diff options
Diffstat (limited to 'lib/privkey.c')
-rw-r--r-- | lib/privkey.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/privkey.c b/lib/privkey.c index 90a6304796..0f63649ec2 100644 --- a/lib/privkey.c +++ b/lib/privkey.c @@ -782,9 +782,9 @@ gnutls_privkey_export_x509(gnutls_privkey_t pkey, /** * gnutls_privkey_generate: - * @pkey: The private key + * @pkey: An initialized private key * @algo: is one of the algorithms in #gnutls_pk_algorithm_t. - * @bits: the size of the modulus + * @bits: the size of the parameters to generate * @flags: Must be zero or flags from #gnutls_privkey_flags_t. * * This function will generate a random private key. Note that this @@ -794,9 +794,13 @@ gnutls_privkey_export_x509(gnutls_privkey_t pkey, * * Note that when generating an elliptic curve key, the curve * can be substituted in the place of the bits parameter using the - * GNUTLS_CURVE_TO_BITS() macro. + * GNUTLS_CURVE_TO_BITS() macro. The input to the macro is any curve from + * %gnutls_ecc_curve_t. * - * Do not set the number of bits directly, use gnutls_sec_param_to_pk_bits(). + * For DSA keys, if the subgroup size needs to be specified check + * the GNUTLS_SUBGROUP_TO_BITS() macro. + * + * It is recommended to do not set the number of @bits directly, use gnutls_sec_param_to_pk_bits() instead . * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. @@ -822,8 +826,8 @@ gnutls_privkey_generate(gnutls_privkey_t pkey, * * This function will generate a random private key. Note that this * function must be called on an empty private key. The flag %GNUTLS_PRIVKEY_FLAG_PROVABLE - * instructs the key generation process to use algorithms which generate - * provable parameters out of a seed. + * instructs the key generation process to use algorithms like Shawe-Taylor + * which generate provable parameters out of a seed. * * Note that when generating an elliptic curve key, the curve * can be substituted in the place of the bits parameter using the |