kex: Implement remaining hybrid ML-KEM methods

This builds on top of a9c8f94. The pure ML-KEM
code is now separated from the hybrid parts,
with the hybrid implementation generalized to
support NIST curves.

Signed-off-by: Pavol Žáčik <pzacik@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>

src/wrapper.c

@@ -52,7 +52,7 @@
 #include "libssh/ecdh.h"
 #include "libssh/sntrup761.h"
 #ifdef HAVE_MLKEM
-#include "libssh/mlkem768.h"
+#include "libssh/hybrid_mlkem.h"
 #endif
 
 static struct ssh_hmac_struct ssh_hmac_tab[] = {
@@ -229,6 +229,16 @@ void crypto_free(struct ssh_crypto_struct *crypto)
         SAFE_FREE(crypto->kex_methods[i]);
     }
 
+#ifdef HAVE_MLKEM
+    EVP_PKEY_free(crypto->mlkem_privkey);
+    ssh_string_burn(crypto->hybrid_shared_secret);
+    ssh_string_free(crypto->mlkem_client_pubkey);
+    ssh_string_free(crypto->mlkem_ciphertext);
+    ssh_string_free(crypto->hybrid_client_init);
+    ssh_string_free(crypto->hybrid_server_reply);
+    ssh_string_free(crypto->hybrid_shared_secret);
+#endif
+
     explicit_bzero(crypto, sizeof(struct ssh_crypto_struct));
 
     SAFE_FREE(crypto);
@@ -604,7 +614,9 @@ int crypt_set_algorithms_server(ssh_session session){
 #endif
 #ifdef HAVE_MLKEM
     case SSH_KEX_MLKEM768X25519_SHA256:
-        ssh_server_mlkem768x25519_init(session);
+    case SSH_KEX_MLKEM768NISTP256_SHA256:
+    case SSH_KEX_MLKEM1024NISTP384_SHA384:
+        ssh_server_hybrid_mlkem_init(session);
         break;
 #endif
     default: