1 files changed, 13 insertions, 27 deletions

diff --git a/src/certtool.c b/src/certtool.c
index 4ac8a1a983..d59d0e5e6d 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -157,28 +157,18 @@ generate_private_key_int(common_info_st * cinfo)
 
 	if (cinfo->seed_size > 0) {
 		gnutls_keygen_data_st data;
-		gnutls_datum_t hexseed, seed;
-
-		hexseed.data = (void*)cinfo->seed;
-		hexseed.size = cinfo->seed_size;
-
-		ret = gnutls_hex_decode2(&hexseed, &seed);
-		if (ret < 0) {
-			fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret));
-			exit(1);
-		}
 
 		data.type = GNUTLS_KEYGEN_SEED;
-		data.data = seed.data;
-		data.size = seed.size;
+		data.data = (void*)cinfo->seed;
+		data.size = cinfo->seed_size;
 
 		if (key_type == GNUTLS_PK_RSA) {
-			if ((bits == 3072 && seed.size != 32) || (bits == 2048 && seed.size != 28)) {
-				fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)seed.size);
+			if ((bits == 3072 && cinfo->seed_size != 32) || (bits == 2048 && cinfo->seed_size != 28)) {
+				fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size);
 			}
 		} else if (key_type == GNUTLS_PK_DSA) {
-			if (seed.size != 65) {
-				fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)seed.size);
+			if (cinfo->seed_size != 65) {
+				fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size);
 			}
 		}
 
@@ -223,15 +213,8 @@ static void verify_provable_privkey(common_info_st * cinfo)
 
 	pkey = load_private_key(1, cinfo);
 
-	if (HAVE_OPT(SEED)) {
-		char seed[256];
-		size_t seed_size = sizeof(seed);
-		ret = gnutls_hex2bin(OPT_ARG(SEED), strlen(OPT_ARG(SEED)), seed, &seed_size);
-		if (ret < 0) {
-			fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret));
-			exit(1);
-		}
-		ret = gnutls_privkey_verify_seed(pkey, 0, seed, seed_size);
+	if (cinfo->seed_size > 0) {
+		ret = gnutls_privkey_verify_seed(pkey, 0, cinfo->seed, cinfo->seed_size);
 	} else {
 		ret = gnutls_privkey_verify_seed(pkey, 0, NULL, 0);
 	}
@@ -1171,8 +1154,11 @@ static void cmd_parser(int argc, char **argv)
 		cinfo.verbose = 1;
 
 	if (HAVE_OPT(SEED)) {
-		cinfo.seed = OPT_ARG(SEED);
-		cinfo.seed_size = strlen(OPT_ARG(SEED));
+		gnutls_datum_t seed;
+		decode_seed(&seed, OPT_ARG(SEED), strlen(OPT_ARG(SEED)));
+
+		cinfo.seed = seed.data;
+		cinfo.seed_size = seed.size;
 	}
 
 	cinfo.batch = batch;