751_COMPRESSED METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_sike_p751_compressed_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_sike_p751_compressed_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p751_compressed_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SABER_LIGHTSABER METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_saber_lightsaber_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_lightsaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_saber_lightsaber_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_lightsaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_lightsaber_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_lightsaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SABER_SABER METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_saber_saber_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_saber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_saber_saber_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_saber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_saber_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_saber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * SABER_FIRESABER METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_saber_firesaber_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_firesaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_saber_firesaber_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_firesaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_firesaber_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_firesaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * KYBER_512 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_kyber_512_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_kyber_512_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_512_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * KYBER_768 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_kyber_768_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_kyber_768_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_768_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * KYBER_1024 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_kyber_1024_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_kyber_1024_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_1024_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * KYBER_512_90S METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_kyber_512_90s_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_kyber_512_90s_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_512_90s_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * KYBER_768_90S METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_kyber_768_90s_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_kyber_768_90s_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_768_90s_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * KYBER_1024_90S METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_kyber_1024_90s_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_kyber_1024_90s_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_1024_90s_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * BIKE1_L1_CPA METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_bike1_l1_cpa_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_bike1_l1_cpa_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l1_cpa_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * BIKE1_L1_FO METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_bike1_l1_fo_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_bike1_l1_fo_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l1_fo_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * BIKE1_L3_CPA METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_bike1_l3_cpa_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_bike1_l3_cpa_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l3_cpa_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * BIKE1_L3_FO METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_bike1_l3_fo_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_bike1_l3_fo_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l3_fo_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRU_HPS2048509 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntru_hps2048509_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048509);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntru_hps2048509_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048509);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps2048509_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048509);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRU_HPS2048677 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntru_hps2048677_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048677);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntru_hps2048677_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048677);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps2048677_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048677);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRU_HRSS701 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntru_hrss701_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hrss701);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntru_hrss701_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hrss701);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hrss701_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hrss701);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRU_HPS4096821 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntru_hps4096821_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps4096821);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntru_hps4096821_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps4096821);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps4096821_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps4096821);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_348864 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_348864_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_348864_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_348864_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_348864F METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_348864f_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_348864f_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_348864f_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_460896 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_460896_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_460896_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_460896_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_460896F METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_460896f_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_460896f_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_460896f_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_6688128 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6688128_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_6688128_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6688128_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_6688128F METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6688128f_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_6688128f_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6688128f_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_6960119 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6960119_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_6960119_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6960119_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_6960119F METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6960119f_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_6960119f_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6960119f_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_8192128 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_8192128_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_8192128_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_8192128_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * CLASSIC_MCELIECE_8192128F METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_classic_mceliece_8192128f_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_classic_mceliece_8192128f_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_8192128f_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * HQC_128 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_hqc_128_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_hqc_128_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_hqc_128_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * HQC_192 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_hqc_192_keypair(struct kex *kex)
 {
-    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_192);
     if (kem == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
@@ -314,12 +2034,12 @@ int kex_kem_sike_p434_keypair(struct kex *kex)
     OQS_KEM_free(kem);
     return r;
 }
-int kex_kem_sike_p434_enc(struct kex *kex,
+int kex_kem_hqc_192_enc(struct kex *kex,
                                   const struct sshbuf *client_blob,
                                   struct sshbuf **server_blobp,
                                   struct sshbuf **shared_secretp)
 {
-    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_192);
     if (kem == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
@@ -328,11 +2048,291 @@ int kex_kem_sike_p434_enc(struct kex *kex,
     return r;
 }
 
-int kex_kem_sike_p434_dec(struct kex *kex,
+int kex_kem_hqc_192_dec(struct kex *kex,
                                   const struct sshbuf *server_blob,
                                   struct sshbuf **shared_secretp)
 {
-    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_192);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * HQC_256 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_hqc_256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_256);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_hqc_256_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_256);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_hqc_256_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_256);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRUPRIME_NTRULPR653 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr653_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_ntrulpr653_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr653_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRUPRIME_SNTRUP653 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup653_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_sntrup653_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup653_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRUPRIME_NTRULPR761 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr761_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_ntrulpr761_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr761_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRUPRIME_SNTRUP761 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup761_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_sntrup761_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup761_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRUPRIME_NTRULPR857 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr857_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_ntrulpr857_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr857_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_dec(kem, kex, server_blob, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------
+ * NTRUPRIME_SNTRUP857 METHODS
+ *---------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup857_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+int kex_kem_ntruprime_sntrup857_enc(struct kex *kex,
+                                  const struct sshbuf *client_blob,
+                                  struct sshbuf **server_blobp,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup857_dec(struct kex *kex,
+                                  const struct sshbuf *server_blob,
+                                  struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup857);
     if (kem == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
diff --git a/kexoqsecdh.c b/kexoqsecdh.c
index 079af1dbdaba..25845e4de011 100644
--- a/kexoqsecdh.c
+++ b/kexoqsecdh.c
@@ -517,13 +517,1776 @@ int kex_kem_frodokem_1344_aes_ecdh_nistp521_dec(struct kex *kex,
     OQS_KEM_free(kem);
     return r;
 }
+/*---------------------------------------------------------------
+ * FRODOKEM_640_SHAKE_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_frodokem_640_shake_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_640_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_640_shake_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_640_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_640_shake_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_640_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * FRODOKEM_976_SHAKE_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_frodokem_976_shake_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_976_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_976_shake_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_976_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_976_shake_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_976_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * FRODOKEM_1344_SHAKE_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_frodokem_1344_shake_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_1344_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_1344_shake_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_1344_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_frodokem_1344_shake_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_frodokem_1344_shake);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIDH_P434_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sidh_p434_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p434_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p434_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIDH_P434_COMPRESSED_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sidh_p434_compressed_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p434_compressed_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p434_compressed_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIDH_P610_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sidh_p610_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p610_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p610_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIDH_P610_COMPRESSED_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sidh_p610_compressed_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p610_compressed_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p610_compressed_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIDH_P751_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sidh_p751_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p751_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p751_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIDH_P751_COMPRESSED_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sidh_p751_compressed_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p751_compressed_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sidh_p751_compressed_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sidh_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
 /*---------------------------------------------------------------
  * SIKE_P434_ECDH_NISTP256 METHODS
  *---------------------------------------------------------------
  */
-int kex_kem_sike_p434_ecdh_nistp256_keypair(struct kex *kex)
+int kex_kem_sike_p434_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p434_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p434_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIKE_P434_COMPRESSED_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sike_p434_compressed_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p434_compressed_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p434_compressed_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIKE_P610_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sike_p610_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p610_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p610_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIKE_P610_COMPRESSED_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sike_p610_compressed_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p610_compressed_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p610_compressed_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p610_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIKE_P751_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sike_p751_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p751_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p751_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SIKE_P751_COMPRESSED_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_sike_p751_compressed_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p751_compressed_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_sike_p751_compressed_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p751_compressed);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SABER_LIGHTSABER_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_saber_lightsaber_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_lightsaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_lightsaber_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_lightsaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_lightsaber_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_lightsaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SABER_SABER_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_saber_saber_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_saber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_saber_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_saber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_saber_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_saber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * SABER_FIRESABER_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_saber_firesaber_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_firesaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_firesaber_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_firesaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_saber_firesaber_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_saber_firesaber);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * KYBER_512_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_kyber_512_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_512_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_512_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * KYBER_768_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_kyber_768_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_768_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_768_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * KYBER_1024_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_kyber_1024_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_1024_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_1024_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * KYBER_512_90S_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_kyber_512_90s_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_512_90s_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_512_90s_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_512_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * KYBER_768_90S_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_kyber_768_90s_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_768_90s_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_768_90s_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_768_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * KYBER_1024_90S_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_kyber_1024_90s_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_1024_90s_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_kyber_1024_90s_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_kyber_1024_90s);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * BIKE1_L1_CPA_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_bike1_l1_cpa_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l1_cpa_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l1_cpa_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * BIKE1_L1_FO_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_bike1_l1_fo_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l1_fo_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l1_fo_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l1_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * BIKE1_L3_CPA_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_bike1_l3_cpa_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l3_cpa_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l3_cpa_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_cpa);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * BIKE1_L3_FO_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_bike1_l3_fo_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l3_fo_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_bike1_l3_fo_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_bike1_l3_fo);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRU_HPS2048509_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntru_hps2048509_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048509);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps2048509_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048509);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps2048509_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048509);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRU_HPS2048677_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntru_hps2048677_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048677);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps2048677_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048677);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps2048677_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps2048677);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRU_HRSS701_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntru_hrss701_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hrss701);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hrss701_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hrss701);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hrss701_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hrss701);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRU_HPS4096821_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntru_hps4096821_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps4096821);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps4096821_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps4096821);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntru_hps4096821_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntru_hps4096821);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_348864_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_348864_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_348864_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_348864_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_348864F_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_348864f_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_348864f_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_348864f_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_348864f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_460896_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_460896_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_460896_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_460896_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_460896F_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_460896f_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_460896f_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_460896f_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_460896f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_6688128_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6688128_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6688128_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6688128_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_6688128F_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6688128f_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6688128f_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6688128f_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6688128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_6960119_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6960119_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6960119_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6960119_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_6960119F_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_6960119f_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6960119f_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_6960119f_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_6960119f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_8192128_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_8192128_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_8192128_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_8192128_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * CLASSIC_MCELIECE_8192128F_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_classic_mceliece_8192128f_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_8192128f_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_classic_mceliece_8192128f_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_classic_mceliece_8192128f);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * HQC_128_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_hqc_128_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_hqc_128_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_hqc_128_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_128);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * HQC_192_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_hqc_192_ecdh_nistp384_keypair(struct kex *kex)
 {
-    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_192);
     if (kem == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
@@ -532,12 +2295,12 @@ int kex_kem_sike_p434_ecdh_nistp256_keypair(struct kex *kex)
     return r;
 }
 
-int kex_kem_sike_p434_ecdh_nistp256_enc(struct kex *kex,
+int kex_kem_hqc_192_ecdh_nistp384_enc(struct kex *kex,
                                    const struct sshbuf *client_blob,
                                    struct sshbuf **server_blobp,
                                    struct sshbuf **shared_secretp)
 {
-    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_192);
     if (kem == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
@@ -546,11 +2309,298 @@ int kex_kem_sike_p434_ecdh_nistp256_enc(struct kex *kex,
     return r;
 }
 
-int kex_kem_sike_p434_ecdh_nistp256_dec(struct kex *kex,
+int kex_kem_hqc_192_ecdh_nistp384_dec(struct kex *kex,
                                        const struct sshbuf *server_blobp,
                                        struct sshbuf **shared_secretp)
 {
-    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_sike_p434);
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_192);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * HQC_256_ECDH_NISTP521 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_hqc_256_ecdh_nistp521_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_256);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_hqc_256_ecdh_nistp521_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_256);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_hqc_256_ecdh_nistp521_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_hqc_256);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRUPRIME_NTRULPR653_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr653_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRUPRIME_SNTRUP653_ECDH_NISTP256 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup653_ecdh_nistp256_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup653_ecdh_nistp256_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup653_ecdh_nistp256_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup653);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRUPRIME_NTRULPR761_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr761_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRUPRIME_SNTRUP761_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup761_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup761_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup761_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup761);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRUPRIME_NTRULPR857_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_ntrulpr857_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_ntrulpr857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_dec(kem, kex, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+/*---------------------------------------------------------------
+ * NTRUPRIME_SNTRUP857_ECDH_NISTP384 METHODS
+ *---------------------------------------------------------------
+ */
+int kex_kem_ntruprime_sntrup857_ecdh_nistp384_keypair(struct kex *kex)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_keypair(kem, kex);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup857_ecdh_nistp384_enc(struct kex *kex,
+                                   const struct sshbuf *client_blob,
+                                   struct sshbuf **server_blobp,
+                                   struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup857);
+    if (kem == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = kex_kem_generic_with_ec_enc(kem, kex, client_blob, server_blobp, shared_secretp);
+    OQS_KEM_free(kem);
+    return r;
+}
+
+int kex_kem_ntruprime_sntrup857_ecdh_nistp384_dec(struct kex *kex,
+                                       const struct sshbuf *server_blobp,
+                                       struct sshbuf **shared_secretp)
+{
+    OQS_KEM *kem = OQS_KEM_new(OQS_KEM_alg_ntruprime_sntrup857);
     if (kem == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
diff --git a/match.c b/match.c
index 927565c188c6..1089e8143428 100644
--- a/match.c
+++ b/match.c
@@ -265,7 +265,7 @@ match_user(const char *user, const char *host, const char *ipaddr,
  * Returns first item from client-list that is also supported by server-list,
  * caller must free the returned string.
  */
-#define	MAX_PROP	40
+#define	MAX_PROP	60
 #define	SEP	","
 char *
 match_list(const char *client, const char *server, u_int *next)
diff --git a/monitor.c b/monitor.c
index 9736ebdbaa4f..23a1f602cddc 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1734,14 +1734,114 @@ monitor_apply_keystate(struct ssh *ssh, struct monitor *pmonitor)
 		kex->kex[KEX_KEM_FRODOKEM_640_AES_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_976_AES_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_1344_AES_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_90S_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_90S_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_90S_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_CPA_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_FO_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_CPA_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_FO_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048509_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048677_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HRSS701_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS4096821_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_SHA384] = kex_gen_server;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 		kex->kex[KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384] = kex_gen_server;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_APPLY_KEYSTATE_END
diff --git a/myproposal.h b/myproposal.h
index 492655f154e0..36b3824cc047 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -46,8 +46,108 @@
 	"ecdh-nistp384-frodokem-976-aes-sha384," \
 	"frodokem-1344-aes-sha512," \
 	"ecdh-nistp521-frodokem-1344-aes-sha512," \
+	"frodokem-640-shake-sha256," \
+	"ecdh-nistp256-frodokem-640-shake-sha256," \
+	"frodokem-976-shake-sha384," \
+	"ecdh-nistp384-frodokem-976-shake-sha384," \
+	"frodokem-1344-shake-sha512," \
+	"ecdh-nistp521-frodokem-1344-shake-sha512," \
+	"sidh-p434-sha256," \
+	"ecdh-nistp256-sidh-p434-sha256," \
+	"sidh-p434-compressed-sha256," \
+	"ecdh-nistp256-sidh-p434-compressed-sha256," \
+	"sidh-p610-sha256," \
+	"ecdh-nistp384-sidh-p610-sha256," \
+	"sidh-p610-compressed-sha256," \
+	"ecdh-nistp384-sidh-p610-compressed-sha256," \
+	"sidh-p751-sha256," \
+	"ecdh-nistp521-sidh-p751-sha256," \
+	"sidh-p751-compressed-sha256," \
+	"ecdh-nistp521-sidh-p751-compressed-sha256," \
 	"sike-p434-sha256," \
-	"ecdh-nistp256-sike-p434-sha256"
+	"ecdh-nistp256-sike-p434-sha256," \
+	"sike-p434-compressed-sha256," \
+	"ecdh-nistp256-sike-p434-compressed-sha256," \
+	"sike-p610-sha256," \
+	"ecdh-nistp384-sike-p610-sha256," \
+	"sike-p610-compressed-sha256," \
+	"ecdh-nistp384-sike-p610-compressed-sha256," \
+	"sike-p751-sha256," \
+	"ecdh-nistp521-sike-p751-sha256," \
+	"sike-p751-compressed-sha256," \
+	"ecdh-nistp521-sike-p751-compressed-sha256," \
+	"saber-lightsaber-sha256," \
+	"ecdh-nistp256-saber-lightsaber-sha256," \
+	"saber-saber-sha384," \
+	"ecdh-nistp384-saber-saber-sha384," \
+	"saber-firesaber-sha512," \
+	"ecdh-nistp521-saber-firesaber-sha512," \
+	"kyber-512-sha256," \
+	"ecdh-nistp256-kyber-512-sha256," \
+	"kyber-768-sha384," \
+	"ecdh-nistp384-kyber-768-sha384," \
+	"kyber-1024-sha512," \
+	"ecdh-nistp521-kyber-1024-sha512," \
+	"kyber-512-90s-sha256," \
+	"ecdh-nistp256-kyber-512-90s-sha256," \
+	"kyber-768-90s-sha384," \
+	"ecdh-nistp384-kyber-768-90s-sha384," \
+	"kyber-1024-90s-sha512," \
+	"ecdh-nistp521-kyber-1024-90s-sha512," \
+	"bike1-l1-cpa-sha512," \
+	"ecdh-nistp256-bike1-l1-cpa-sha512," \
+	"bike1-l1-fo-sha512," \
+	"ecdh-nistp256-bike1-l1-fo-sha512," \
+	"bike1-l3-cpa-sha512," \
+	"ecdh-nistp384-bike1-l3-cpa-sha512," \
+	"bike1-l3-fo-sha512," \
+	"ecdh-nistp384-bike1-l3-fo-sha512," \
+	"ntru-hps2048509-sha512," \
+	"ecdh-nistp256-ntru-hps2048509-sha512," \
+	"ntru-hps2048677-sha512," \
+	"ecdh-nistp384-ntru-hps2048677-sha512," \
+	"ntru-hrss701-sha512," \
+	"ecdh-nistp384-ntru-hrss701-sha512," \
+	"ntru-hps4096821-sha512," \
+	"ecdh-nistp521-ntru-hps4096821-sha512," \
+	"classic-mceliece-348864-sha256," \
+	"ecdh-nistp256-classic-mceliece-348864-sha256," \
+	"classic-mceliece-348864f-sha256," \
+	"ecdh-nistp256-classic-mceliece-348864f-sha256," \
+	"classic-mceliece-460896-sha512," \
+	"ecdh-nistp384-classic-mceliece-460896-sha512," \
+	"classic-mceliece-460896f-sha512," \
+	"ecdh-nistp384-classic-mceliece-460896f-sha512," \
+	"classic-mceliece-6688128-sha512," \
+	"ecdh-nistp521-classic-mceliece-6688128-sha512," \
+	"classic-mceliece-6688128f-sha512," \
+	"ecdh-nistp521-classic-mceliece-6688128f-sha512," \
+	"classic-mceliece-6960119-sha512," \
+	"ecdh-nistp521-classic-mceliece-6960119-sha512," \
+	"classic-mceliece-6960119f-sha512," \
+	"ecdh-nistp521-classic-mceliece-6960119f-sha512," \
+	"classic-mceliece-8192128-sha512," \
+	"ecdh-nistp521-classic-mceliece-8192128-sha512," \
+	"classic-mceliece-8192128f-sha512," \
+	"ecdh-nistp521-classic-mceliece-8192128f-sha512," \
+	"hqc-128-sha256," \
+	"ecdh-nistp256-hqc-128-sha256," \
+	"hqc-192-sha384," \
+	"ecdh-nistp384-hqc-192-sha384," \
+	"hqc-256-sha512," \
+	"ecdh-nistp521-hqc-256-sha512," \
+	"ntruprime-ntrulpr653-sha256," \
+	"ecdh-nistp256-ntruprime-ntrulpr653-sha256," \
+	"ntruprime-sntrup653-sha256," \
+	"ecdh-nistp256-ntruprime-sntrup653-sha256," \
+	"ntruprime-ntrulpr761-sha384," \
+	"ecdh-nistp384-ntruprime-ntrulpr761-sha384," \
+	"ntruprime-sntrup761-sha384," \
+	"ecdh-nistp384-ntruprime-sntrup761-sha384," \
+	"ntruprime-ntrulpr857-sha384," \
+	"ecdh-nistp384-ntruprime-ntrulpr857-sha384," \
+	"ntruprime-sntrup857-sha384," \
+	"ecdh-nistp384-ntruprime-sntrup857-sha384"
 /*/// OQS_TEMPLATE_FRAGMENT_ADD_SERVER_KEXS_END */
 
