I split out the ssl parts of processing in nts_server. I didn't change nts_client yet.
I think I put the routines you want into nts.h -------- I think you can test cookies. That will exercise the AES_SIV crypto routines. You will need to call nts_cookie_init (to setup the crypto context) If you call nts_cookie_init2, it will read in the "old" cookie passwords from a file. You can point it at the right file by storing a filename in ntsconfig.KI, else it uses a default. You can avoid a file by calling nts_make_cookie_key To make a cookie, you have to feed nts_make_cookie a place to put the cookie (NTS_MAX_COOKIELEN) aean - code for crypto algorithm to use. Legal values are AEAD_AES_SIV_CMAC_xxx for xxx in 256, 384, and 512 2 keys - you will have to invent them keylength: matches aean, values are 32, 48, and 64 unpack cookie should give you back aead, and the 2 keys and length If you call nts_make_cookie the current key gets pushed to the old key and the previous old key is lost. If you call it again, the initial good key is lost and unpack_cookie will fail. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
