From c9f462869306182272e8e4c02da53d6370391ab1 Mon Sep 17 00:00:00 2001
From: Steffen Jaeckel <s@jaeckel.eu>
Date: Fri, 9 Jun 2017 13:38:21 +0200
Subject: [PATCH] don't call `rng_make_prng()` from `dh_make_key()`

While testing with multiple threads I had spurious errors where some tests
can't read from the PRNG.
If I tracked it down correctly that's caused by `dh_make_key()`
calling `rng_make_prng()` which re-initializes the selected PRNG.

I like the idea of "refreshing" the PRNG with entropy from a hopefully
secure RNG before generating a new key, but I don't think it's the duty
of a key-generation function to ensure that, but merely the application
that implements key-generation.
---
 src/pk/dh/dh.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/pk/dh/dh.c b/src/pk/dh/dh.c
index e1f824e..73754c1 100644
--- a/src/pk/dh/dh.c
+++ b/src/pk/dh/dh.c
@@ -188,11 +188,6 @@ int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
    }
 
    /* make up random string */
-   if ( rng_make_prng( keysize, wprng, prng, NULL) != CRYPT_OK) {
-      err = CRYPT_ERROR_READPRNG;
-      goto error2;
-   }
-
    if (prng_descriptor[wprng].read(buf, keysize, prng) != (unsigned long)keysize) {
       err = CRYPT_ERROR_READPRNG;
       goto error2;