 #define KEX_CLIENT_KEX KEX_SERVER_KEX
diff --git a/oqs-template/README.md/list_all_kexs.fragment b/oqs-template/README.md/list_all_kexs.fragment
index f966c8bf8c33..d768010b6558 100644
--- a/oqs-template/README.md/list_all_kexs.fragment
+++ b/oqs-template/README.md/list_all_kexs.fragment
@@ -1,4 +1,4 @@
 {%- for family, kexs in (config['kexs'] | selectattr("family") | groupby('family')) %}
-- **{{ family }}**: {% for kex in kexs -%}  `{{ kex['name']|replace('_','-') }}-{{ kex['hash'] }}` {%- if not loop.last %}, {% endif -%}{%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%}
+- **{{ family }}**: {% for kex in kexs -%}  `{{ kex['name']|replace('_','-') }}-{{ kex['hash'] }}` {%- if kex['enable'] -%} * {%- endif -%} {%- if not loop.last %}, {% endif -%}{%- if loop.last and family == 'HQC' -%}†{%- endif -%}{%- endfor -%}
 {%- endfor %}
 
diff --git a/oqs-template/README.md/list_all_sigs.fragment b/oqs-template/README.md/list_all_sigs.fragment
index 6e34611c2fb8..af6de1a1ded4 100644
--- a/oqs-template/README.md/list_all_sigs.fragment
+++ b/oqs-template/README.md/list_all_sigs.fragment
@@ -1,4 +1,4 @@
 {%- for family, sigs in (config['sigs'] | selectattr('family') | groupby('family')) %}
-- **{{ family }}**: {% for sig in sigs -%}  `{{ sig['name']|replace('_','') }}` {%- if not loop.last %}, {% endif -%} {%- endfor -%}
+- **{{ family }}**: {% for sig in sigs -%}  `{{ sig['name']|replace('_','') }}` {%- if sig['enable'] -%} * {%- endif -%} {%- if not loop.last %}, {% endif -%} {%- endfor -%}
 {%- endfor %}
 
diff --git a/oqs-template/generate.py b/oqs-template/generate.py
index 2d0f3a889de4..027b41ee9b9b 100644
--- a/oqs-template/generate.py
+++ b/oqs-template/generate.py
@@ -46,9 +46,15 @@ def populate(filename, config, delimiter):
 
     file_put_contents(filename, contents)
 
-def load_config():
+def load_config(include_disabled_algs=False):
     config = file_get_contents(os.path.join('oqs-template', 'generate.yml'), encoding='utf-8')
     config = yaml.safe_load(config)
+    if not include_disabled_algs:
+        config['sigs'] = [sig for sig in config['sigs'] if 'enable' in sig.keys() and sig['enable']]
+
+        # enable if single KEXs are to be en/disabled:
+        #config['kexs'] = [kex for kex in config['kexs'] if 'enable' in kex.keys() and kex['enable']]
+
     return config
 
 config = load_config()
@@ -84,5 +90,8 @@ def load_config():
 
 # both
 populate('ssh-keyscan.c', config, '/////')
-populate('README.md', config, '<!---')
 populate('oqs-test/try_connection.py', config, '#####')
+
+config = load_config(include_disabled_algs=True)
+populate('README.md', config, '<!---')
+
diff --git a/oqs-template/generate.yml b/oqs-template/generate.yml
index 31f5866ffcec..29040e63ad3c 100644
--- a/oqs-template/generate.yml
+++ b/oqs-template/generate.yml
@@ -31,18 +31,684 @@ kexs:
       -
         name: 'nistp521'
         openssl_nid: 'NID_secp521r1'
+  -
+    family: 'FrodoKEM'
+    name: 'frodokem_640_shake'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'FrodoKEM'
+    name: 'frodokem_976_shake'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'FrodoKEM'
+    name: 'frodokem_1344_shake'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SIDH'
+    name: 'sidh_p434'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SIDH'
+    name: 'sidh_p434_compressed'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SIDH'
+    name: 'sidh_p610'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SIDH'
+    name: 'sidh_p610_compressed'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SIDH'
+    name: 'sidh_p751'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SIDH'
+    name: 'sidh_p751_compressed'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
   -
     family: 'SIKE'
     name: 'sike_p434'
     hash: 'sha256'
     mix_with:
       -
-        name: 'nistp256'
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SIKE'
+    name: 'sike_p434_compressed'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SIKE'
+    name: 'sike_p610'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SIKE'
+    name: 'sike_p610_compressed'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SIKE'
+    name: 'sike_p751'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SIKE'
+    name: 'sike_p751_compressed'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Saber'
+    name: 'saber_lightsaber'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Saber'
+    name: 'saber_saber'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Saber'
+    name: 'saber_firesaber'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Kyber'
+    name: 'kyber_512'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Kyber'
+    name: 'kyber_768'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Kyber'
+    name: 'kyber_1024'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Kyber'
+    name: 'kyber_512_90s'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Kyber'
+    name: 'kyber_768_90s'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Kyber'
+    name: 'kyber_1024_90s'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'BIKE'
+    name: 'bike1_l1_cpa'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'BIKE'
+    name: 'bike1_l1_fo'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'BIKE'
+    name: 'bike1_l3_cpa'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'BIKE'
+    name: 'bike1_l3_fo'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'NTRU'
+    name: 'ntru_hps2048509'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'NTRU'
+    name: 'ntru_hps2048677'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'NTRU'
+    name: 'ntru_hrss701'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'NTRU'
+    name: 'ntru_hps4096821'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_348864'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_348864f'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_460896'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_460896f'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_6688128'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_6688128f'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_6960119'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_6960119f'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_8192128'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'ClassicMcEliece'
+    name: 'classic_mceliece_8192128f'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'HQC'
+    name: 'hqc_128'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'HQC'
+    name: 'hqc_192'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'HQC'
+    name: 'hqc_256'
+    hash: 'sha512'
+    mix_with:
+      -
+        name: 'nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'NTRU-PRIME'
+    name: 'ntruprime_ntrulpr653'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'NTRU-PRIME'
+    name: 'ntruprime_sntrup653'
+    hash: 'sha256'
+    mix_with:
+      -
+        name: 'nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'NTRU-PRIME'
+    name: 'ntruprime_ntrulpr761'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'NTRU-PRIME'
+    name: 'ntruprime_sntrup761'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'NTRU-PRIME'
+    name: 'ntruprime_ntrulpr857'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'NTRU-PRIME'
+    name: 'ntruprime_sntrup857'
+    hash: 'sha384'
+    mix_with:
+      -
+        name: 'nistp384'
+        openssl_nid: 'NID_secp384r1'
+
+sigs:
+  -
+    name: 'oqs_default'
+    enable: true
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Falcon'
+    name: 'falcon_512'
+    enable: true
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Falcon'
+    name: 'falcon_1024'
+    enable: true
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Dilithium'
+    name: 'dilithium_2'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Dilithium'
+    name: 'dilithium_3'
+    enable: true
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Dilithium'
+    name: 'dilithium_5'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Dilithium'
+    name: 'dilithium_2_aes'
+    enable: true
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Dilithium'
+    name: 'dilithium_3_aes'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Dilithium'
+    name: 'dilithium_5_aes'
+    enable: true
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L1_FS'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L1_UR'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L1_full'
+    enable: true
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L3_FS'
+    enable: true
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L3_UR'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L3_full'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L5_FS'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L5_UR'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Picnic'
+    name: 'picnic_L5_full'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_I_classic'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_I_circumzenithal'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_I_compressed'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_III_classic'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_III_circumzenithal'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_III_compressed'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_V_classic'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_V_circumzenithal'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'Rainbow'
+    name: 'rainbow_V_compressed'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_128f_robust'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
         openssl_nid: 'NID_X9_62_prime256v1'
-
-sigs:
   -
-    name: 'oqs_default'
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_128f_simple'
+    enable: true
     level: 1
     mix_with:
       -
@@ -52,8 +718,8 @@ sigs:
         name: 'ecdsa_nistp256'
         openssl_nid: 'NID_X9_62_prime256v1'
   -
-    family: 'Dilithium'
-    name: 'dilithium_2'
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_128s_robust'
     level: 1
     mix_with:
       -
@@ -63,18 +729,295 @@ sigs:
         name: 'ecdsa_nistp256'
         openssl_nid: 'NID_X9_62_prime256v1'
   -
-    family: 'Dilithium'
-    name: 'dilithium_3'
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_128s_simple'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_128f_robust'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_128s_robust'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_128f_simple'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_128s_simple'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_128f_robust'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_128s_robust'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_128f_simple'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_128s_simple'
+    level: 1
+    mix_with:
+      -
+        name: 'rsa3072'
+        rsa: true
+      -
+        name: 'ecdsa_nistp256'
+        openssl_nid: 'NID_X9_62_prime256v1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_192f_robust'
+    enable: true
     level: 3
     mix_with:
       -
         name: 'ecdsa_nistp384'
         openssl_nid: 'NID_secp384r1'
   -
-    family: 'Dilithium'
-    name: 'dilithium_5'
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_192s_robust'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_192f_simple'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_192s_simple'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_192f_robust'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_192s_robust'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_192f_simple'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_192s_simple'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_192f_robust'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_192s_robust'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_192f_simple'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_192s_simple'
+    level: 3
+    mix_with:
+      -
+        name: 'ecdsa_nistp384'
+        openssl_nid: 'NID_secp384r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_256f_robust'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_256s_robust'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_256f_simple'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_haraka_256s_simple'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_256f_robust'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_256s_robust'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_256f_simple'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_sha256_256s_simple'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_256f_robust'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_256s_robust'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_256f_simple'
+    level: 5
+    mix_with:
+      -
+        name: 'ecdsa_nistp521'
+        openssl_nid: 'NID_secp521r1'
+  -
+    family: 'SPHINCS'
+    name: 'sphincs_shake256_256s_simple'
     level: 5
     mix_with:
       -
         name: 'ecdsa_nistp521'
         openssl_nid: 'NID_secp521r1'
+
diff --git a/oqs-test/try_connection.py b/oqs-test/try_connection.py
index 45aba36a5e92..817356e6745d 100644
--- a/oqs-test/try_connection.py
+++ b/oqs-test/try_connection.py
@@ -6,6 +6,7 @@
 import random
 import subprocess
 import time
+import sys
 
 # Requires make tests LTESTS="" to be run first
 
@@ -19,8 +20,108 @@
     "ecdh-nistp384-frodokem-976-aes-sha384",
     "frodokem-1344-aes-sha512",
     "ecdh-nistp521-frodokem-1344-aes-sha512",
+    "frodokem-640-shake-sha256",
+    "ecdh-nistp256-frodokem-640-shake-sha256",
+    "frodokem-976-shake-sha384",
+    "ecdh-nistp384-frodokem-976-shake-sha384",
+    "frodokem-1344-shake-sha512",
+    "ecdh-nistp521-frodokem-1344-shake-sha512",
+    "sidh-p434-sha256",
+    "ecdh-nistp256-sidh-p434-sha256",
+    "sidh-p434-compressed-sha256",
+    "ecdh-nistp256-sidh-p434-compressed-sha256",
+    "sidh-p610-sha256",
+    "ecdh-nistp384-sidh-p610-sha256",
+    "sidh-p610-compressed-sha256",
+    "ecdh-nistp384-sidh-p610-compressed-sha256",
+    "sidh-p751-sha256",
+    "ecdh-nistp521-sidh-p751-sha256",
+    "sidh-p751-compressed-sha256",
+    "ecdh-nistp521-sidh-p751-compressed-sha256",
     "sike-p434-sha256",
     "ecdh-nistp256-sike-p434-sha256",
+    "sike-p434-compressed-sha256",
+    "ecdh-nistp256-sike-p434-compressed-sha256",
+    "sike-p610-sha256",
+    "ecdh-nistp384-sike-p610-sha256",
+    "sike-p610-compressed-sha256",
+    "ecdh-nistp384-sike-p610-compressed-sha256",
+    "sike-p751-sha256",
+    "ecdh-nistp521-sike-p751-sha256",
+    "sike-p751-compressed-sha256",
+    "ecdh-nistp521-sike-p751-compressed-sha256",
+    "saber-lightsaber-sha256",
+    "ecdh-nistp256-saber-lightsaber-sha256",
+    "saber-saber-sha384",
+    "ecdh-nistp384-saber-saber-sha384",
+    "saber-firesaber-sha512",
+    "ecdh-nistp521-saber-firesaber-sha512",
+    "kyber-512-sha256",
+    "ecdh-nistp256-kyber-512-sha256",
+    "kyber-768-sha384",
+    "ecdh-nistp384-kyber-768-sha384",
+    "kyber-1024-sha512",
+    "ecdh-nistp521-kyber-1024-sha512",
+    "kyber-512-90s-sha256",
+    "ecdh-nistp256-kyber-512-90s-sha256",
+    "kyber-768-90s-sha384",
+    "ecdh-nistp384-kyber-768-90s-sha384",
+    "kyber-1024-90s-sha512",
+    "ecdh-nistp521-kyber-1024-90s-sha512",
+    "bike1-l1-cpa-sha512",
+    "ecdh-nistp256-bike1-l1-cpa-sha512",
+    "bike1-l1-fo-sha512",
+    "ecdh-nistp256-bike1-l1-fo-sha512",
+    "bike1-l3-cpa-sha512",
+    "ecdh-nistp384-bike1-l3-cpa-sha512",
+    "bike1-l3-fo-sha512",
+    "ecdh-nistp384-bike1-l3-fo-sha512",
+    "ntru-hps2048509-sha512",
+    "ecdh-nistp256-ntru-hps2048509-sha512",
+    "ntru-hps2048677-sha512",
+    "ecdh-nistp384-ntru-hps2048677-sha512",
+    "ntru-hrss701-sha512",
+    "ecdh-nistp384-ntru-hrss701-sha512",
+    "ntru-hps4096821-sha512",
+    "ecdh-nistp521-ntru-hps4096821-sha512",
+    "classic-mceliece-348864-sha256",
+    "ecdh-nistp256-classic-mceliece-348864-sha256",
+    "classic-mceliece-348864f-sha256",
+    "ecdh-nistp256-classic-mceliece-348864f-sha256",
+    "classic-mceliece-460896-sha512",
+    "ecdh-nistp384-classic-mceliece-460896-sha512",
+    "classic-mceliece-460896f-sha512",
+    "ecdh-nistp384-classic-mceliece-460896f-sha512",
+    "classic-mceliece-6688128-sha512",
+    "ecdh-nistp521-classic-mceliece-6688128-sha512",
+    "classic-mceliece-6688128f-sha512",
+    "ecdh-nistp521-classic-mceliece-6688128f-sha512",
+    "classic-mceliece-6960119-sha512",
+    "ecdh-nistp521-classic-mceliece-6960119-sha512",
+    "classic-mceliece-6960119f-sha512",
+    "ecdh-nistp521-classic-mceliece-6960119f-sha512",
+    "classic-mceliece-8192128-sha512",
+    "ecdh-nistp521-classic-mceliece-8192128-sha512",
+    "classic-mceliece-8192128f-sha512",
+    "ecdh-nistp521-classic-mceliece-8192128f-sha512",
+    "hqc-128-sha256",
+    "ecdh-nistp256-hqc-128-sha256",
+    "hqc-192-sha384",
+    "ecdh-nistp384-hqc-192-sha384",
+    "hqc-256-sha512",
+    "ecdh-nistp521-hqc-256-sha512",
+    "ntruprime-ntrulpr653-sha256",
+    "ecdh-nistp256-ntruprime-ntrulpr653-sha256",
+    "ntruprime-sntrup653-sha256",
+    "ecdh-nistp256-ntruprime-sntrup653-sha256",
+    "ntruprime-ntrulpr761-sha384",
+    "ecdh-nistp384-ntruprime-ntrulpr761-sha384",
+    "ntruprime-sntrup761-sha384",
+    "ecdh-nistp384-ntruprime-sntrup761-sha384",
+    "ntruprime-ntrulpr857-sha384",
+    "ecdh-nistp384-ntruprime-ntrulpr857-sha384",
+    "ntruprime-sntrup857-sha384",
+    "ecdh-nistp384-ntruprime-sntrup857-sha384",
 ##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_KEXS_END
 ]
 
