diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py
index 2cb9694ad..737f675cb 100755
--- a/server-ca/chocolate.py
+++ b/server-ca/chocolate.py
@@ -1,9 +1,7 @@
 #!/usr/bin/env python
 
-import web, redis, time
+import web, redis, time, binascii
 import CSR
-import hashlib
-import hmac
 import hashcash
 from CSR import M2Crypto
 from Crypto import Random
@@ -24,15 +22,9 @@ urls = (
      '.*', 'session'
 )
 
-def sha256(m):
-    return hashlib.sha256(m).hexdigest()
-
-def hmac(k, m):
-    return hmac.new(k, m, hashlib.sha256).hexdigest()
-
 def random():
     """Return 64 hex digits representing a new 32-byte random number."""
-    return sha256(Random.get_random_bytes(32))
+    return binascii.hexlify(Random.get_random_bytes(32))
 
 def safe(what, s):
     """Is string s within the allowed-character policy for this field?"""
@@ -337,8 +329,6 @@ class session(object):
 
     def POST(self):
         web.header("Content-type", "application/x-protobuf+chocolate")
-#        web.setcookie("chocolate", hmac("foo", "bar"),
-#                       secure=True) # , httponly=True)
         m = chocolatemessage()
         r = chocolatemessage()
         r.chocolateversion = 1
diff --git a/server-ca/daemon.py b/server-ca/daemon.py
index 31f7363e2..a5050d8c8 100644
--- a/server-ca/daemon.py
+++ b/server-ca/daemon.py
@@ -48,7 +48,7 @@
 # the server or the daemon (due to timeout or error) causes
 # a session to be treated as dead by both.
 
-import redis, redis_lock, time, CSR, sys, signal, hashlib
+import redis, redis_lock, time, CSR, sys, signal, binascii
 from sni_challenge.verify import verify_challenge
 from Crypto import Random
 
@@ -86,16 +86,13 @@ def ancient(session, state):
         return True
     return False
 
-def sha256(m):
-    return hashlib.sha256(m).hexdigest()
-
 def random():
     """Return 64 hex digits representing a new 32-byte random number."""
-    return sha256(Random.get_random_bytes(32))
+    return binascii.hexlify(Random.get_random_bytes(32))
 
 def random_raw():
     """Return 32 random bytes."""
-    return hashlib.sha256(Random.get_random_bytes(32)).digest()
+    return Random.get_random_bytes(32)
 
 def makechallenge(session):
     if r.hget(session, "live") != "True":