I just pushed some changes that should help your testing
hmurray at megapathdsl.net
Mon Apr 1 11:19:25 UTC 2019
I split out the ssl parts of processing in nts_server. I didn't change
I think I put the routines you want into nts.h
I think you can test cookies. That will exercise the AES_SIV crypto routines.
You will need to call nts_cookie_init (to setup the crypto context)
If you call nts_cookie_init2, it will read in the "old" cookie passwords from
You can point it at the right file by storing a filename in ntsconfig.KI,
else it uses a default.
You can avoid a file by calling nts_make_cookie_key
To make a cookie, you have to feed nts_make_cookie
a place to put the cookie (NTS_MAX_COOKIELEN)
aean - code for crypto algorithm to use. Legal values are
AEAD_AES_SIV_CMAC_xxx for xxx in 256, 384, and 512
2 keys - you will have to invent them
keylength: matches aean, values are 32, 48, and 64
unpack cookie should give you back aead, and the 2 keys and length
If you call nts_make_cookie the current key gets pushed to the old key
and the previous old key is lost. If you call it again, the initial good key
is lost and unpack_cookie will fail.
These are my opinions. I hate spam.
More information about the devel