Provided by: gnutls-doc_3.6.9-5ubuntu1_all bug


       gnutls_x509_crl_privkey_sign - API function


       #include <gnutls/abstract.h>

       int    gnutls_x509_crl_privkey_sign(gnutls_x509_crl_t   crl,   gnutls_x509_crt_t   issuer,
       gnutls_privkey_t issuer_key, gnutls_digest_algorithm_t dig, unsigned int flags);


       gnutls_x509_crl_t crl
                   should contain a gnutls_x509_crl_t type

       gnutls_x509_crt_t issuer
                   is the certificate of the certificate issuer

       gnutls_privkey_t issuer_key
                   holds the issuer's private key

       gnutls_digest_algorithm_t dig
                   The message digest to use. GNUTLS_DIG_SHA256 is the  safe  choice  unless  you
                   know what you're doing.

       unsigned int flags
                   must be 0


       This  function will sign the CRL with the issuer's private key, and will copy the issuer's
       information into the CRL.

       This must be the last step in a certificate CRL since all the  previously  set  parameters
       are now signed.

       A  known  limitation  of  this  function  is,  that  a  newly-signed CRL will not be fully
       functional (e.g., for signature verification), until it is exported an re-imported.

       After GnuTLS 3.6.1 the value of  dig may  be  GNUTLS_DIG_UNKNOWN,  and  in  that  case,  a
       suitable but reasonable for the key algorithm will be selected.


       On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

       Since 2.12.0


       Report bugs to <>.
       Home page:


       Copyright © 2001-2019 Free Software Foundation, Inc., and others.
       Copying  and distribution of this file, with or without modification, are permitted in any
       medium without royalty provided the copyright notice and this notice are preserved.


       The  full  documentation  for  gnutls  is  maintained  as  a  Texinfo  manual.    If   the
       /usr/share/doc/gnutls/ directory does not contain the HTML form visit