3 files changed, 93 insertions, 0 deletions
diff --git a/src/lib/pubkey/cecpq1/cecpq1.cpp b/src/lib/pubkey/cecpq1/cecpq1.cpp
new file mode 100644
index 000000000..d5b6ae702
--- /dev/null
+++ b/src/lib/pubkey/cecpq1/cecpq1.cpp
@@ -0,0 +1,50 @@
+/*
+* CECPQ1 (x25519 + NewHope)
+* (C) 2016 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include <botan/cecpq1.h>
+#include <botan/newhope.h>
+#include <botan/curve25519.h>
+
+namespace Botan {
+
+void CECPQ1_offer(uint8_t send[CECPQ1_OFFER_BYTES],
+                  CECPQ1_key* offer_key_output,
+                  RandomNumberGenerator& rng)
+   {
+   offer_key_output->m_x25519 = rng.random_vec(32);
+   curve25519_basepoint(send, offer_key_output->m_x25519.data());
+
+   newhope_keygen(send + 32, &offer_key_output->m_newhope,
+                  rng, Newhope_Mode::BoringSSL);
+   }
+
+void CECPQ1_accept(uint8_t shared_key[CECPQ1_SHARED_KEY_BYTES],
+                   uint8_t send[CECPQ1_ACCEPT_BYTES],
+                   const uint8_t received[CECPQ1_OFFER_BYTES],
+                   RandomNumberGenerator& rng)
+   {
+   secure_vector<byte> x25519_key = rng.random_vec(32);
+
+   curve25519_basepoint(send, x25519_key.data());
+
+   curve25519_donna(shared_key, x25519_key.data(), received);
+
+   newhope_sharedb(shared_key + 32, send + 32, received + 32,
+                   rng, Newhope_Mode::BoringSSL);
+   }
+
+void CECPQ1_finish(uint8_t shared_key[CECPQ1_SHARED_KEY_BYTES],
+                   const CECPQ1_key& offer_key,
+                   const uint8_t received[CECPQ1_ACCEPT_BYTES])
+   {
+   curve25519_donna(shared_key, offer_key.m_x25519.data(), received);
+
+   newhope_shareda(shared_key + 32, &offer_key.m_newhope, received + 32,
+                   Newhope_Mode::BoringSSL);
+   }
+
+}
diff --git a/src/lib/pubkey/cecpq1/cecpq1.h b/src/lib/pubkey/cecpq1/cecpq1.h
new file mode 100644
index 000000000..0bda0dd02
--- /dev/null
+++ b/src/lib/pubkey/cecpq1/cecpq1.h
@@ -0,0 +1,36 @@
+/*
+* CECPQ1 (x25519 + NewHope)
+* (C) 2016 Jack Lloyd
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_CECPQ1_H__
+#define BOTAN_CECPQ1_H__
+
+#include <botan/secmem.h>
+#include <botan/newhope.h>
+
+namespace Botan {
+
+struct CECPQ1_key {
+   secure_vector<uint8_t> m_x25519;
+   newhope_poly m_newhope;
+};
+
+void BOTAN_DLL CECPQ1_offer(uint8_t* offer_message,
+                            CECPQ1_key* offer_key_output,
+                            RandomNumberGenerator& rng);
+
+void BOTAN_DLL CECPQ1_accept(uint8_t* shared_key,
+                             uint8_t* accept_message,
+                             const uint8_t* offer_message,
+                             RandomNumberGenerator& rng);
+
+void BOTAN_DLL CECPQ1_finish(uint8_t* shared_key,
+                             const CECPQ1_key& offer_key,
+                             const uint8_t* accept_message);
+
+}
+
+#endif
diff --git a/src/lib/pubkey/cecpq1/info.txt b/src/lib/pubkey/cecpq1/info.txt
new file mode 100644
index 000000000..614ba3962
--- /dev/null
+++ b/src/lib/pubkey/cecpq1/info.txt
@@ -0,0 +1,7 @@
+define CECPQ1 20161116
+
+<requires>
+newhope
+curve25519
+</requires>
+