@@ -29,46 +130,74 @@
     "ssh-oqsdefault",
     "ssh-rsa3072-oqsdefault",
     "ssh-ecdsa-nistp256-oqsdefault",
-    "ssh-dilithium2",
-    "ssh-rsa3072-dilithium2",
-    "ssh-ecdsa-nistp256-dilithium2",
+    "ssh-falcon512",
+    "ssh-rsa3072-falcon512",
+    "ssh-ecdsa-nistp256-falcon512",
+    "ssh-falcon1024",
+    "ssh-ecdsa-nistp521-falcon1024",
     "ssh-dilithium3",
     "ssh-ecdsa-nistp384-dilithium3",
-    "ssh-dilithium5",
-    "ssh-ecdsa-nistp521-dilithium5",
+    "ssh-dilithium2aes",
+    "ssh-rsa3072-dilithium2aes",
+    "ssh-ecdsa-nistp256-dilithium2aes",
+    "ssh-dilithium5aes",
+    "ssh-ecdsa-nistp521-dilithium5aes",
+    "ssh-picnicL1full",
+    "ssh-rsa3072-picnicL1full",
+    "ssh-ecdsa-nistp256-picnicL1full",
+    "ssh-picnicL3FS",
+    "ssh-ecdsa-nistp384-picnicL3FS",
+    "ssh-sphincsharaka128fsimple",
+    "ssh-rsa3072-sphincsharaka128fsimple",
+    "ssh-ecdsa-nistp256-sphincsharaka128fsimple",
+    "ssh-sphincsharaka192frobust",
+    "ssh-ecdsa-nistp384-sphincsharaka192frobust",
 ##### OQS_TEMPLATE_FRAGMENT_LIST_ALL_SIGS_END
 ]
 
-def try_handshake(ssh, sshd):
-    random_sig = random.choice(sigs)
-    random_kex = random.choice(kexs)
-
-    sshd_process = subprocess.Popen([sshd,
+def do_handshake(ssh, sshd, test_sig, test_kex):
+    sshd_process = subprocess.Popen([sshd, 
                                     '-f', os.path.abspath('regress/sshd_config'),
-                                    "-o", "KexAlgorithms={}".format(random_kex),
-                                    "-o", "HostKeyAlgorithms={}".format(random_sig),
+                                    "-o", "KexAlgorithms={}".format(test_kex),
+                                    "-o", "HostKeyAlgorithms={}".format(test_sig),
                                     '-D'],
                                      stdout=subprocess.PIPE,
                                      stderr=subprocess.STDOUT)
 
-    # sshd should (hopefully?) start in 10 seconds.
-    time.sleep(10)
+    # sshd should locally (hopefully?) start within 1 second. If activating Rainbow, at least an order of magnitude more delay must be considered.
+    time.sleep(1)
 
     # Try to connect to it with the client
     ssh_process = subprocess.run([ssh,
                                  '-F', os.path.abspath('regress/ssh_config'),
-                                 "-o", "HostKeyAlgorithms={}".format(random_sig),
+                                 "-o", "HostKeyAlgorithms={}".format(test_sig),
                                  'somehost', 'true'],
                                  stdout=subprocess.PIPE,
                                  stderr=subprocess.STDOUT)
     ssh_stdout = ssh_process.stdout.decode()
     sshd_process.kill()
 
-    assert "debug1: kex: algorithm: {}".format(random_kex) in ssh_stdout, ssh_stdout
-    assert "debug1: kex: host key algorithm: {}".format(random_sig) in ssh_stdout, ssh_stdout
+    #print("SSHD: %s\n\n" % (sshd_process.stdout.read().decode()))
+    assert "debug1: kex: algorithm: {}".format(test_kex) in ssh_stdout, ssh_stdout
+    assert "debug1: kex: host key algorithm: {}".format(test_sig) in ssh_stdout, ssh_stdout
     assert ssh_process.returncode == 0, ssh_stdout
 
-    print("Success! Key Exchange Algorithm: {}. Signature Algorithm: {}.".format(random_kex, random_sig))
+    print("Success! Key Exchange Algorithm: {}. Signature Algorithm: {}.".format(test_kex, test_sig))
+
+def try_handshake(ssh, sshd, dorandom="random"):
+    if dorandom!="random":
+       for test_kex in kexs:
+           for test_sig in sigs:
+               if dorandom=="doall" or (dorandom=="doone" and (test_kex==kexs[0] or test_sig==sigs[0])):
+                   do_handshake(ssh, sshd, test_sig, test_kex)
+    else:
+       test_sig = random.choice(sigs)
+       test_kex = random.choice(kexs)
+       do_handshake(ssh, sshd, test_sig, test_kex)
 
 if __name__ == '__main__':
-    try_handshake(os.path.abspath('ssh'), os.path.abspath('sshd'))
+    if len(sys.argv)==1:
+        try_handshake(os.path.abspath('ssh'), os.path.abspath('sshd'))
+    else:
+        try_handshake(os.path.abspath('ssh'), os.path.abspath('sshd'), dorandom=sys.argv[1])
+
diff --git a/oqs-utils.c b/oqs-utils.c
index 0dab6646eb88..6c371f22ceca 100644
--- a/oqs-utils.c
+++ b/oqs-utils.c
@@ -5,7 +5,13 @@ int oqs_utils_is_rsa_hybrid(int keytype) {
 ///// OQS_TEMPLATE_FRAGMENT_LIST_RSA_HYBRIDS_START
         case KEY_RSA3072_OQS_DEFAULT:
             return 1;
-        case KEY_RSA3072_DILITHIUM_2:
+        case KEY_RSA3072_FALCON_512:
+            return 1;
+        case KEY_RSA3072_DILITHIUM_2_AES:
+            return 1;
+        case KEY_RSA3072_PICNIC_L1_FULL:
+            return 1;
+        case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
             return 1;
 ///// OQS_TEMPLATE_FRAGMENT_LIST_RSA_HYBRIDS_END
     }
@@ -17,11 +23,23 @@ int oqs_utils_is_ecdsa_hybrid(int keytype) {
 ///// OQS_TEMPLATE_FRAGMENT_LIST_ECDSA_HYBRIDS_START
         case KEY_ECDSA_NISTP256_OQS_DEFAULT:
             return 1;
-        case KEY_ECDSA_NISTP256_DILITHIUM_2:
+        case KEY_ECDSA_NISTP256_FALCON_512:
+            return 1;
+        case KEY_ECDSA_NISTP521_FALCON_1024:
             return 1;
         case KEY_ECDSA_NISTP384_DILITHIUM_3:
             return 1;
-        case KEY_ECDSA_NISTP521_DILITHIUM_5:
+        case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+            return 1;
+        case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+            return 1;
+        case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+            return 1;
+        case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+            return 1;
+        case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+            return 1;
+        case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
             return 1;
 ///// OQS_TEMPLATE_FRAGMENT_LIST_ECDSA_HYBRIDS_END
     }
diff --git a/oqs-utils.h b/oqs-utils.h
index 8c6ab99d87df..5a8ff773c499 100644
--- a/oqs-utils.h
+++ b/oqs-utils.h
@@ -8,19 +8,34 @@
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_CASE_MACROS_START
 #define CASE_KEY_OQS \
 	case KEY_OQS_DEFAULT: \
-	case KEY_DILITHIUM_2: \
+	case KEY_FALCON_512: \
+	case KEY_FALCON_1024: \
 	case KEY_DILITHIUM_3: \
-	case KEY_DILITHIUM_5
+	case KEY_DILITHIUM_2_AES: \
+	case KEY_DILITHIUM_5_AES: \
+	case KEY_PICNIC_L1_FULL: \
+	case KEY_PICNIC_L3_FS: \
+	case KEY_SPHINCS_HARAKA_128F_SIMPLE: \
+	case KEY_SPHINCS_HARAKA_192F_ROBUST
 
 #define CASE_KEY_RSA_HYBRID \
 	case KEY_RSA3072_OQS_DEFAULT: \
-	case KEY_RSA3072_DILITHIUM_2
+	case KEY_RSA3072_FALCON_512: \
+	case KEY_RSA3072_DILITHIUM_2_AES: \
+	case KEY_RSA3072_PICNIC_L1_FULL: \
+	case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE
 
 #define CASE_KEY_ECDSA_HYBRID \
 	case KEY_ECDSA_NISTP256_OQS_DEFAULT: \
-	case KEY_ECDSA_NISTP256_DILITHIUM_2: \
+	case KEY_ECDSA_NISTP256_FALCON_512: \
+	case KEY_ECDSA_NISTP521_FALCON_1024: \
 	case KEY_ECDSA_NISTP384_DILITHIUM_3: \
-	case KEY_ECDSA_NISTP521_DILITHIUM_5
+	case KEY_ECDSA_NISTP256_DILITHIUM_2_AES: \
+	case KEY_ECDSA_NISTP521_DILITHIUM_5_AES: \
+	case KEY_ECDSA_NISTP256_PICNIC_L1_FULL: \
+	case KEY_ECDSA_NISTP384_PICNIC_L3_FS: \
+	case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE: \
+	case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_CASE_MACROS_END
 
 #define CASE_KEY_HYBRID \
diff --git a/packet.c b/packet.c
index 00e3180cb0ab..2755b94ae50b 100644
--- a/packet.c
+++ b/packet.c
@@ -103,7 +103,8 @@
 #define DBG(x)
 #endif
 
-#define PACKET_MAX_SIZE (256 * 1024)
+// OQS: Increasing for McEliece and Rainbow:
+#define PACKET_MAX_SIZE (2500 * 1024)
 
 struct packet_state {
 	u_int32_t seqnr;
diff --git a/pathnames.h b/pathnames.h
index ab8341d1b45a..1d0a74b3b0f2 100644
--- a/pathnames.h
+++ b/pathnames.h
@@ -45,13 +45,28 @@
 #define _PATH_HOST_OQS_DEFAULT_KEY_FILE SSHDIR "/ssh_host_oqsdefault_key"
 #define _PATH_HOST_RSA3072_OQS_DEFAULT_KEY_FILE SSHDIR "/ssh_host_rsa3072_oqsdefault_key"
 #define _PATH_HOST_ECDSA_NISTP256_OQS_DEFAULT_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_oqsdefault_key"
-#define _PATH_HOST_DILITHIUM_2_KEY_FILE SSHDIR "/ssh_host_dilithium2_key"
-#define _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE SSHDIR "/ssh_host_rsa3072_dilithium2_key"
-#define _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_dilithium2_key"
+#define _PATH_HOST_FALCON_512_KEY_FILE SSHDIR "/ssh_host_falcon512_key"
+#define _PATH_HOST_RSA3072_FALCON_512_KEY_FILE SSHDIR "/ssh_host_rsa3072_falcon512_key"
+#define _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_falcon512_key"
+#define _PATH_HOST_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_falcon1024_key"
+#define _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_falcon1024_key"
 #define _PATH_HOST_DILITHIUM_3_KEY_FILE SSHDIR "/ssh_host_dilithium3_key"
 #define _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp384_dilithium3_key"
-#define _PATH_HOST_DILITHIUM_5_KEY_FILE SSHDIR "/ssh_host_dilithium5_key"
-#define _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_dilithium5_key"
+#define _PATH_HOST_DILITHIUM_2_AES_KEY_FILE SSHDIR "/ssh_host_dilithium2aes_key"
+#define _PATH_HOST_RSA3072_DILITHIUM_2_AES_KEY_FILE SSHDIR "/ssh_host_rsa3072_dilithium2aes_key"
+#define _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_AES_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_dilithium2aes_key"
+#define _PATH_HOST_DILITHIUM_5_AES_KEY_FILE SSHDIR "/ssh_host_dilithium5aes_key"
+#define _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_AES_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp521_dilithium5aes_key"
+#define _PATH_HOST_PICNIC_L1_FULL_KEY_FILE SSHDIR "/ssh_host_picnicL1full_key"
+#define _PATH_HOST_RSA3072_PICNIC_L1_FULL_KEY_FILE SSHDIR "/ssh_host_rsa3072_picnicL1full_key"
+#define _PATH_HOST_ECDSA_NISTP256_PICNIC_L1_FULL_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_picnicL1full_key"
+#define _PATH_HOST_PICNIC_L3_FS_KEY_FILE SSHDIR "/ssh_host_picnicL3FS_key"
+#define _PATH_HOST_ECDSA_NISTP384_PICNIC_L3_FS_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp384_picnicL3FS_key"
+#define _PATH_HOST_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_sphincsharaka128fsimple_key"
+#define _PATH_HOST_RSA3072_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_rsa3072_sphincsharaka128fsimple_key"
+#define _PATH_HOST_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp256_sphincsharaka128fsimple_key"
+#define _PATH_HOST_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE SSHDIR "/ssh_host_sphincsharaka192frobust_key"
+#define _PATH_HOST_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE SSHDIR "/ssh_host_ecdsa_nistp384_sphincsharaka192frobust_key"
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEY_FILE_PATHS_END
 #define _PATH_DH_MODULI			SSHDIR "/moduli"
 
