an initialized key
is one of the algorithms in gnutls_pk_algorithm_t.
unsigned int bits
the size of the parameters to generate
unsigned int flags
Must be zero or flags from gnutls_privkey_flags_t.
This function will generate a random private key. Note that this
function must be called on an initialized private key.
The flag GNUTLS_PRIVKEY_FLAG_PROVABLE instructs the key
generation process to use algorithms like Shawe-Taylor (from FIPS
PUB186-4) which generate provable parameters out of a seed for
RSA and DSA keys. See gnutls_x509_privkey_generate2() for more
Note that when generating an elliptic curve key, the curve can be
substituted in the place of the bits parameter using the
GNUTLS_CURVE_TO_BITS() macro. The input to the macro is any curve
For DSA keys, if the subgroup size needs to be specified check
the GNUTLS_SUBGROUP_TO_BITS() macro.
It is recommended to do not set the number of bits directly, use
gnutls_sec_param_to_pk_bits() instead .
See also gnutls_privkey_generate(),
This page is part of the GnuTLS (GnuTLS Transport Layer Security
Library) project. Information about the project can be found at
⟨http://www.gnutls.org/⟩. If you have a bug report for this
manual page, send it to email@example.com. This page was obtained
from the tarball gnutls-3.8.0.tar.xz fetched from
⟨http://www.gnutls.org/download.html⟩ on 2023-06-23. If you
discover any rendering problems in this HTML version of the page,
or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the
information in this COLOPHON (which is not part of the original
manual page), send a mail to firstname.lastname@example.org
gnutls 3.8.0 gnutls_x509_privkey_generate(3)