@deftypefun {int} {gnutls_x509_privkey_export2_pkcs8} (gnutls_x509_privkey_t @var{key}, gnutls_x509_crt_fmt_t @var{format}, const char * @var{password}, unsigned int @var{flags}, gnutls_datum_t * @var{out})
@var{key}: Holds the key
@var{format}: the format of output params. One of PEM or DER.
@var{password}: the password that will be used to encrypt the key.
@var{flags}: an ORed sequence of gnutls_pkcs_encrypt_flags_t
@var{out}: will contain a private key PEM or DER encoded
This function will export the private key to a PKCS8 structure.
Both RSA and DSA keys can be exported. For DSA keys we use
PKCS @code{11} definitions. If the flags do not specify the encryption
cipher, then the default 3DES (PBES2) will be used.
The @code{password} can be either ASCII or UTF-8 in the default PBES2
encryption schemas, or ASCII for the PKCS12 schemas.
The output buffer is allocated using @code{gnutls_malloc()} .
If the structure is PEM encoded, it will have a header
of "BEGIN ENCRYPTED PRIVATE KEY" or "BEGIN PRIVATE KEY" if
encryption is not used.
@strong{Returns:} In case of failure a negative error code will be
returned, and 0 on success.
Since 3.1.3
@end deftypefun