nts: add support for multiple sets of trusted certificates

Modify the session, NTS-KE, and NTS-NTP code to support multiple sets of trusted certificates and identify the sets by a 32-bit ID.
2025-12-06 18:55:06 -05:00 · 2021-02-18 16:53:36 +01:00
parent f650b8c515
commit 6615bb1b78
14 changed files with 72 additions and 36 deletions
--- a/nts_ke_session.h
+++ b/nts_ke_session.h
@@ -43,8 +43,9 @@ typedef int (*NKSN_MessageHandler)(void *arg);
   different clients or servers. */
 extern NKSN_Credentials NKSN_CreateServerCertCredentials(const char **certs, const char **keys,
                                                         int n_certs_keys);
-extern NKSN_Credentials NKSN_CreateClientCertCredentials(const char **trusted_certs,
-                                                         int n_certs);
+extern NKSN_Credentials NKSN_CreateClientCertCredentials(const char **certs, uint32_t *ids,
+                                                         int n_certs_ids,
+                                                         uint32_t trusted_cert_set);

 /* Destroy the credentials */
 extern void NKSN_DestroyCertCredentials(NKSN_Credentials credentials);