diff --git a/dnapi-rs/src/credentials.rs b/dnapi-rs/src/credentials.rs
index 4d55ad4..01b3ce7 100644
--- a/dnapi-rs/src/credentials.rs
+++ b/dnapi-rs/src/credentials.rs
@@ -1,7 +1,7 @@
 //! Contains the `Credentials` struct, which contains all keys, IDs, organizations and other identity-related and security-related data that is persistent in a `Client`
 
 use std::error::Error;
-use trifid_pki::cert::{deserialize_ed25519_public, serialize_ed25519_public};
+use trifid_pki::cert::{deserialize_ed25519_public_many, serialize_ed25519_public};
 use trifid_pki::ed25519_dalek::{SigningKey, VerifyingKey};
 
 /// Contains information necessary to make requests against the `DNClient` API.
@@ -27,11 +27,16 @@ pub fn ed25519_public_keys_to_pem(keys: &[VerifyingKey]) -> Vec<u8> {
     res
 }
 
-pub fn ed25519_public_keys_from_pem(pem: Vec<u8>) -> Result<Vec<VerifyingKey>, Box<dyn Error>> {
+/// Converts a set of PEM-encoded ed25519 public keys, and converts them into an array of `VerifyingKey`s.
+/// # Errors
+/// This function will return an error if the PEM could not be decoded, or if any of the encoded keys are invalid.
+pub fn ed25519_public_keys_from_pem(pem: &[u8]) -> Result<Vec<VerifyingKey>, Box<dyn Error>> {
+    let pems = deserialize_ed25519_public_many(pem)?;
     let mut keys = vec![];
 
-    for key in keys.chunks(32) {
-
+    #[allow(clippy::unwrap_used)]
+    for pem in pems {
+        keys.push(VerifyingKey::from_bytes(&pem.try_into().unwrap_or_else(|_| unreachable!()))?);
     }
 
     Ok(keys)