@@ -95,13 +110,28 @@
 #define _PATH_SSH_CLIENT_ID_OQS_DEFAULT _PATH_SSH_USER_DIR "/id_oqsdefault"
 #define _PATH_SSH_CLIENT_ID_RSA3072_OQS_DEFAULT _PATH_SSH_USER_DIR "/id_rsa3072_oqsdefault"
 #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_OQS_DEFAULT _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_oqsdefault"
-#define _PATH_SSH_CLIENT_ID_DILITHIUM_2 _PATH_SSH_USER_DIR "/id_dilithium2"
-#define _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2 _PATH_SSH_USER_DIR "/id_rsa3072_dilithium2"
-#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_dilithium2"
+#define _PATH_SSH_CLIENT_ID_FALCON_512 _PATH_SSH_USER_DIR "/id_falcon512"
+#define _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512 _PATH_SSH_USER_DIR "/id_rsa3072_falcon512"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512 _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_falcon512"
+#define _PATH_SSH_CLIENT_ID_FALCON_1024 _PATH_SSH_USER_DIR "/id_falcon1024"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_falcon1024"
 #define _PATH_SSH_CLIENT_ID_DILITHIUM_3 _PATH_SSH_USER_DIR "/id_dilithium3"
 #define _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3 _PATH_SSH_USER_DIR "/id_ecdsa_nistp384_dilithium3"
-#define _PATH_SSH_CLIENT_ID_DILITHIUM_5 _PATH_SSH_USER_DIR "/id_dilithium5"
-#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5 _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_dilithium5"
+#define _PATH_SSH_CLIENT_ID_DILITHIUM_2_AES _PATH_SSH_USER_DIR "/id_dilithium2aes"
+#define _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2_AES _PATH_SSH_USER_DIR "/id_rsa3072_dilithium2aes"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2_AES _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_dilithium2aes"
+#define _PATH_SSH_CLIENT_ID_DILITHIUM_5_AES _PATH_SSH_USER_DIR "/id_dilithium5aes"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5_AES _PATH_SSH_USER_DIR "/id_ecdsa_nistp521_dilithium5aes"
+#define _PATH_SSH_CLIENT_ID_PICNIC_L1_FULL _PATH_SSH_USER_DIR "/id_picnicL1full"
+#define _PATH_SSH_CLIENT_ID_RSA3072_PICNIC_L1_FULL _PATH_SSH_USER_DIR "/id_rsa3072_picnicL1full"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_PICNIC_L1_FULL _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_picnicL1full"
+#define _PATH_SSH_CLIENT_ID_PICNIC_L3_FS _PATH_SSH_USER_DIR "/id_picnicL3FS"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_PICNIC_L3_FS _PATH_SSH_USER_DIR "/id_ecdsa_nistp384_picnicL3FS"
+#define _PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_128F_SIMPLE _PATH_SSH_USER_DIR "/id_sphincsharaka128fsimple"
+#define _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_HARAKA_128F_SIMPLE _PATH_SSH_USER_DIR "/id_rsa3072_sphincsharaka128fsimple"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE _PATH_SSH_USER_DIR "/id_ecdsa_nistp256_sphincsharaka128fsimple"
+#define _PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_192F_ROBUST _PATH_SSH_USER_DIR "/id_sphincsharaka192frobust"
+#define _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST _PATH_SSH_USER_DIR "/id_ecdsa_nistp384_sphincsharaka192frobust"
 ///// OQS_TEMPLATE_FRAGMENT_ADD_ID_FILE_PATHS_END
 
 /*
diff --git a/readconf.c b/readconf.c
index b7fc4b22a01f..2e17af76f0a6 100644
--- a/readconf.c
+++ b/readconf.c
@@ -2171,23 +2171,35 @@ fill_default_options(Options * options)
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0);
 ///// OQS_TEMPLATE_FRAGMENT_ADD_ID_FILES_START
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_OQS_DEFAULT, 0);
-		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_2, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_FALCON_512, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_FALCON_1024, 0);
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_3, 0);
-		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_5, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_2_AES, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_5_AES, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_PICNIC_L1_FULL, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_PICNIC_L3_FS, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_128F_SIMPLE, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_192F_ROBUST, 0);
 #ifdef WITH_OPENSSL
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_OQS_DEFAULT, 0);
-		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2_AES, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_PICNIC_L1_FULL, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_HARAKA_128F_SIMPLE, 0);
 #ifdef OPENSSL_HAS_ECC
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_OQS_DEFAULT, 0);
-		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024, 0);
 		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3, 0);
-		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2_AES, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5_AES, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_PICNIC_L1_FULL, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_PICNIC_L3_FS, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE, 0);
+		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST, 0);
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_ID_FILES_END
-#ifdef OPENSSL_HAS_ECC
-		add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DILITHIUM_2, 0);
-#endif
 	}
 	if (options->escape_char == -1)
 		options->escape_char = '~';
diff --git a/regress/keygen-comment.sh b/regress/keygen-comment.sh
index 560a329713bd..7db874789d56 100644
--- a/regress/keygen-comment.sh
+++ b/regress/keygen-comment.sh
@@ -32,9 +32,15 @@ for fmt in '' RFC4716 PKCS8 PEM; do
 		ssh-ed25519|*openssh.com) test -z "$oldfmt" || continue ;;
 ##### OQS_TEMPLATE_FRAGMENT_EXCLUDE_OQS_ALGS_START
 		*oqsdefault*) test -z "$oldfmt" || continue ;;
-		*dilithium2*) test -z "$oldfmt" || continue ;;
+		*falcon512*) test -z "$oldfmt" || continue ;;
+		*falcon1024*) test -z "$oldfmt" || continue ;;
 		*dilithium3*) test -z "$oldfmt" || continue ;;
-		*dilithium5*) test -z "$oldfmt" || continue ;;
+		*dilithium2aes*) test -z "$oldfmt" || continue ;;
+		*dilithium5aes*) test -z "$oldfmt" || continue ;;
+		*picnicL1full*) test -z "$oldfmt" || continue ;;
+		*picnicL3FS*) test -z "$oldfmt" || continue ;;
+		*sphincsharaka128fsimple*) test -z "$oldfmt" || continue ;;
+		*sphincsharaka192frobust*) test -z "$oldfmt" || continue ;;
 ##### OQS_TEMPLATE_FRAGMENT_EXCLUDE_OQS_ALGS_END
 		esac
 		comment="foo bar"
diff --git a/servconf.c b/servconf.c
index c44b8e5955c6..f97209c33c2d 100644
--- a/servconf.c
+++ b/servconf.c
@@ -320,25 +320,55 @@ fill_default_server_options(ServerOptions *options)
 		servconf_add_hostkey("[default]", 0, options,
 		    _PATH_HOST_OQS_DEFAULT_KEY_FILE, 0);
 		servconf_add_hostkey("[default]", 0, options,
-		    _PATH_HOST_DILITHIUM_2_KEY_FILE, 0);
+		    _PATH_HOST_FALCON_512_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_FALCON_1024_KEY_FILE, 0);
 		servconf_add_hostkey("[default]", 0, options,
 		    _PATH_HOST_DILITHIUM_3_KEY_FILE, 0);
 		servconf_add_hostkey("[default]", 0, options,
-		    _PATH_HOST_DILITHIUM_5_KEY_FILE, 0);
+		    _PATH_HOST_DILITHIUM_2_AES_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_DILITHIUM_5_AES_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_PICNIC_L1_FULL_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_PICNIC_L3_FS_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, 0);
 #ifdef WITH_OPENSSL
 		servconf_add_hostkey("[default]", 0, options,
 		    _PATH_HOST_RSA3072_OQS_DEFAULT_KEY_FILE, 0);
 		servconf_add_hostkey("[default]", 0, options,
-		    _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, 0);
+		    _PATH_HOST_RSA3072_FALCON_512_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_RSA3072_DILITHIUM_2_AES_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_RSA3072_PICNIC_L1_FULL_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_RSA3072_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, 0);
 #ifdef OPENSSL_HAS_ECC
 		servconf_add_hostkey("[default]", 0, options,
 		    _PATH_HOST_ECDSA_NISTP256_OQS_DEFAULT_KEY_FILE, 0);
 		servconf_add_hostkey("[default]", 0, options,
-		    _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, 0);
+		    _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, 0);
 		servconf_add_hostkey("[default]", 0, options,
 		    _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, 0);
 		servconf_add_hostkey("[default]", 0, options,
-		    _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, 0);
+		    _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_AES_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_AES_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_ECDSA_NISTP256_PICNIC_L1_FULL_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_ECDSA_NISTP384_PICNIC_L3_FS_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, 0);
+		servconf_add_hostkey("[default]", 0, options,
+		    _PATH_HOST_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, 0);
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_SERVER_ADD_HOSTKEYS_END
diff --git a/sk-api.h b/sk-api.h
index fcc0ea38de49..65604f26f70b 100644
--- a/sk-api.h
+++ b/sk-api.h
@@ -35,13 +35,28 @@
 #define SSH_SK_OQS_DEFAULT 0x02
 #define SSH_SK_RSA3072_OQS_DEFAULT 0x03
 #define SSH_SK_ECDSA_NISTP256_OQS_DEFAULT 0x04
-#define SSH_SK_DILITHIUM_2 0x05
-#define SSH_SK_RSA3072_DILITHIUM_2 0x06
-#define SSH_SK_ECDSA_NISTP256_DILITHIUM_2 0x07
-#define SSH_SK_DILITHIUM_3 0x08
-#define SSH_SK_ECDSA_NISTP384_DILITHIUM_3 0x09
-#define SSH_SK_DILITHIUM_5 0x0A
-#define SSH_SK_ECDSA_NISTP521_DILITHIUM_5 0x0B
+#define SSH_SK_FALCON_512 0x05
+#define SSH_SK_RSA3072_FALCON_512 0x06
+#define SSH_SK_ECDSA_NISTP256_FALCON_512 0x07
+#define SSH_SK_FALCON_1024 0x08
+#define SSH_SK_ECDSA_NISTP521_FALCON_1024 0x09
+#define SSH_SK_DILITHIUM_3 0x0A
+#define SSH_SK_ECDSA_NISTP384_DILITHIUM_3 0x0B
+#define SSH_SK_DILITHIUM_2_AES 0x0C
+#define SSH_SK_RSA3072_DILITHIUM_2_AES 0x0D
+#define SSH_SK_ECDSA_NISTP256_DILITHIUM_2_AES 0x0E
+#define SSH_SK_DILITHIUM_5_AES 0x0F
+#define SSH_SK_ECDSA_NISTP521_DILITHIUM_5_AES 0x10
+#define SSH_SK_PICNIC_L1_FULL 0x11
+#define SSH_SK_RSA3072_PICNIC_L1_FULL 0x12
+#define SSH_SK_ECDSA_NISTP256_PICNIC_L1_FULL 0x13
+#define SSH_SK_PICNIC_L3_FS 0x14
+#define SSH_SK_ECDSA_NISTP384_PICNIC_L3_FS 0x15
+#define SSH_SK_SPHINCS_HARAKA_128F_SIMPLE 0x16
+#define SSH_SK_RSA3072_SPHINCS_HARAKA_128F_SIMPLE 0x17
+#define SSH_SK_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE 0x18
+#define SSH_SK_SPHINCS_HARAKA_192F_ROBUST 0x19
+#define SSH_SK_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST 0x1A
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_SSH_SKS_END
 
