Holds the signer's key
The hash algorithm used
unsigned int flags
Zero or one of gnutls_privkey_flags_t
const gnutls_datum_t * hash_data
holds the data to be signed
gnutls_datum_t * signature
will contain newly allocated signature
This function will sign the given hashed data using a signature
algorithm supported by the private key. Signature algorithms are
always used together with a hash functions. Different hash functions
may be used for the RSA algorithm, but only SHA-XXX for the DSA keys.
You may use gnutls_pubkey_get_preferred_hash_algorithm() to determine
the hash algorithm.
The flags may be GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA or
GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS. In the former case this function
will ignore hash_algo and perform a raw PKCS1 signature, and in the
latter an RSA-PSS signature will be generated.
Note that, not all algorithm support signing already hashed data.
When signing with Ed25519, gnutls_privkey_sign_data() should be used.
This page is part of the GnuTLS (GnuTLS Transport Layer Security
Library) project. Information about the project can be found at
⟨http://www.gnutls.org/⟩. If you have a bug report for this manual
page, send it to firstname.lastname@example.org. This page was obtained from the
tarball gnutls-3.6.9.tar.xz fetched from
⟨http://www.gnutls.org/download.html⟩ on 2020-05-27. If you discover
any rendering problems in this HTML version of the page, or you
believe there is a better or more up-to-date source for the page, or
you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
gnutls 3.6.9 gnutls_privkey_sign_hash(3)