diff options
Diffstat (limited to 'src/certtool.c')
-rw-r--r-- | src/certtool.c | 40 |
1 files changed, 13 insertions, 27 deletions
diff --git a/src/certtool.c b/src/certtool.c index 4ac8a1a983..d59d0e5e6d 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -157,28 +157,18 @@ generate_private_key_int(common_info_st * cinfo) if (cinfo->seed_size > 0) { gnutls_keygen_data_st data; - gnutls_datum_t hexseed, seed; - - hexseed.data = (void*)cinfo->seed; - hexseed.size = cinfo->seed_size; - - ret = gnutls_hex_decode2(&hexseed, &seed); - if (ret < 0) { - fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret)); - exit(1); - } data.type = GNUTLS_KEYGEN_SEED; - data.data = seed.data; - data.size = seed.size; + data.data = (void*)cinfo->seed; + data.size = cinfo->seed_size; if (key_type == GNUTLS_PK_RSA) { - if ((bits == 3072 && seed.size != 32) || (bits == 2048 && seed.size != 28)) { - fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)seed.size); + if ((bits == 3072 && cinfo->seed_size != 32) || (bits == 2048 && cinfo->seed_size != 28)) { + fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size); } } else if (key_type == GNUTLS_PK_DSA) { - if (seed.size != 65) { - fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)seed.size); + if (cinfo->seed_size != 65) { + fprintf(stderr, "The seed size (%d) doesn't match the size of the request security level; use -d 2 for more information.\n", (int)cinfo->seed_size); } } @@ -223,15 +213,8 @@ static void verify_provable_privkey(common_info_st * cinfo) pkey = load_private_key(1, cinfo); - if (HAVE_OPT(SEED)) { - char seed[256]; - size_t seed_size = sizeof(seed); - ret = gnutls_hex2bin(OPT_ARG(SEED), strlen(OPT_ARG(SEED)), seed, &seed_size); - if (ret < 0) { - fprintf(stderr, "Could not hex decode data: %s\n", gnutls_strerror(ret)); - exit(1); - } - ret = gnutls_privkey_verify_seed(pkey, 0, seed, seed_size); + if (cinfo->seed_size > 0) { + ret = gnutls_privkey_verify_seed(pkey, 0, cinfo->seed, cinfo->seed_size); } else { ret = gnutls_privkey_verify_seed(pkey, 0, NULL, 0); } @@ -1171,8 +1154,11 @@ static void cmd_parser(int argc, char **argv) cinfo.verbose = 1; if (HAVE_OPT(SEED)) { - cinfo.seed = OPT_ARG(SEED); - cinfo.seed_size = strlen(OPT_ARG(SEED)); + gnutls_datum_t seed; + decode_seed(&seed, OPT_ARG(SEED), strlen(OPT_ARG(SEED))); + + cinfo.seed = seed.data; + cinfo.seed_size = seed.size; } cinfo.batch = batch; |