Adapt code setting default DHM parameters

commit: 00d0a6834ae81c5eea7989a56e8611225884f5c3 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Wed Oct 04 13:14:29 2017 +0100
committer: Hanno Becker <hanno.becker@arm.com> Wed Oct 04 13:17:49 2017 +0100
tree: 24e25e944509f203ea9a0f9c11e724a3e0734a9b
parent: b953921a4e1af098aabbf748a13f7f2f731280ca [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1ef50c2..f233e0a 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -7537,9 +7537,15 @@
 #if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
             if( endpoint == MBEDTLS_SSL_IS_SERVER )
             {
-                if( ( ret = mbedtls_ssl_conf_dh_param( conf,
-                               mbedtls_dhm_rfc7919_ffdhe2048_p,
-                               mbedtls_dhm_rfc7919_ffdhe2048_g ) ) != 0 )
+                const unsigned char dhm_p[] =
+                    MBEDTLS_DHM_RFC3526_MODP_2048_P_BIN;
+                const unsigned char dhm_g[] =
+                    MBEDTLS_DHM_RFC3526_MODP_2048_G_BIN;
+
+                if( ( ret = mbedtls_mpi_read_binary( &conf->dhm_P, dhm_p,
+                                                     sizeof( dhm_p ) ) ) != 0 ||
+                    ( ret = mbedtls_mpi_read_binary( &conf->dhm_G, dhm_g,
+                                                     sizeof( dhm_g ) ) ) != 0 )
                 {
                     return( ret );
                 }
commit	00d0a6834ae81c5eea7989a56e8611225884f5c3	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Wed Oct 04 13:14:29 2017 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Wed Oct 04 13:17:49 2017 +0100
tree	24e25e944509f203ea9a0f9c11e724a3e0734a9b
parent	b953921a4e1af098aabbf748a13f7f2f731280ca [diff] [blame]