 /* Error codes */
diff --git a/ssh-add.c b/ssh-add.c
index a354f4d6ec75..d02fa2f1c039 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -87,17 +87,32 @@ static char *default_files[] = {
 	_PATH_SSH_CLIENT_ID_XMSS,
 ///// OQS_TEMPLATE_FRAGMENT_ADD_DEFAULT_ID_FILES_START
 	_PATH_SSH_CLIENT_ID_OQS_DEFAULT,
-	_PATH_SSH_CLIENT_ID_DILITHIUM_2,
+	_PATH_SSH_CLIENT_ID_FALCON_512,
+	_PATH_SSH_CLIENT_ID_FALCON_1024,
 	_PATH_SSH_CLIENT_ID_DILITHIUM_3,
-	_PATH_SSH_CLIENT_ID_DILITHIUM_5,
+	_PATH_SSH_CLIENT_ID_DILITHIUM_2_AES,
+	_PATH_SSH_CLIENT_ID_DILITHIUM_5_AES,
+	_PATH_SSH_CLIENT_ID_PICNIC_L1_FULL,
+	_PATH_SSH_CLIENT_ID_PICNIC_L3_FS,
+	_PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_128F_SIMPLE,
+	_PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_192F_ROBUST,
 #ifdef WITH_OPENSSL
 	_PATH_SSH_CLIENT_ID_RSA3072_OQS_DEFAULT,
-	_PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2,
+	_PATH_SSH_CLIENT_ID_RSA3072_FALCON_512,
+	_PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2_AES,
+	_PATH_SSH_CLIENT_ID_RSA3072_PICNIC_L1_FULL,
+	_PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_HARAKA_128F_SIMPLE,
 #ifdef OPENSSL_HAS_ECC
 	_PATH_SSH_CLIENT_ID_ECDSA_NISTP256_OQS_DEFAULT,
-	_PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024,
 	_PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3,
-	_PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2_AES,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5_AES,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP256_PICNIC_L1_FULL,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP384_PICNIC_L3_FS,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE,
+	_PATH_SSH_CLIENT_ID_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST,
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ADD_DEFAULT_ID_FILES_END
diff --git a/ssh-keygen.c b/ssh-keygen.c
index e0e9b5021999..84cd90599543 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -217,12 +217,21 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 		if (name == NULL && oqs_utils_is_ecdsa_hybrid(type)) {
 		  switch (type) {
 ///// OQS_TEMPLATE_FRAGMENT_HANDLE_ECDSA_HYBRIDS_START
+		  case KEY_ECDSA_NISTP521_FALCON_1024:
+		    *bitsp = 521;
+		    break;
 		  case KEY_ECDSA_NISTP384_DILITHIUM_3:
 		    *bitsp = 384;
 		    break;
-		  case KEY_ECDSA_NISTP521_DILITHIUM_5:
+		  case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
 		    *bitsp = 521;
 		    break;
+		  case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+		    *bitsp = 384;
+		    break;
+		  case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+		    *bitsp = 384;
+		    break;
 ///// OQS_TEMPLATE_FRAGMENT_HANDLE_ECDSA_HYBRIDS_END
 		  }
 		}
@@ -322,34 +331,79 @@ ask_filename(struct passwd *pw, const char *prompt)
 		  case KEY_OQS_DEFAULT:
 		    name = _PATH_SSH_CLIENT_ID_OQS_DEFAULT;
 		    break;
-		  case KEY_DILITHIUM_2:
-		    name = _PATH_SSH_CLIENT_ID_DILITHIUM_2;
+		  case KEY_FALCON_512:
+		    name = _PATH_SSH_CLIENT_ID_FALCON_512;
+		    break;
+		  case KEY_FALCON_1024:
+		    name = _PATH_SSH_CLIENT_ID_FALCON_1024;
 		    break;
 		  case KEY_DILITHIUM_3:
 		    name = _PATH_SSH_CLIENT_ID_DILITHIUM_3;
 		    break;
-		  case KEY_DILITHIUM_5:
-		    name = _PATH_SSH_CLIENT_ID_DILITHIUM_5;
+		  case KEY_DILITHIUM_2_AES:
+		    name = _PATH_SSH_CLIENT_ID_DILITHIUM_2_AES;
+		    break;
+		  case KEY_DILITHIUM_5_AES:
+		    name = _PATH_SSH_CLIENT_ID_DILITHIUM_5_AES;
+		    break;
+		  case KEY_PICNIC_L1_FULL:
+		    name = _PATH_SSH_CLIENT_ID_PICNIC_L1_FULL;
+		    break;
+		  case KEY_PICNIC_L3_FS:
+		    name = _PATH_SSH_CLIENT_ID_PICNIC_L3_FS;
+		    break;
+		  case KEY_SPHINCS_HARAKA_128F_SIMPLE:
+		    name = _PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_128F_SIMPLE;
+		    break;
+		  case KEY_SPHINCS_HARAKA_192F_ROBUST:
+		    name = _PATH_SSH_CLIENT_ID_SPHINCS_HARAKA_192F_ROBUST;
 		    break;
 #ifdef WITH_OPENSSL
 		  case KEY_RSA3072_OQS_DEFAULT:
 		    name = _PATH_SSH_CLIENT_ID_RSA3072_OQS_DEFAULT;
 		    break;
-		  case KEY_RSA3072_DILITHIUM_2:
-		    name = _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2;
+		  case KEY_RSA3072_FALCON_512:
+		    name = _PATH_SSH_CLIENT_ID_RSA3072_FALCON_512;
+		    break;
+		  case KEY_RSA3072_DILITHIUM_2_AES:
+		    name = _PATH_SSH_CLIENT_ID_RSA3072_DILITHIUM_2_AES;
+		    break;
+		  case KEY_RSA3072_PICNIC_L1_FULL:
+		    name = _PATH_SSH_CLIENT_ID_RSA3072_PICNIC_L1_FULL;
+		    break;
+		  case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+		    name = _PATH_SSH_CLIENT_ID_RSA3072_SPHINCS_HARAKA_128F_SIMPLE;
 		    break;
 #ifdef OPENSSL_HAS_ECC
 		  case KEY_ECDSA_NISTP256_OQS_DEFAULT:
 		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_OQS_DEFAULT;
 		    break;
-		  case KEY_ECDSA_NISTP256_DILITHIUM_2:
-		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2;
+		  case KEY_ECDSA_NISTP256_FALCON_512:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_FALCON_512;
+		    break;
+		  case KEY_ECDSA_NISTP521_FALCON_1024:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_FALCON_1024;
 		    break;
 		  case KEY_ECDSA_NISTP384_DILITHIUM_3:
 		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_DILITHIUM_3;
 		    break;
-		  case KEY_ECDSA_NISTP521_DILITHIUM_5:
-		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5;
+		  case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_DILITHIUM_2_AES;
+		    break;
+		  case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP521_DILITHIUM_5_AES;
+		    break;
+		  case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_PICNIC_L1_FULL;
+		    break;
+		  case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_PICNIC_L3_FS;
+		    break;
+		  case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE;
+		    break;
+		  case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+		    name = _PATH_SSH_CLIENT_ID_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST;
 		    break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
@@ -1115,17 +1169,32 @@ do_gen_all_hostkeys(struct passwd *pw)
 #endif /* WITH_XMSS */
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_TYPES_START
 		{ "oqsdefault", "OQS_DEFAULT", _PATH_HOST_OQS_DEFAULT_KEY_FILE },
-		{ "dilithium2", "DILITHIUM_2", _PATH_HOST_DILITHIUM_2_KEY_FILE },
+		{ "falcon512", "FALCON_512", _PATH_HOST_FALCON_512_KEY_FILE },
+		{ "falcon1024", "FALCON_1024", _PATH_HOST_FALCON_1024_KEY_FILE },
 		{ "dilithium3", "DILITHIUM_3", _PATH_HOST_DILITHIUM_3_KEY_FILE },
-		{ "dilithium5", "DILITHIUM_5", _PATH_HOST_DILITHIUM_5_KEY_FILE },
+		{ "dilithium2aes", "DILITHIUM_2_AES", _PATH_HOST_DILITHIUM_2_AES_KEY_FILE },
+		{ "dilithium5aes", "DILITHIUM_5_AES", _PATH_HOST_DILITHIUM_5_AES_KEY_FILE },
+		{ "picnicL1full", "PICNIC_L1_FULL", _PATH_HOST_PICNIC_L1_FULL_KEY_FILE },
+		{ "picnicL3FS", "PICNIC_L3_FS", _PATH_HOST_PICNIC_L3_FS_KEY_FILE },
+		{ "sphincsharaka128fsimple", "SPHINCS_HARAKA_128F_SIMPLE", _PATH_HOST_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE },
+		{ "sphincsharaka192frobust", "SPHINCS_HARAKA_192F_ROBUST", _PATH_HOST_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE },
 #ifdef WITH_OPENSSL
 		{ "rsa3072_oqsdefault", "RSA3072_OQS_DEFAULT", _PATH_HOST_RSA3072_OQS_DEFAULT_KEY_FILE },
-		{ "rsa3072_dilithium2", "RSA3072_DILITHIUM_2", _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE },
+		{ "rsa3072_falcon512", "RSA3072_FALCON_512", _PATH_HOST_RSA3072_FALCON_512_KEY_FILE },
+		{ "rsa3072_dilithium2aes", "RSA3072_DILITHIUM_2_AES", _PATH_HOST_RSA3072_DILITHIUM_2_AES_KEY_FILE },
+		{ "rsa3072_picnicL1full", "RSA3072_PICNIC_L1_FULL", _PATH_HOST_RSA3072_PICNIC_L1_FULL_KEY_FILE },
+		{ "rsa3072_sphincsharaka128fsimple", "RSA3072_SPHINCS_HARAKA_128F_SIMPLE", _PATH_HOST_RSA3072_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE },
 #ifdef OPENSSL_HAS_ECC
 		{ "ecdsa_nistp256_oqsdefault", "ECDSA_NISTP256_OQS_DEFAULT", _PATH_HOST_ECDSA_NISTP256_OQS_DEFAULT_KEY_FILE },
-		{ "ecdsa_nistp256_dilithium2", "ECDSA_NISTP256_DILITHIUM_2", _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE },
+		{ "ecdsa_nistp256_falcon512", "ECDSA_NISTP256_FALCON_512", _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE },
+		{ "ecdsa_nistp521_falcon1024", "ECDSA_NISTP521_FALCON_1024", _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE },
 		{ "ecdsa_nistp384_dilithium3", "ECDSA_NISTP384_DILITHIUM_3", _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE },
-		{ "ecdsa_nistp521_dilithium5", "ECDSA_NISTP521_DILITHIUM_5", _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE },
+		{ "ecdsa_nistp256_dilithium2aes", "ECDSA_NISTP256_DILITHIUM_2_AES", _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_AES_KEY_FILE },
+		{ "ecdsa_nistp521_dilithium5aes", "ECDSA_NISTP521_DILITHIUM_5_AES", _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_AES_KEY_FILE },
+		{ "ecdsa_nistp256_picnicL1full", "ECDSA_NISTP256_PICNIC_L1_FULL", _PATH_HOST_ECDSA_NISTP256_PICNIC_L1_FULL_KEY_FILE },
+		{ "ecdsa_nistp384_picnicL3FS", "ECDSA_NISTP384_PICNIC_L3_FS", _PATH_HOST_ECDSA_NISTP384_PICNIC_L3_FS_KEY_FILE },
+		{ "ecdsa_nistp256_sphincsharaka128fsimple", "ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE", _PATH_HOST_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE },
+		{ "ecdsa_nistp384_sphincsharaka192frobust", "ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST", _PATH_HOST_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE },
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEY_TYPES_END
@@ -1620,17 +1689,32 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
 	    private->type != KEY_XMSS &&
 	    ///// OQS_TEMPLATE_FRAGMENT_CHECK_PRIVATE_KEY_TYPE_START
 	    private->type != KEY_OQS_DEFAULT &&
-	    private->type != KEY_DILITHIUM_2 &&
+	    private->type != KEY_FALCON_512 &&
+	    private->type != KEY_FALCON_1024 &&
 	    private->type != KEY_DILITHIUM_3 &&
-	    private->type != KEY_DILITHIUM_5 &&
+	    private->type != KEY_DILITHIUM_2_AES &&
+	    private->type != KEY_DILITHIUM_5_AES &&
+	    private->type != KEY_PICNIC_L1_FULL &&
+	    private->type != KEY_PICNIC_L3_FS &&
+	    private->type != KEY_SPHINCS_HARAKA_128F_SIMPLE &&
+	    private->type != KEY_SPHINCS_HARAKA_192F_ROBUST &&
 #ifdef WITH_OPENSSL
 	    private->type != KEY_RSA3072_OQS_DEFAULT &&
-	    private->type != KEY_RSA3072_DILITHIUM_2 &&
+	    private->type != KEY_RSA3072_FALCON_512 &&
+	    private->type != KEY_RSA3072_DILITHIUM_2_AES &&
+	    private->type != KEY_RSA3072_PICNIC_L1_FULL &&
+	    private->type != KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE &&
 #ifdef OPENSSL_HAS_ECC
 	    private->type != KEY_ECDSA_NISTP256_OQS_DEFAULT &&
-	    private->type != KEY_ECDSA_NISTP256_DILITHIUM_2 &&
+	    private->type != KEY_ECDSA_NISTP256_FALCON_512 &&
+	    private->type != KEY_ECDSA_NISTP521_FALCON_1024 &&
 	    private->type != KEY_ECDSA_NISTP384_DILITHIUM_3 &&
-	    private->type != KEY_ECDSA_NISTP521_DILITHIUM_5 &&
+	    private->type != KEY_ECDSA_NISTP256_DILITHIUM_2_AES &&
+	    private->type != KEY_ECDSA_NISTP521_DILITHIUM_5_AES &&
+	    private->type != KEY_ECDSA_NISTP256_PICNIC_L1_FULL &&
+	    private->type != KEY_ECDSA_NISTP384_PICNIC_L3_FS &&
+	    private->type != KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE &&
+	    private->type != KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST &&
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_CHECK_PRIVATE_KEY_TYPE_END
@@ -3664,13 +3748,19 @@ main(int argc, char **argv)
 			    _PATH_HOST_ECDSA_NISTP256_OQS_DEFAULT_KEY_FILE, rr_hostname,
 			    print_generic);
 			n += do_print_resource_record(pw,
-			    _PATH_HOST_DILITHIUM_2_KEY_FILE, rr_hostname,
+			    _PATH_HOST_FALCON_512_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_RSA3072_FALCON_512_KEY_FILE, rr_hostname,
 			    print_generic);
 			n += do_print_resource_record(pw,
-			    _PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, rr_hostname,
+			    _PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, rr_hostname,
 			    print_generic);
 			n += do_print_resource_record(pw,
-			    _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, rr_hostname,
+			    _PATH_HOST_FALCON_1024_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, rr_hostname,
 			    print_generic);
 			n += do_print_resource_record(pw,
 			    _PATH_HOST_DILITHIUM_3_KEY_FILE, rr_hostname,
@@ -3679,10 +3769,49 @@ main(int argc, char **argv)
 			    _PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, rr_hostname,
 			    print_generic);
 			n += do_print_resource_record(pw,
-			    _PATH_HOST_DILITHIUM_5_KEY_FILE, rr_hostname,
+			    _PATH_HOST_DILITHIUM_2_AES_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_RSA3072_DILITHIUM_2_AES_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_AES_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_DILITHIUM_5_AES_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_AES_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_PICNIC_L1_FULL_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_RSA3072_PICNIC_L1_FULL_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_ECDSA_NISTP256_PICNIC_L1_FULL_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_PICNIC_L3_FS_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_ECDSA_NISTP384_PICNIC_L3_FS_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_RSA3072_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, rr_hostname,
+			    print_generic);
+			n += do_print_resource_record(pw,
+			    _PATH_HOST_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, rr_hostname,
 			    print_generic);
 			n += do_print_resource_record(pw,
-			    _PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, rr_hostname,
+			    _PATH_HOST_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, rr_hostname,
 			    print_generic);
 ///// OQS_TEMPLATE_FRAGMENT_PRINT_RESOURCE_RECORDS_END
 			if (n == 0)
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index d0bcbc82e4c0..77a87c44affd 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -68,14 +68,29 @@ int ssh_port = SSH_DEFAULT_PORT;
 #define KT_OQS_DEFAULT ((uint64_t)1<<7)
 #define KT_RSA3072_OQS_DEFAULT ((uint64_t)1<<8)
 #define KT_ECDSA_NISTP256_OQS_DEFAULT ((uint64_t)1<<9)
-#define KT_DILITHIUM_2 ((uint64_t)1<<10)
-#define KT_RSA3072_DILITHIUM_2 ((uint64_t)1<<11)
-#define KT_ECDSA_NISTP256_DILITHIUM_2 ((uint64_t)1<<12)
-#define KT_DILITHIUM_3 ((uint64_t)1<<13)
-#define KT_ECDSA_NISTP384_DILITHIUM_3 ((uint64_t)1<<14)
-#define KT_DILITHIUM_5 ((uint64_t)1<<15)
-#define KT_ECDSA_NISTP521_DILITHIUM_5 ((uint64_t)1<<16)
-#define KT_MAX ((uint64_t)1<<16)
+#define KT_FALCON_512 ((uint64_t)1<<10)
+#define KT_RSA3072_FALCON_512 ((uint64_t)1<<11)
+#define KT_ECDSA_NISTP256_FALCON_512 ((uint64_t)1<<12)
+#define KT_FALCON_1024 ((uint64_t)1<<13)
+#define KT_ECDSA_NISTP521_FALCON_1024 ((uint64_t)1<<14)
+#define KT_DILITHIUM_3 ((uint64_t)1<<15)
+#define KT_ECDSA_NISTP384_DILITHIUM_3 ((uint64_t)1<<16)
+#define KT_DILITHIUM_2_AES ((uint64_t)1<<17)
+#define KT_RSA3072_DILITHIUM_2_AES ((uint64_t)1<<18)
+#define KT_ECDSA_NISTP256_DILITHIUM_2_AES ((uint64_t)1<<19)
+#define KT_DILITHIUM_5_AES ((uint64_t)1<<20)
+#define KT_ECDSA_NISTP521_DILITHIUM_5_AES ((uint64_t)1<<21)
+#define KT_PICNIC_L1_FULL ((uint64_t)1<<22)
+#define KT_RSA3072_PICNIC_L1_FULL ((uint64_t)1<<23)
+#define KT_ECDSA_NISTP256_PICNIC_L1_FULL ((uint64_t)1<<24)
+#define KT_PICNIC_L3_FS ((uint64_t)1<<25)
+#define KT_ECDSA_NISTP384_PICNIC_L3_FS ((uint64_t)1<<26)
+#define KT_SPHINCS_HARAKA_128F_SIMPLE ((uint64_t)1<<27)
+#define KT_RSA3072_SPHINCS_HARAKA_128F_SIMPLE ((uint64_t)1<<28)
+#define KT_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE ((uint64_t)1<<29)
+#define KT_SPHINCS_HARAKA_192F_ROBUST ((uint64_t)1<<30)
+#define KT_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST ((uint64_t)1<<31)
+#define KT_MAX ((uint64_t)1<<31)
 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_KT_MASKS_END
 #define KT_MIN		KT_DSA
 
@@ -85,13 +100,28 @@ uint64_t get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519|KT_ECDSA_SK|KT_ED25519_SK|\
                         KT_OQS_DEFAULT | \
                         KT_RSA3072_OQS_DEFAULT | \
                         KT_ECDSA_NISTP256_OQS_DEFAULT | \
-                        KT_DILITHIUM_2 | \
-                        KT_RSA3072_DILITHIUM_2 | \
-                        KT_ECDSA_NISTP256_DILITHIUM_2 | \
+                        KT_FALCON_512 | \
+                        KT_RSA3072_FALCON_512 | \
+                        KT_ECDSA_NISTP256_FALCON_512 | \
+                        KT_FALCON_1024 | \
+                        KT_ECDSA_NISTP521_FALCON_1024 | \
                         KT_DILITHIUM_3 | \
                         KT_ECDSA_NISTP384_DILITHIUM_3 | \
-                        KT_DILITHIUM_5 | \
-                        KT_ECDSA_NISTP521_DILITHIUM_5;
+                        KT_DILITHIUM_2_AES | \
+                        KT_RSA3072_DILITHIUM_2_AES | \
+                        KT_ECDSA_NISTP256_DILITHIUM_2_AES | \
+                        KT_DILITHIUM_5_AES | \
+                        KT_ECDSA_NISTP521_DILITHIUM_5_AES | \
+                        KT_PICNIC_L1_FULL | \
+                        KT_RSA3072_PICNIC_L1_FULL | \
+                        KT_ECDSA_NISTP256_PICNIC_L1_FULL | \
+                        KT_PICNIC_L3_FS | \
+                        KT_ECDSA_NISTP384_PICNIC_L3_FS | \
+                        KT_SPHINCS_HARAKA_128F_SIMPLE | \
+                        KT_RSA3072_SPHINCS_HARAKA_128F_SIMPLE | \
+                        KT_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE | \
+                        KT_SPHINCS_HARAKA_192F_ROBUST | \
+                        KT_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST;
 ///// OQS_TEMPLATE_FRAGMENT_ADD_KEYTYPES_END
 
