gnutls_x509_privkey_import_pkcs8(3) gnutls gnutls_x509_privkey_import_pkcs8(3)

gnutls_x509_privkey_import_pkcs8 - API function

#include <gnutls/x509.h>

int gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key, const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format, const char * password, unsigned int flags);

The data to store the parsed key
The DER or PEM encoded key.
One of DER or PEM
the password to decrypt the key (if it is encrypted).
0 if encrypted or GNUTLS_PKCS_PLAIN if not encrypted.

This function will convert the given DER or PEM encoded PKCS8 2.0 encrypted key to the native gnutls_x509_privkey_t format. The output will be stored in key . Both RSA and DSA keys can be imported, and flags can only be used to indicate an unencrypted key.

The password can be either ASCII or UTF-8 in the default PBES2 encryption schemas, or ASCII for the PKCS12 schemas.

If the Certificate is PEM encoded it should have a header of "ENCRYPTED PRIVATE KEY", or "PRIVATE KEY". You only need to specify the flags if the key is DER encoded, since in that case the encryption status cannot be auto-detected.

If the GNUTLS_PKCS_PLAIN flag is specified and the supplied data are encrypted then GNUTLS_E_DECRYPTION_FAILED is returned.

On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

Copyright © 2001-2023 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

3.8.8 gnutls