



@deftypefun {int} {gnutls_x509_privkey_generate2} (gnutls_x509_privkey_t @var{key}, gnutls_pk_algorithm_t @var{algo}, unsigned int @var{bits}, unsigned int @var{flags}, const gnutls_keygen_data_st * @var{data}, unsigned @var{data_size})
@var{key}: a key

@var{algo}: is one of the algorithms in @code{gnutls_pk_algorithm_t} .

@var{bits}: the size of the modulus

@var{flags}: Must be zero or flags from @code{gnutls_privkey_flags_t} .

@var{data}: Allow specifying @code{gnutls_keygen_data_st}  types such as the seed to be used.

@var{data_size}: The number of  @code{data} available.

This function will generate a random private key. Note that this
function must be called on an empty private key. The flag @code{GNUTLS_PRIVKEY_FLAG_PROVABLE} 
instructs the key generation process to use algorithms which generate
provable parameters out of a seed.

Note that when generating an elliptic curve key, the curve
can be substituted in the place of the bits parameter using the
@code{GNUTLS_CURVE_TO_BITS()}  macro.

For DSA keys, if the subgroup size needs to be specified check
the @code{GNUTLS_SUBGROUP_TO_BITS()}  macro.

When generating RSA-PSS keys which should require specific parameters, you should
use  @code{data} of type @code{GNUTLS_KEYGEN_SPKI}  to specify the SubjectPublicKeyInfo parameters.

Do not set the number of bits directly, use @code{gnutls_sec_param_to_pk_bits()} .

@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS}  (0) is returned, otherwise a
negative error value.
@end deftypefun
