Change TLS server default DH parameters to 2048-bit group from RFC 3526

author: Peter Dettman <peter.dettman@bouncycastle.org> 2017-03-22 22:13:26 +1030
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2017-03-22 22:13:26 +1030
commit: 7af3b108ac0e198acb9ce2df5670b8a7f7d1f652 (patch)
tree: 0464e5f0bdf18795a344932770fd6f6f41fd320b
parent: Added support for empty sequences (diff)
download: BouncyCastle.NET-ed25519-7af3b108ac0e198acb9ce2df5670b8a7f7d1f652.tar.xz
2 files changed, 2 insertions, 2 deletions
diff --git a/crypto/src/crypto/tls/DefaultTlsServer.cs b/crypto/src/crypto/tls/DefaultTlsServer.cs
index 44ceb30e3..87d0539b3 100644
--- a/crypto/src/crypto/tls/DefaultTlsServer.cs
+++ b/crypto/src/crypto/tls/DefaultTlsServer.cs
@@ -42,7 +42,7 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         protected virtual DHParameters GetDHParameters()
         {
-            return DHStandardGroups.rfc5114_2048_256;
+            return DHStandardGroups.rfc3526_2048;
         }
 
         protected override int[] GetCipherSuites()
diff --git a/crypto/src/crypto/tls/PskTlsServer.cs b/crypto/src/crypto/tls/PskTlsServer.cs
index 85f3055fb..d6f54db1f 100644
--- a/crypto/src/crypto/tls/PskTlsServer.cs
+++ b/crypto/src/crypto/tls/PskTlsServer.cs
@@ -28,7 +28,7 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         protected virtual DHParameters GetDHParameters()
         {
-            return DHStandardGroups.rfc5114_2048_256;
+            return DHStandardGroups.rfc3526_2048;
         }
 
         protected override int[] GetCipherSuites()
author	Peter Dettman <peter.dettman@bouncycastle.org>	2017-03-22 22:13:26 +1030
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2017-03-22 22:13:26 +1030
commit	7af3b108ac0e198acb9ce2df5670b8a7f7d1f652 (patch)
tree	0464e5f0bdf18795a344932770fd6f6f41fd320b
parent	Added support for empty sequences (diff)
download	BouncyCastle.NET-ed25519-7af3b108ac0e198acb9ce2df5670b8a7f7d1f652.tar.xz