gnutls_x509_privkey_sign_data — API function


#include <gnutls/compat.h>
int gnutls_x509_privkey_sign_data( gnutls_x509_privkey_t key,
  gnutls_digest_algorithm_t digest,
  unsigned int flags,
  const gnutls_datum_t * data,
  void * signature,
  size_t * signature_size);


gnutls_x509_privkey_t key

Holds the key

gnutls_digest_algorithm_t digest

should be MD5 or SHA1

unsigned int flags

should be 0 for now

const gnutls_datum_t * data

holds the data to be signed

void * signature

will contain the signature

size_t * signature_size

holds the size of signature (and will be replaced by the new size)


This function will sign the given data using a signature algorithm supported by the private key. Signature algorithms are always used together with a hash functions. Different hash functions may be used for the RSA algorithm, but only SHA−1 for the DSA keys.

If the buffer provided is not long enough to hold the output, then * signature_size is updated and GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.

Use gnutls_x509_crt_get_preferred_hash_algorithm() to determine the hash algorithm.


On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.


Use gnutls_privkey_sign_data().


Report bugs to <>.

General guidelines for reporting bugs:

GnuTLS home page:


The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command

info gnutls

should give you access to the complete manual. As an alternative you may obtain the manual from:


Copyright © 2001-2013 Free Software Foundation, Inc..

Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.