 int hash_hosts = 0;		/* Hash hostname on output */
@@ -299,34 +329,79 @@ keygrab_ssh2(con *c)
 	case KT_OQS_DEFAULT:
 	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-oqsdefault";
 	  break;
-	case KT_DILITHIUM_2:
-	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium2";
+	case KT_FALCON_512:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-falcon512";
+	  break;
+	case KT_FALCON_1024:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-falcon1024";
 	  break;
 	case KT_DILITHIUM_3:
 	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium3";
 	  break;
-	case KT_DILITHIUM_5:
-	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium5";
+	case KT_DILITHIUM_2_AES:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium2aes";
+	  break;
+	case KT_DILITHIUM_5_AES:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dilithium5aes";
+	  break;
+	case KT_PICNIC_L1_FULL:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-picnicL1full";
+	  break;
+	case KT_PICNIC_L3_FS:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-picnicL3FS";
+	  break;
+	case KT_SPHINCS_HARAKA_128F_SIMPLE:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-sphincsharaka128fsimple";
+	  break;
+	case KT_SPHINCS_HARAKA_192F_ROBUST:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-sphincsharaka192frobust";
 	  break;
 #ifdef WITH_OPENSSL
 	case KT_RSA3072_OQS_DEFAULT:
 	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-oqsdefault";
 	  break;
-	case KT_RSA3072_DILITHIUM_2:
-	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-dilithium2";
+	case KT_RSA3072_FALCON_512:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-falcon512";
+	  break;
+	case KT_RSA3072_DILITHIUM_2_AES:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-dilithium2aes";
+	  break;
+	case KT_RSA3072_PICNIC_L1_FULL:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-picnicL1full";
+	  break;
+	case KT_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa3072-sphincsharaka128fsimple";
 	  break;
 #ifdef OPENSSL_HAS_ECC
 	case KT_ECDSA_NISTP256_OQS_DEFAULT:
 	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-oqsdefault";
 	  break;
-	case KT_ECDSA_NISTP256_DILITHIUM_2:
-	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-dilithium2";
+	case KT_ECDSA_NISTP256_FALCON_512:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-falcon512";
+	  break;
+	case KT_ECDSA_NISTP521_FALCON_1024:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-falcon1024";
 	  break;
 	case KT_ECDSA_NISTP384_DILITHIUM_3:
 	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp384-dilithium3";
 	  break;
-	case KT_ECDSA_NISTP521_DILITHIUM_5:
-	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-dilithium5";
+	case KT_ECDSA_NISTP256_DILITHIUM_2_AES:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-dilithium2aes";
+	  break;
+	case KT_ECDSA_NISTP521_DILITHIUM_5_AES:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp521-dilithium5aes";
+	  break;
+	case KT_ECDSA_NISTP256_PICNIC_L1_FULL:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-picnicL1full";
+	  break;
+	case KT_ECDSA_NISTP384_PICNIC_L3_FS:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp384-picnicL3FS";
+	  break;
+	case KT_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp256-sphincsharaka128fsimple";
+	  break;
+	case KT_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+	  myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-ecdsa-nistp384-sphincsharaka192frobust";
 	  break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
@@ -359,14 +434,114 @@ keygrab_ssh2(con *c)
 	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_SHA256] = kex_gen_client;
 	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_SHA384] = kex_gen_client;
 	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_client;
 	c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_512_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_768_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_512_90S_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_768_90S_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_1024_90S_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HRSS701_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_SHA384] = kex_gen_client;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	c->c_ssh->kex->kex[KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256] = kex_gen_client;
 	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_client;
 	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384] = kex_gen_client;
 	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client;
 	c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384] = kex_gen_client;
+	c->c_ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384] = kex_gen_client;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_ASSIGN_KEX_GEN_CLIENT_END
@@ -831,14 +1006,20 @@ main(int argc, char **argv)
 				case KEY_ECDSA_NISTP256_OQS_DEFAULT:
 					get_keytypes |= KT_ECDSA_NISTP256_OQS_DEFAULT;
 					break;
-				case KEY_DILITHIUM_2:
-					get_keytypes |= KT_DILITHIUM_2;
+				case KEY_FALCON_512:
+					get_keytypes |= KT_FALCON_512;
 					break;
-				case KEY_RSA3072_DILITHIUM_2:
-					get_keytypes |= KT_RSA3072_DILITHIUM_2;
+				case KEY_RSA3072_FALCON_512:
+					get_keytypes |= KT_RSA3072_FALCON_512;
 					break;
-				case KEY_ECDSA_NISTP256_DILITHIUM_2:
-					get_keytypes |= KT_ECDSA_NISTP256_DILITHIUM_2;
+				case KEY_ECDSA_NISTP256_FALCON_512:
+					get_keytypes |= KT_ECDSA_NISTP256_FALCON_512;
+					break;
+				case KEY_FALCON_1024:
+					get_keytypes |= KT_FALCON_1024;
+					break;
+				case KEY_ECDSA_NISTP521_FALCON_1024:
+					get_keytypes |= KT_ECDSA_NISTP521_FALCON_1024;
 					break;
 				case KEY_DILITHIUM_3:
 					get_keytypes |= KT_DILITHIUM_3;
@@ -846,11 +1027,50 @@ main(int argc, char **argv)
 				case KEY_ECDSA_NISTP384_DILITHIUM_3:
 					get_keytypes |= KT_ECDSA_NISTP384_DILITHIUM_3;
 					break;
-				case KEY_DILITHIUM_5:
-					get_keytypes |= KT_DILITHIUM_5;
+				case KEY_DILITHIUM_2_AES:
+					get_keytypes |= KT_DILITHIUM_2_AES;
+					break;
+				case KEY_RSA3072_DILITHIUM_2_AES:
+					get_keytypes |= KT_RSA3072_DILITHIUM_2_AES;
+					break;
+				case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+					get_keytypes |= KT_ECDSA_NISTP256_DILITHIUM_2_AES;
+					break;
+				case KEY_DILITHIUM_5_AES:
+					get_keytypes |= KT_DILITHIUM_5_AES;
+					break;
+				case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+					get_keytypes |= KT_ECDSA_NISTP521_DILITHIUM_5_AES;
+					break;
+				case KEY_PICNIC_L1_FULL:
+					get_keytypes |= KT_PICNIC_L1_FULL;
+					break;
+				case KEY_RSA3072_PICNIC_L1_FULL:
+					get_keytypes |= KT_RSA3072_PICNIC_L1_FULL;
+					break;
+				case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+					get_keytypes |= KT_ECDSA_NISTP256_PICNIC_L1_FULL;
+					break;
+				case KEY_PICNIC_L3_FS:
+					get_keytypes |= KT_PICNIC_L3_FS;
+					break;
+				case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+					get_keytypes |= KT_ECDSA_NISTP384_PICNIC_L3_FS;
+					break;
+				case KEY_SPHINCS_HARAKA_128F_SIMPLE:
+					get_keytypes |= KT_SPHINCS_HARAKA_128F_SIMPLE;
+					break;
+				case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+					get_keytypes |= KT_RSA3072_SPHINCS_HARAKA_128F_SIMPLE;
+					break;
+				case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+					get_keytypes |= KT_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE;
+					break;
+				case KEY_SPHINCS_HARAKA_192F_ROBUST:
+					get_keytypes |= KT_SPHINCS_HARAKA_192F_ROBUST;
 					break;
-				case KEY_ECDSA_NISTP521_DILITHIUM_5:
-					get_keytypes |= KT_ECDSA_NISTP521_DILITHIUM_5;
+				case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+					get_keytypes |= KT_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST;
 					break;
 ///// OQS_TEMPLATE_FRAGMENT_ADD_TO_GET_KEYTYPES_END
 				case KEY_UNSPEC:
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 60049d050284..f1033dabab5e 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -166,7 +166,7 @@ main(int argc, char **argv)
 	struct sshbuf *b;
 	Options options;
 ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_START
-#define NUM_KEYTYPES 5 + 10
+#define NUM_KEYTYPES 5 + 25
 ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_END
 	struct sshkey *keys[NUM_KEYTYPES], *key = NULL;
 	struct passwd *pw;
@@ -196,13 +196,28 @@ main(int argc, char **argv)
 	key_fd[i++] = open(_PATH_HOST_OQS_DEFAULT_KEY_FILE, O_RDONLY);
 	key_fd[i++] = open(_PATH_HOST_RSA3072_OQS_DEFAULT_KEY_FILE, O_RDONLY);
 	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_OQS_DEFAULT_KEY_FILE, O_RDONLY);
-	key_fd[i++] = open(_PATH_HOST_DILITHIUM_2_KEY_FILE, O_RDONLY);
-	key_fd[i++] = open(_PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, O_RDONLY);
-	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_FALCON_512_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_RSA3072_FALCON_512_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_FALCON_1024_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, O_RDONLY);
 	key_fd[i++] = open(_PATH_HOST_DILITHIUM_3_KEY_FILE, O_RDONLY);
 	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, O_RDONLY);
-	key_fd[i++] = open(_PATH_HOST_DILITHIUM_5_KEY_FILE, O_RDONLY);
-	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_DILITHIUM_2_AES_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_RSA3072_DILITHIUM_2_AES_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_AES_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_DILITHIUM_5_AES_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_AES_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_PICNIC_L1_FULL_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_RSA3072_PICNIC_L1_FULL_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_PICNIC_L1_FULL_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_PICNIC_L3_FS_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP384_PICNIC_L3_FS_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_RSA3072_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, O_RDONLY);
+	key_fd[i++] = open(_PATH_HOST_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, O_RDONLY);
 ///// OQS_TEMPLATE_FRAGMENT_OPEN_KEY_FILES_END
 	if ((pw = getpwuid(getuid())) == NULL)
 		fatal("getpwuid failed");
diff --git a/ssh-oqs.c b/ssh-oqs.c
index 9aa827301208..9ce6286ef584 100644
--- a/ssh-oqs.c
+++ b/ssh-oqs.c
@@ -192,36 +192,70 @@ int ssh_oqsdefault_verify(const struct sshkey *key,
     return r;
 }
 /*---------------------------------------------------
- * DILITHIUM_2 METHODS
+ * FALCON_512 METHODS
  *---------------------------------------------------
  */
-int ssh_dilithium2_sign(const struct sshkey *key,
+int ssh_falcon512_sign(const struct sshkey *key,
                      u_char **sigp,
                      size_t *lenp,
                      const u_char *data,
                      size_t datalen,
                      u_int compat)
 {
-    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2);
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_falcon_512);
     if (sig == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
-    int r = ssh_generic_sign(sig, "dilithium2", key, sigp, lenp, data, datalen, compat);
+    int r = ssh_generic_sign(sig, "falcon512", key, sigp, lenp, data, datalen, compat);
     OQS_SIG_free(sig);
     return r;
 }
-int ssh_dilithium2_verify(const struct sshkey *key,
+int ssh_falcon512_verify(const struct sshkey *key,
                        const u_char *signature,
                        size_t signaturelen,
                        const u_char *data,
                        size_t datalen,
                        u_int compat)
 {
-    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2);
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_falcon_512);
     if (sig == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
-    int r = ssh_generic_verify(sig, "dilithium2", key, signature, signaturelen, data, datalen, compat);
+    int r = ssh_generic_verify(sig, "falcon512", key, signature, signaturelen, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+/*---------------------------------------------------
+ * FALCON_1024 METHODS
+ *---------------------------------------------------
+ */
+int ssh_falcon1024_sign(const struct sshkey *key,
+                     u_char **sigp,
+                     size_t *lenp,
+                     const u_char *data,
+                     size_t datalen,
+                     u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_falcon_1024);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_sign(sig, "falcon1024", key, sigp, lenp, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+int ssh_falcon1024_verify(const struct sshkey *key,
+                       const u_char *signature,
+                       size_t signaturelen,
+                       const u_char *data,
+                       size_t datalen,
+                       u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_falcon_1024);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_verify(sig, "falcon1024", key, signature, signaturelen, data, datalen, compat);
     OQS_SIG_free(sig);
     return r;
 }
@@ -260,36 +294,206 @@ int ssh_dilithium3_verify(const struct sshkey *key,
     return r;
 }
 /*---------------------------------------------------
- * DILITHIUM_5 METHODS
+ * DILITHIUM_2_AES METHODS
+ *---------------------------------------------------
+ */
+int ssh_dilithium2aes_sign(const struct sshkey *key,
+                     u_char **sigp,
+                     size_t *lenp,
+                     const u_char *data,
+                     size_t datalen,
+                     u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2_aes);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_sign(sig, "dilithium2aes", key, sigp, lenp, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+int ssh_dilithium2aes_verify(const struct sshkey *key,
+                       const u_char *signature,
+                       size_t signaturelen,
+                       const u_char *data,
+                       size_t datalen,
+                       u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_2_aes);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_verify(sig, "dilithium2aes", key, signature, signaturelen, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+/*---------------------------------------------------
+ * DILITHIUM_5_AES METHODS
+ *---------------------------------------------------
+ */
+int ssh_dilithium5aes_sign(const struct sshkey *key,
+                     u_char **sigp,
+                     size_t *lenp,
+                     const u_char *data,
+                     size_t datalen,
+                     u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_5_aes);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_sign(sig, "dilithium5aes", key, sigp, lenp, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+int ssh_dilithium5aes_verify(const struct sshkey *key,
+                       const u_char *signature,
+                       size_t signaturelen,
+                       const u_char *data,
+                       size_t datalen,
+                       u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_5_aes);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_verify(sig, "dilithium5aes", key, signature, signaturelen, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+/*---------------------------------------------------
+ * PICNIC_L1_FULL METHODS
+ *---------------------------------------------------
+ */
+int ssh_picnicL1full_sign(const struct sshkey *key,
+                     u_char **sigp,
+                     size_t *lenp,
+                     const u_char *data,
+                     size_t datalen,
+                     u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_picnic_L1_full);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_sign(sig, "picnicL1full", key, sigp, lenp, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+int ssh_picnicL1full_verify(const struct sshkey *key,
+                       const u_char *signature,
+                       size_t signaturelen,
+                       const u_char *data,
+                       size_t datalen,
+                       u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_picnic_L1_full);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_verify(sig, "picnicL1full", key, signature, signaturelen, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+/*---------------------------------------------------
+ * PICNIC_L3_FS METHODS
+ *---------------------------------------------------
+ */
+int ssh_picnicL3FS_sign(const struct sshkey *key,
+                     u_char **sigp,
+                     size_t *lenp,
+                     const u_char *data,
+                     size_t datalen,
+                     u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_picnic_L3_FS);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_sign(sig, "picnicL3FS", key, sigp, lenp, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+int ssh_picnicL3FS_verify(const struct sshkey *key,
+                       const u_char *signature,
+                       size_t signaturelen,
+                       const u_char *data,
+                       size_t datalen,
+                       u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_picnic_L3_FS);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_verify(sig, "picnicL3FS", key, signature, signaturelen, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+/*---------------------------------------------------
+ * SPHINCS_HARAKA_128F_SIMPLE METHODS
+ *---------------------------------------------------
+ */
+int ssh_sphincsharaka128fsimple_sign(const struct sshkey *key,
+                     u_char **sigp,
