Provided by: gnutls-doc_3.8.3-1.1ubuntu3.4_all bug

NAME
       gnutls_privkey_generate2 - API function


SYNOPSIS
       #include <gnutls/abstract.h>

       int  gnutls_privkey_generate2(gnutls_privkey_t  pkey,  gnutls_pk_algorithm_t  algo,  unsigned  int  bits,
       unsigned int flags, const gnutls_keygen_data_st * data, unsigned data_size);


ARGUMENTS
       gnutls_privkey_t pkey
                   The private key

       gnutls_pk_algorithm_t algo
                   is one of the algorithms in gnutls_pk_algorithm_t.

       unsigned int bits
                   the size of the modulus

       unsigned int flags
                   Must be zero or flags from gnutls_privkey_flags_t.

       const gnutls_keygen_data_st * data
                   Allow specifying gnutls_keygen_data_st types such as the seed to be used.

       unsigned data_size
                   The number of  data available.


DESCRIPTION
       This function will generate a random  private  key.  Note  that  this  function  must  be  called  on  an
       initialized private key.

       The  flag  GNUTLS_PRIVKEY_FLAG_PROVABLE  instructs  the  key  generation  process  to use algorithms like
       Shawe-Taylor (from FIPS PUB186-4) which generate provable parameters out of a seed for RSA and DSA  keys.
       On  DSA  keys the PQG parameters are generated using the seed, while on RSA the two primes. To specify an
       explicit seed (by default a random seed is used), use the  data with a GNUTLS_KEYGEN_SEED type.

       Note that when generating an elliptic curve key, the curve can be substituted in the place  of  the  bits
       parameter using the GNUTLS_CURVE_TO_BITS() macro.

       To  export  the  generated  keys  in memory or in files it is recommended to use the PKCS8 form as it can
       handle all key types, and can store additional parameters such as the seed, in case of  provable  RSA  or
       DSA  keys.   Generated  keys  can be exported in memory using gnutls_privkey_export_x509(), and then with
       gnutls_x509_privkey_export2_pkcs8().

       If key generation is part of your application, avoid setting the number of bits directly, and instead use
       gnutls_sec_param_to_pk_bits().  That way the generated keys will adapt to  the  security  levels  of  the
       underlying GnuTLS library.


RETURNS
       On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.


SINCE
       3.5.0


REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org


COPYRIGHT
       Copyright © 2001-2023 Free Software Foundation, Inc., and others.
       Copying  and distribution of this file, with or without modification, are permitted in any medium without
       royalty provided the copyright notice and this notice are preserved.


SEE ALSO
       The full documentation for gnutls is maintained as  a  Texinfo  manual.   If  the  /usr/share/doc/gnutls/
       directory does not contain the HTML form visit

       https://www.gnutls.org/manual/

gnutls                                                3.8.3                          gnutls_privkey_generate2(3)