gnutls_x509_privkey_import2 — API function


#include <gnutls/x509.h>

int gnutls_x509_privkey_import2(gnutls_x509_privkey_t key, const gnutls_datum_t * data, gnutls_x509_crt_fmt_t format, const char * password, unsigned int flags);


gnutls_x509_privkey_t key

The data to store the parsed key

const gnutls_datum_t * data

The DER or PEM encoded key.

gnutls_x509_crt_fmt_t format

One of DER or PEM

const char * password

A password (optional)

unsigned int flags

an ORed sequence of gnutls_pkcs_encrypt_flags_t


This function will import the given DER or PEM encoded key, to  the native gnutls_x509_privkey_t format, irrespective of the input format. The input format is auto-detected.

The supported formats are basic unencrypted key, PKCS8, PKCS12, and the openssl format.

If the provided key is encrypted but no password was given, then GNUTLS_E_DECRYPTION_FAILED is returned. Since GnuTLS 3.4.0 this function will utilize the PIN callbacks if any.


On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.

Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.6.9 gnutls