+                     size_t *lenp,
+                     const u_char *data,
+                     size_t datalen,
+                     u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_haraka_128f_simple);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_sign(sig, "sphincsharaka128fsimple", key, sigp, lenp, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+int ssh_sphincsharaka128fsimple_verify(const struct sshkey *key,
+                       const u_char *signature,
+                       size_t signaturelen,
+                       const u_char *data,
+                       size_t datalen,
+                       u_int compat)
+{
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_haraka_128f_simple);
+    if (sig == NULL) {
+        return SSH_ERR_ALLOC_FAIL;
+    }
+    int r = ssh_generic_verify(sig, "sphincsharaka128fsimple", key, signature, signaturelen, data, datalen, compat);
+    OQS_SIG_free(sig);
+    return r;
+}
+/*---------------------------------------------------
+ * SPHINCS_HARAKA_192F_ROBUST METHODS
  *---------------------------------------------------
  */
-int ssh_dilithium5_sign(const struct sshkey *key,
+int ssh_sphincsharaka192frobust_sign(const struct sshkey *key,
                      u_char **sigp,
                      size_t *lenp,
                      const u_char *data,
                      size_t datalen,
                      u_int compat)
 {
-    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_5);
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_haraka_192f_robust);
     if (sig == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
-    int r = ssh_generic_sign(sig, "dilithium5", key, sigp, lenp, data, datalen, compat);
+    int r = ssh_generic_sign(sig, "sphincsharaka192frobust", key, sigp, lenp, data, datalen, compat);
     OQS_SIG_free(sig);
     return r;
 }
-int ssh_dilithium5_verify(const struct sshkey *key,
+int ssh_sphincsharaka192frobust_verify(const struct sshkey *key,
                        const u_char *signature,
                        size_t signaturelen,
                        const u_char *data,
                        size_t datalen,
                        u_int compat)
 {
-    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_dilithium_5);
+    OQS_SIG *sig = OQS_SIG_new(OQS_SIG_alg_sphincs_haraka_192f_robust);
     if (sig == NULL) {
         return SSH_ERR_ALLOC_FAIL;
     }
-    int r = ssh_generic_verify(sig, "dilithium5", key, signature, signaturelen, data, datalen, compat);
+    int r = ssh_generic_verify(sig, "sphincsharaka192frobust", key, signature, signaturelen, data, datalen, compat);
     OQS_SIG_free(sig);
     return r;
 }
diff --git a/ssh-rsa.c b/ssh-rsa.c
index f8d81847c070..a251cfce7e7f 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -67,7 +67,10 @@ rsa_hash_id_from_ident(const char *ident)
 	    /* OQS-note: Currently, only L1 algorithms support RSA hybrids */
 ///// OQS_TEMPLATE_FRAGMENT_LIST_L1_RSA_HYBRIDS_START
 	    strcmp(ident, "ssh-rsa3072-oqsdefault") == 0 ||
-	    strcmp(ident, "ssh-rsa3072-dilithium2") == 0)
+	    strcmp(ident, "ssh-rsa3072-falcon512") == 0 ||
+	    strcmp(ident, "ssh-rsa3072-dilithium2aes") == 0 ||
+	    strcmp(ident, "ssh-rsa3072-picnicL1full") == 0 ||
+	    strcmp(ident, "ssh-rsa3072-sphincsharaka128fsimple") == 0)
 ///// OQS_TEMPLATE_FRAGMENT_LIST_L1_RSA_HYBRIDS_END
 		return SSH_DIGEST_SHA256;
 	if (strcmp(ident, "rsa-sha2-512") == 0)
diff --git a/ssh.c b/ssh.c
index 43fb69615fec..3b05fc5427d7 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1564,7 +1564,7 @@ main(int ac, char **av)
 	sensitive_data.keys = NULL;
 	if (options.hostbased_authentication) {
 ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_START
-		sensitive_data.nkeys = 10 + 10;
+		sensitive_data.nkeys = 10 + 25;
 ///// OQS_TEMPLATE_FRAGMENT_COUNT_KEYTYPES_END
 		sensitive_data.keys = xcalloc(sensitive_data.nkeys,
 		    sizeof(struct sshkey));
@@ -1597,13 +1597,28 @@ main(int ac, char **av)
 			L_PUBKEY(_PATH_HOST_OQS_DEFAULT_KEY_FILE, 10);
 			L_PUBKEY(_PATH_HOST_RSA3072_OQS_DEFAULT_KEY_FILE, 11);
 			L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_OQS_DEFAULT_KEY_FILE, 12);
-			L_PUBKEY(_PATH_HOST_DILITHIUM_2_KEY_FILE, 13);
-			L_PUBKEY(_PATH_HOST_RSA3072_DILITHIUM_2_KEY_FILE, 14);
-			L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_KEY_FILE, 15);
-			L_PUBKEY(_PATH_HOST_DILITHIUM_3_KEY_FILE, 16);
-			L_PUBKEY(_PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, 17);
-			L_PUBKEY(_PATH_HOST_DILITHIUM_5_KEY_FILE, 18);
-			L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_KEY_FILE, 19);
+			L_PUBKEY(_PATH_HOST_FALCON_512_KEY_FILE, 13);
+			L_PUBKEY(_PATH_HOST_RSA3072_FALCON_512_KEY_FILE, 14);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_FALCON_512_KEY_FILE, 15);
+			L_PUBKEY(_PATH_HOST_FALCON_1024_KEY_FILE, 16);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_FALCON_1024_KEY_FILE, 17);
+			L_PUBKEY(_PATH_HOST_DILITHIUM_3_KEY_FILE, 18);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP384_DILITHIUM_3_KEY_FILE, 19);
+			L_PUBKEY(_PATH_HOST_DILITHIUM_2_AES_KEY_FILE, 20);
+			L_PUBKEY(_PATH_HOST_RSA3072_DILITHIUM_2_AES_KEY_FILE, 21);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_DILITHIUM_2_AES_KEY_FILE, 22);
+			L_PUBKEY(_PATH_HOST_DILITHIUM_5_AES_KEY_FILE, 23);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP521_DILITHIUM_5_AES_KEY_FILE, 24);
+			L_PUBKEY(_PATH_HOST_PICNIC_L1_FULL_KEY_FILE, 25);
+			L_PUBKEY(_PATH_HOST_RSA3072_PICNIC_L1_FULL_KEY_FILE, 26);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_PICNIC_L1_FULL_KEY_FILE, 27);
+			L_PUBKEY(_PATH_HOST_PICNIC_L3_FS_KEY_FILE, 28);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP384_PICNIC_L3_FS_KEY_FILE, 29);
+			L_PUBKEY(_PATH_HOST_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, 30);
+			L_PUBKEY(_PATH_HOST_RSA3072_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, 31);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE_KEY_FILE, 32);
+			L_PUBKEY(_PATH_HOST_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, 33);
+			L_PUBKEY(_PATH_HOST_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST_KEY_FILE, 34);
 ///// OQS_TEMPLATE_FRAGMENT_LOAD_PUBKEYS_END
 		}
 	}
diff --git a/ssh_api.c b/ssh_api.c
index 08a2e2bc43cf..ae2424c09439 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -129,14 +129,114 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 		ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_SHA256] = kex_gen_server;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_SHA384] = kex_gen_server;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_server;
 		ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_512_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_768_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_512_90S_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_768_90S_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_90S_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HRSS701_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_SHA384] = kex_gen_server;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 		ssh->kex->kex[KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256] = kex_gen_server;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_server;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384] = kex_gen_server;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server;
 		ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384] = kex_gen_server;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384] = kex_gen_server;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_SERVER_END
@@ -163,14 +263,114 @@ ssh_init(struct ssh **sshp, int is_server, struct kex_params *kex_params)
 		ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_SHA256] = kex_gen_client;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_SHA384] = kex_gen_client;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_client;
 		ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_512_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_768_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_512_90S_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_768_90S_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_90S_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HRSS701_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_SHA384] = kex_gen_client;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 		ssh->kex->kex[KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256] = kex_gen_client;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_client;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384] = kex_gen_client;
 		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client;
 		ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384] = kex_gen_client;
+		ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384] = kex_gen_client;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_CLIENT_END
diff --git a/sshconnect2.c b/sshconnect2.c
index c6f9f93c3f68..faddef4cc6c8 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -281,14 +281,114 @@ ssh_kex2(struct ssh *ssh, char *host, struct sockaddr *hostaddr, u_short port)
 	ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_SHA256] = kex_gen_client;
 	ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_SHA384] = kex_gen_client;
 	ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_client;
 	ssh->kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_512_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_768_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_512_90S_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_768_90S_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_1024_90S_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HRSS701_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_SHA384] = kex_gen_client;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 	ssh->kex->kex[KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256] = kex_gen_client;
 	ssh->kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_client;
 	ssh->kex->kex[KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384] = kex_gen_client;
 	ssh->kex->kex[KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client;
 	ssh->kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384] = kex_gen_client;
+	ssh->kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384] = kex_gen_client;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_END
diff --git a/sshd.c b/sshd.c
index 263f021d79c8..0823112195d1 100644
--- a/sshd.c
+++ b/sshd.c
@@ -2423,14 +2423,114 @@ do_ssh2_kex(struct ssh *ssh)
 		kex->kex[KEX_KEM_FRODOKEM_640_AES_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_976_AES_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_1344_AES_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_SIKE_P434_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_LIGHTSABER_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_SABER_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_FIRESABER_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_90S_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_90S_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_90S_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_CPA_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_FO_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_CPA_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_FO_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048509_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048677_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HRSS701_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS4096821_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_128_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_192_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_SHA384] = kex_gen_server;
 #ifdef WITH_OPENSSL
 #ifdef OPENSSL_HAS_ECC
 		kex->kex[KEX_KEM_OQS_DEFAULT_ECDH_NISTP256_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_640_AES_ECDH_NISTP256_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_976_AES_ECDH_NISTP384_SHA384] = kex_gen_server;
 		kex->kex[KEX_KEM_FRODOKEM_1344_AES_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_640_SHAKE_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_976_SHAKE_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_FRODOKEM_1344_SHAKE_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_ECDH_NISTP521_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIDH_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server;
 		kex->kex[KEX_KEM_SIKE_P434_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P434_COMPRESSED_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P610_COMPRESSED_ECDH_NISTP384_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_ECDH_NISTP521_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SIKE_P751_COMPRESSED_ECDH_NISTP521_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_LIGHTSABER_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_SABER_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_SABER_FIRESABER_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_512_90S_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_768_90S_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_KYBER_1024_90S_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_CPA_ECDH_NISTP256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L1_FO_ECDH_NISTP256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_CPA_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_BIKE1_L3_FO_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048509_ECDH_NISTP256_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS2048677_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HRSS701_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRU_HPS4096821_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_348864F_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_460896F_ECDH_NISTP384_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6688128F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_6960119F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_CLASSIC_MCELIECE_8192128F_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_128_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_192_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_HQC_256_ECDH_NISTP521_SHA512] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR653_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP653_ECDH_NISTP256_SHA256] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR761_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP761_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_NTRULPR857_ECDH_NISTP384_SHA384] = kex_gen_server;
+		kex->kex[KEX_KEM_NTRUPRIME_SNTRUP857_ECDH_NISTP384_SHA384] = kex_gen_server;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_POINT_TO_KEX_GEN_END
diff --git a/sshkey.c b/sshkey.c
index 271e86863ac1..32fed43e8f7f 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -103,16 +103,37 @@ static size_t oqs_sig_pk_len(int type) {
     OQS_SIG_free(sig);
     return pk_len;
   }
-  case KEY_DILITHIUM_2:
-  case KEY_RSA3072_DILITHIUM_2:
-  case KEY_ECDSA_NISTP256_DILITHIUM_2:
-    return OQS_SIG_dilithium_2_length_public_key;
+  case KEY_FALCON_512:
+  case KEY_RSA3072_FALCON_512:
+  case KEY_ECDSA_NISTP256_FALCON_512:
+    return OQS_SIG_falcon_512_length_public_key;
+  case KEY_FALCON_1024:
+  case KEY_ECDSA_NISTP521_FALCON_1024:
+    return OQS_SIG_falcon_1024_length_public_key;
   case KEY_DILITHIUM_3:
   case KEY_ECDSA_NISTP384_DILITHIUM_3:
     return OQS_SIG_dilithium_3_length_public_key;
-  case KEY_DILITHIUM_5:
-  case KEY_ECDSA_NISTP521_DILITHIUM_5:
-    return OQS_SIG_dilithium_5_length_public_key;
+  case KEY_DILITHIUM_2_AES:
+  case KEY_RSA3072_DILITHIUM_2_AES:
+  case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+    return OQS_SIG_dilithium_2_aes_length_public_key;
+  case KEY_DILITHIUM_5_AES:
+  case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+    return OQS_SIG_dilithium_5_aes_length_public_key;
+  case KEY_PICNIC_L1_FULL:
+  case KEY_RSA3072_PICNIC_L1_FULL:
+  case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+    return OQS_SIG_picnic_L1_full_length_public_key;
+  case KEY_PICNIC_L3_FS:
+  case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+    return OQS_SIG_picnic_L3_FS_length_public_key;
+  case KEY_SPHINCS_HARAKA_128F_SIMPLE:
+  case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+  case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+    return OQS_SIG_sphincs_haraka_128f_simple_length_public_key;
+  case KEY_SPHINCS_HARAKA_192F_ROBUST:
+  case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+    return OQS_SIG_sphincs_haraka_192f_robust_length_public_key;
 ///// OQS_TEMPLATE_FRAGMENT_RETURN_PK_LEN_END
   }
   return 0;
@@ -131,16 +152,37 @@ static size_t oqs_sig_sk_len(int type) {
     OQS_SIG_free(sig);
     return sk_len;
   }
-  case KEY_DILITHIUM_2:
-  case KEY_RSA3072_DILITHIUM_2:
-  case KEY_ECDSA_NISTP256_DILITHIUM_2:
-    return OQS_SIG_dilithium_2_length_secret_key;
+  case KEY_FALCON_512:
+  case KEY_RSA3072_FALCON_512:
+  case KEY_ECDSA_NISTP256_FALCON_512:
+    return OQS_SIG_falcon_512_length_secret_key;
+  case KEY_FALCON_1024:
+  case KEY_ECDSA_NISTP521_FALCON_1024:
+    return OQS_SIG_falcon_1024_length_secret_key;
   case KEY_DILITHIUM_3:
   case KEY_ECDSA_NISTP384_DILITHIUM_3:
     return OQS_SIG_dilithium_3_length_secret_key;
-  case KEY_DILITHIUM_5:
-  case KEY_ECDSA_NISTP521_DILITHIUM_5:
-    return OQS_SIG_dilithium_5_length_secret_key;
+  case KEY_DILITHIUM_2_AES:
+  case KEY_RSA3072_DILITHIUM_2_AES:
+  case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+    return OQS_SIG_dilithium_2_aes_length_secret_key;
+  case KEY_DILITHIUM_5_AES:
