2 files changed, 26 insertions, 0 deletions

diff --git a/lib/openssl/pkey.rb b/lib/openssl/pkey.rb
index 89563b65..df126fd9 100644
--- a/lib/openssl/pkey.rb
+++ b/lib/openssl/pkey.rb
@@ -11,12 +11,24 @@ AV/ZD2AWPbrTqV76mGRgJg4EddgT1zG0jq3rnFdMj2XzkBYx3BVvfR0Arnby0RHR
 T4h7KZ/2zmjvV+eF8kBUHBJAojUlzxKj4QeO2x20FP9X5xmNUXeDAgEC
 -----END DH PARAMETERS-----
       _end_of_pem_
+
+      DEFAULT_2048 = new <<-_end_of_pem_
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY
+JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab
+VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6
+YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
+1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD
+7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg==
+-----END DH PARAMETERS-----
+      _end_of_pem_
     end
 
     DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen|
       warn "using default DH parameters." if $VERBOSE
       case keylen
       when 1024 then OpenSSL::PKey::DH::DEFAULT_1024
+      when 2048 then OpenSSL::PKey::DH::DEFAULT_2048
       else
         nil
       end
diff --git a/test/test_pkey_dh.rb b/test/test_pkey_dh.rb
index 95e0e014..74060f62 100644
--- a/test/test_pkey_dh.rb
+++ b/test/test_pkey_dh.rb
@@ -17,6 +17,20 @@ T4h7KZ/2zmjvV+eF8kBUHBJAojUlzxKj4QeO2x20FP9X5xmNUXeDAgEC
     assert_equal params, OpenSSL::PKey::DH::DEFAULT_1024.to_s
   end
 
+  def test_DEFAULT_2048
+    params = <<-eop
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY
+JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab
+VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6
+YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
+1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD
+7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg==
+-----END DH PARAMETERS-----
+    eop
+    assert_equal params, OpenSSL::PKey::DH::DEFAULT_2048.to_s
+  end
+
   def test_new
     dh = OpenSSL::PKey::DH.new(NEW_KEYLEN)
     assert_key(dh)