+  case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+    return OQS_SIG_dilithium_5_aes_length_secret_key;
+  case KEY_PICNIC_L1_FULL:
+  case KEY_RSA3072_PICNIC_L1_FULL:
+  case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+    return OQS_SIG_picnic_L1_full_length_secret_key;
+  case KEY_PICNIC_L3_FS:
+  case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+    return OQS_SIG_picnic_L3_FS_length_secret_key;
+  case KEY_SPHINCS_HARAKA_128F_SIMPLE:
+  case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+  case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+    return OQS_SIG_sphincs_haraka_128f_simple_length_secret_key;
+  case KEY_SPHINCS_HARAKA_192F_ROBUST:
+  case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+    return OQS_SIG_sphincs_haraka_192f_robust_length_secret_key;
 ///// OQS_TEMPLATE_FRAGMENT_RETURN_SK_LEN_END
   }
   return 0;
@@ -217,26 +259,56 @@ static const struct keytype keytypes[] = {
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEYTYPES_START
 	{ "ssh-oqsdefault", "OQSDEFAULT", NULL,
 	    KEY_OQS_DEFAULT, 0, 0, 0 },
-	{ "ssh-dilithium2", "DILITHIUM2", NULL,
-	    KEY_DILITHIUM_2, 0, 0, 0 },
+	{ "ssh-falcon512", "FALCON512", NULL,
+	    KEY_FALCON_512, 0, 0, 0 },
+	{ "ssh-falcon1024", "FALCON1024", NULL,
+	    KEY_FALCON_1024, 0, 0, 0 },
 	{ "ssh-dilithium3", "DILITHIUM3", NULL,
 	    KEY_DILITHIUM_3, 0, 0, 0 },
-	{ "ssh-dilithium5", "DILITHIUM5", NULL,
-	    KEY_DILITHIUM_5, 0, 0, 0 },
+	{ "ssh-dilithium2aes", "DILITHIUM2AES", NULL,
+	    KEY_DILITHIUM_2_AES, 0, 0, 0 },
+	{ "ssh-dilithium5aes", "DILITHIUM5AES", NULL,
+	    KEY_DILITHIUM_5_AES, 0, 0, 0 },
+	{ "ssh-picnicL1full", "PICNICL1FULL", NULL,
+	    KEY_PICNIC_L1_FULL, 0, 0, 0 },
+	{ "ssh-picnicL3FS", "PICNICL3FS", NULL,
+	    KEY_PICNIC_L3_FS, 0, 0, 0 },
+	{ "ssh-sphincsharaka128fsimple", "SPHINCSHARAKA128FSIMPLE", NULL,
+	    KEY_SPHINCS_HARAKA_128F_SIMPLE, 0, 0, 0 },
+	{ "ssh-sphincsharaka192frobust", "SPHINCSHARAKA192FROBUST", NULL,
+	    KEY_SPHINCS_HARAKA_192F_ROBUST, 0, 0, 0 },
 #ifdef WITH_OPENSSL
 	{ "ssh-rsa3072-oqsdefault", "RSA3072_OQSDEFAULT", NULL,
 	    KEY_RSA3072_OQS_DEFAULT, 0, 0, 0 },
-	{ "ssh-rsa3072-dilithium2", "RSA3072_DILITHIUM2", NULL,
-	    KEY_RSA3072_DILITHIUM_2, 0, 0, 0 },
+	{ "ssh-rsa3072-falcon512", "RSA3072_FALCON512", NULL,
+	    KEY_RSA3072_FALCON_512, 0, 0, 0 },
+	{ "ssh-rsa3072-dilithium2aes", "RSA3072_DILITHIUM2AES", NULL,
+	    KEY_RSA3072_DILITHIUM_2_AES, 0, 0, 0 },
+	{ "ssh-rsa3072-picnicL1full", "RSA3072_PICNICL1FULL", NULL,
+	    KEY_RSA3072_PICNIC_L1_FULL, 0, 0, 0 },
+	{ "ssh-rsa3072-sphincsharaka128fsimple", "RSA3072_SPHINCSHARAKA128FSIMPLE", NULL,
+	    KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE, 0, 0, 0 },
 #ifdef OPENSSL_HAS_ECC
 	{ "ssh-ecdsa-nistp256-oqsdefault", "ECDSA_NISTP256_OQSDEFAULT", NULL,
 	    KEY_ECDSA_NISTP256_OQS_DEFAULT, NID_X9_62_prime256v1, 0, 0 },
-	{ "ssh-ecdsa-nistp256-dilithium2", "ECDSA_NISTP256_DILITHIUM2", NULL,
-	    KEY_ECDSA_NISTP256_DILITHIUM_2, NID_X9_62_prime256v1, 0, 0 },
+	{ "ssh-ecdsa-nistp256-falcon512", "ECDSA_NISTP256_FALCON512", NULL,
+	    KEY_ECDSA_NISTP256_FALCON_512, NID_X9_62_prime256v1, 0, 0 },
+	{ "ssh-ecdsa-nistp521-falcon1024", "ECDSA_NISTP521_FALCON1024", NULL,
+	    KEY_ECDSA_NISTP521_FALCON_1024, NID_secp521r1, 0, 0 },
 	{ "ssh-ecdsa-nistp384-dilithium3", "ECDSA_NISTP384_DILITHIUM3", NULL,
 	    KEY_ECDSA_NISTP384_DILITHIUM_3, NID_secp384r1, 0, 0 },
-	{ "ssh-ecdsa-nistp521-dilithium5", "ECDSA_NISTP521_DILITHIUM5", NULL,
-	    KEY_ECDSA_NISTP521_DILITHIUM_5, NID_secp521r1, 0, 0 },
+	{ "ssh-ecdsa-nistp256-dilithium2aes", "ECDSA_NISTP256_DILITHIUM2AES", NULL,
+	    KEY_ECDSA_NISTP256_DILITHIUM_2_AES, NID_X9_62_prime256v1, 0, 0 },
+	{ "ssh-ecdsa-nistp521-dilithium5aes", "ECDSA_NISTP521_DILITHIUM5AES", NULL,
+	    KEY_ECDSA_NISTP521_DILITHIUM_5_AES, NID_secp521r1, 0, 0 },
+	{ "ssh-ecdsa-nistp256-picnicL1full", "ECDSA_NISTP256_PICNICL1FULL", NULL,
+	    KEY_ECDSA_NISTP256_PICNIC_L1_FULL, NID_X9_62_prime256v1, 0, 0 },
+	{ "ssh-ecdsa-nistp384-picnicL3FS", "ECDSA_NISTP384_PICNICL3FS", NULL,
+	    KEY_ECDSA_NISTP384_PICNIC_L3_FS, NID_secp384r1, 0, 0 },
+	{ "ssh-ecdsa-nistp256-sphincsharaka128fsimple", "ECDSA_NISTP256_SPHINCSHARAKA128FSIMPLE", NULL,
+	    KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE, NID_X9_62_prime256v1, 0, 0 },
+	{ "ssh-ecdsa-nistp384-sphincsharaka192frobust", "ECDSA_NISTP384_SPHINCSHARAKA192FROBUST", NULL,
+	    KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST, NID_secp384r1, 0, 0 },
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_DEFINE_KEYTYPES_END
@@ -1983,14 +2055,32 @@ sshkey_generate(int type, u_int bits, struct sshkey **keyp)
 	    OQS_SIG_free(sig);
 	    break;
 	  }
-	  case KEY_DILITHIUM_2:
-	    ret = OQS_SIG_dilithium_2_keypair(k->oqs_pk, k->oqs_sk);
+	  case KEY_FALCON_512:
+	    ret = OQS_SIG_falcon_512_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_FALCON_1024:
+	    ret = OQS_SIG_falcon_1024_keypair(k->oqs_pk, k->oqs_sk);
 	    break;
 	  case KEY_DILITHIUM_3:
 	    ret = OQS_SIG_dilithium_3_keypair(k->oqs_pk, k->oqs_sk);
 	    break;
-	  case KEY_DILITHIUM_5:
-	    ret = OQS_SIG_dilithium_5_keypair(k->oqs_pk, k->oqs_sk);
+	  case KEY_DILITHIUM_2_AES:
+	    ret = OQS_SIG_dilithium_2_aes_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_DILITHIUM_5_AES:
+	    ret = OQS_SIG_dilithium_5_aes_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_PICNIC_L1_FULL:
+	    ret = OQS_SIG_picnic_L1_full_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_PICNIC_L3_FS:
+	    ret = OQS_SIG_picnic_L3_FS_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_SPHINCS_HARAKA_128F_SIMPLE:
+	    ret = OQS_SIG_sphincs_haraka_128f_simple_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_SPHINCS_HARAKA_192F_ROBUST:
+	    ret = OQS_SIG_sphincs_haraka_192f_robust_keypair(k->oqs_pk, k->oqs_sk);
 	    break;
 #ifdef WITH_OPENSSL
 	  case KEY_RSA3072_OQS_DEFAULT:
@@ -2000,8 +2090,17 @@ sshkey_generate(int type, u_int bits, struct sshkey **keyp)
 	    OQS_SIG_free(sig);
 	    break;
 	  }
-	  case KEY_RSA3072_DILITHIUM_2:
-	    ret = OQS_SIG_dilithium_2_keypair(k->oqs_pk, k->oqs_sk);
+	  case KEY_RSA3072_FALCON_512:
+	    ret = OQS_SIG_falcon_512_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_RSA3072_DILITHIUM_2_AES:
+	    ret = OQS_SIG_dilithium_2_aes_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_RSA3072_PICNIC_L1_FULL:
+	    ret = OQS_SIG_picnic_L1_full_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+	    ret = OQS_SIG_sphincs_haraka_128f_simple_keypair(k->oqs_pk, k->oqs_sk);
 	    break;
 #ifdef OPENSSL_HAS_ECC
 	  case KEY_ECDSA_NISTP256_OQS_DEFAULT:
@@ -2011,14 +2110,32 @@ sshkey_generate(int type, u_int bits, struct sshkey **keyp)
 	    OQS_SIG_free(sig);
 	    break;
 	  }
-	  case KEY_ECDSA_NISTP256_DILITHIUM_2:
-	    ret = OQS_SIG_dilithium_2_keypair(k->oqs_pk, k->oqs_sk);
+	  case KEY_ECDSA_NISTP256_FALCON_512:
+	    ret = OQS_SIG_falcon_512_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_ECDSA_NISTP521_FALCON_1024:
+	    ret = OQS_SIG_falcon_1024_keypair(k->oqs_pk, k->oqs_sk);
 	    break;
 	  case KEY_ECDSA_NISTP384_DILITHIUM_3:
 	    ret = OQS_SIG_dilithium_3_keypair(k->oqs_pk, k->oqs_sk);
 	    break;
-	  case KEY_ECDSA_NISTP521_DILITHIUM_5:
-	    ret = OQS_SIG_dilithium_5_keypair(k->oqs_pk, k->oqs_sk);
+	  case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+	    ret = OQS_SIG_dilithium_2_aes_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+	    ret = OQS_SIG_dilithium_5_aes_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+	    ret = OQS_SIG_picnic_L1_full_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+	    ret = OQS_SIG_picnic_L3_FS_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+	    ret = OQS_SIG_sphincs_haraka_128f_simple_keypair(k->oqs_pk, k->oqs_sk);
+	    break;
+	  case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+	    ret = OQS_SIG_sphincs_haraka_192f_robust_keypair(k->oqs_pk, k->oqs_sk);
 	    break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
@@ -3126,34 +3243,79 @@ sshkey_sign(struct sshkey *key,
 	case KEY_OQS_DEFAULT:
 		r = ssh_oqsdefault_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
-	case KEY_DILITHIUM_2:
-		r = ssh_dilithium2_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+	case KEY_FALCON_512:
+		r = ssh_falcon512_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_FALCON_1024:
+		r = ssh_falcon1024_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
 	case KEY_DILITHIUM_3:
 		r = ssh_dilithium3_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
-	case KEY_DILITHIUM_5:
-		r = ssh_dilithium5_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+	case KEY_DILITHIUM_2_AES:
+		r = ssh_dilithium2aes_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_DILITHIUM_5_AES:
+		r = ssh_dilithium5aes_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_PICNIC_L1_FULL:
+		r = ssh_picnicL1full_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_PICNIC_L3_FS:
+		r = ssh_picnicL3FS_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_SPHINCS_HARAKA_128F_SIMPLE:
+		r = ssh_sphincsharaka128fsimple_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_SPHINCS_HARAKA_192F_ROBUST:
+		r = ssh_sphincsharaka192frobust_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
 #ifdef WITH_OPENSSL
 	case KEY_RSA3072_OQS_DEFAULT:
 		r = ssh_oqsdefault_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
-	case KEY_RSA3072_DILITHIUM_2:
-		r = ssh_dilithium2_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+	case KEY_RSA3072_FALCON_512:
+		r = ssh_falcon512_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_RSA3072_DILITHIUM_2_AES:
+		r = ssh_dilithium2aes_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_RSA3072_PICNIC_L1_FULL:
+		r = ssh_picnicL1full_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+		r = ssh_sphincsharaka128fsimple_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
 #ifdef OPENSSL_HAS_ECC
 	case KEY_ECDSA_NISTP256_OQS_DEFAULT:
 		r = ssh_oqsdefault_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
-	case KEY_ECDSA_NISTP256_DILITHIUM_2:
-		r = ssh_dilithium2_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+	case KEY_ECDSA_NISTP256_FALCON_512:
+		r = ssh_falcon512_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_ECDSA_NISTP521_FALCON_1024:
+		r = ssh_falcon1024_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
 	case KEY_ECDSA_NISTP384_DILITHIUM_3:
 		r = ssh_dilithium3_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
-	case KEY_ECDSA_NISTP521_DILITHIUM_5:
-		r = ssh_dilithium5_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+	case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+		r = ssh_dilithium2aes_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+		r = ssh_dilithium5aes_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+		r = ssh_picnicL1full_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+		r = ssh_picnicL3FS_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+		r = ssh_sphincsharaka128fsimple_sign(key, &sig_pq, &len_pq, data, datalen, compat);
+		break;
+	case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+		r = ssh_sphincsharaka192frobust_sign(key, &sig_pq, &len_pq, data, datalen, compat);
 		break;
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
@@ -3307,26 +3469,56 @@ sshkey_verify(const struct sshkey *key,
 ///// OQS_TEMPLATE_FRAGMENT_SSHKEY_VERIFY_SWITCH_KEYTYPE_START
 	case KEY_OQS_DEFAULT:
 		return ssh_oqsdefault_verify(key, sig_pq, siglen_pq, data, dlen, compat);
-	case KEY_DILITHIUM_2:
-		return ssh_dilithium2_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_FALCON_512:
+		return ssh_falcon512_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_FALCON_1024:
+		return ssh_falcon1024_verify(key, sig_pq, siglen_pq, data, dlen, compat);
 	case KEY_DILITHIUM_3:
 		return ssh_dilithium3_verify(key, sig_pq, siglen_pq, data, dlen, compat);
-	case KEY_DILITHIUM_5:
-		return ssh_dilithium5_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_DILITHIUM_2_AES:
+		return ssh_dilithium2aes_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_DILITHIUM_5_AES:
+		return ssh_dilithium5aes_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_PICNIC_L1_FULL:
+		return ssh_picnicL1full_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_PICNIC_L3_FS:
+		return ssh_picnicL3FS_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_SPHINCS_HARAKA_128F_SIMPLE:
+		return ssh_sphincsharaka128fsimple_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_SPHINCS_HARAKA_192F_ROBUST:
+		return ssh_sphincsharaka192frobust_verify(key, sig_pq, siglen_pq, data, dlen, compat);
 #ifdef WITH_OPENSSL
 	case KEY_RSA3072_OQS_DEFAULT:
 		return ssh_oqsdefault_verify(key, sig_pq, siglen_pq, data, dlen, compat);
-	case KEY_RSA3072_DILITHIUM_2:
-		return ssh_dilithium2_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_RSA3072_FALCON_512:
+		return ssh_falcon512_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_RSA3072_DILITHIUM_2_AES:
+		return ssh_dilithium2aes_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_RSA3072_PICNIC_L1_FULL:
+		return ssh_picnicL1full_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE:
+		return ssh_sphincsharaka128fsimple_verify(key, sig_pq, siglen_pq, data, dlen, compat);
 #ifdef OPENSSL_HAS_ECC
 	case KEY_ECDSA_NISTP256_OQS_DEFAULT:
 		return ssh_oqsdefault_verify(key, sig_pq, siglen_pq, data, dlen, compat);
-	case KEY_ECDSA_NISTP256_DILITHIUM_2:
-		return ssh_dilithium2_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP256_FALCON_512:
+		return ssh_falcon512_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP521_FALCON_1024:
+		return ssh_falcon1024_verify(key, sig_pq, siglen_pq, data, dlen, compat);
 	case KEY_ECDSA_NISTP384_DILITHIUM_3:
 		return ssh_dilithium3_verify(key, sig_pq, siglen_pq, data, dlen, compat);
-	case KEY_ECDSA_NISTP521_DILITHIUM_5:
-		return ssh_dilithium5_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP256_DILITHIUM_2_AES:
+		return ssh_dilithium2aes_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP521_DILITHIUM_5_AES:
+		return ssh_dilithium5aes_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP256_PICNIC_L1_FULL:
+		return ssh_picnicL1full_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP384_PICNIC_L3_FS:
+		return ssh_picnicL3FS_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE:
+		return ssh_sphincsharaka128fsimple_verify(key, sig_pq, siglen_pq, data, dlen, compat);
+	case KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST:
+		return ssh_sphincsharaka192frobust_verify(key, sig_pq, siglen_pq, data, dlen, compat);
 #endif /* OPENSSL_HAS_ECC */
 #endif /* WITH_OPENSSL */
 ///// OQS_TEMPLATE_FRAGMENT_SSHKEY_VERIFY_SWITCH_KEYTYPE_END
diff --git a/sshkey.h b/sshkey.h
index 6a89cef3ed8f..eea520e53f39 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -77,13 +77,28 @@ enum sshkey_types {
 	KEY_OQS_DEFAULT,
 	KEY_RSA3072_OQS_DEFAULT,
 	KEY_ECDSA_NISTP256_OQS_DEFAULT,
-	KEY_DILITHIUM_2,
-	KEY_RSA3072_DILITHIUM_2,
-	KEY_ECDSA_NISTP256_DILITHIUM_2,
+	KEY_FALCON_512,
+	KEY_RSA3072_FALCON_512,
+	KEY_ECDSA_NISTP256_FALCON_512,
+	KEY_FALCON_1024,
+	KEY_ECDSA_NISTP521_FALCON_1024,
 	KEY_DILITHIUM_3,
 	KEY_ECDSA_NISTP384_DILITHIUM_3,
-	KEY_DILITHIUM_5,
-	KEY_ECDSA_NISTP521_DILITHIUM_5,
+	KEY_DILITHIUM_2_AES,
+	KEY_RSA3072_DILITHIUM_2_AES,
+	KEY_ECDSA_NISTP256_DILITHIUM_2_AES,
+	KEY_DILITHIUM_5_AES,
+	KEY_ECDSA_NISTP521_DILITHIUM_5_AES,
+	KEY_PICNIC_L1_FULL,
+	KEY_RSA3072_PICNIC_L1_FULL,
+	KEY_ECDSA_NISTP256_PICNIC_L1_FULL,
+	KEY_PICNIC_L3_FS,
+	KEY_ECDSA_NISTP384_PICNIC_L3_FS,
+	KEY_SPHINCS_HARAKA_128F_SIMPLE,
+	KEY_RSA3072_SPHINCS_HARAKA_128F_SIMPLE,
+	KEY_ECDSA_NISTP256_SPHINCS_HARAKA_128F_SIMPLE,
+	KEY_SPHINCS_HARAKA_192F_ROBUST,
+	KEY_ECDSA_NISTP384_SPHINCS_HARAKA_192F_ROBUST,
 ///// OQS_TEMPLATE_FRAGMENT_ENUMERATE_KEYTYPES_END
 	KEY_UNSPEC
 };
@@ -339,12 +354,24 @@ int ssh_xmss_verify(const struct sshkey *key,
 ///// OQS_TEMPLATE_FRAGMENT_DECLARE_PROTOTYPES_START
 int ssh_oqsdefault_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
 int ssh_oqsdefault_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
-int ssh_dilithium2_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
-int ssh_dilithium2_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_falcon512_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_falcon512_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_falcon1024_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_falcon1024_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
 int ssh_dilithium3_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
 int ssh_dilithium3_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
-int ssh_dilithium5_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
-int ssh_dilithium5_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_dilithium2aes_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_dilithium2aes_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_dilithium5aes_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_dilithium5aes_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_picnicL1full_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_picnicL1full_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_picnicL3FS_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_picnicL3FS_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_sphincsharaka128fsimple_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_sphincsharaka128fsimple_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
+int ssh_sphincsharaka192frobust_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, u_int compat);
+int ssh_sphincsharaka192frobust_verify(const struct sshkey *key, const u_char *signature, size_t signaturelen, const u_char *data, size_t datalen, u_int compat);
 ///// OQS_TEMPLATE_FRAGMENT_DECLARE_PROTOTYPES_END
 #endif