diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 7b9b6e91b..d3096ab66 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -2055,7 +2055,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
         SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X  );
         SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX );
 
-        ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len;
+        ssl->handshake->pmslen = POLARSSL_PREMASTER_SIZE;
 
         if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
                                       ssl->handshake->premaster,
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 7a5f462b3..a8e4f41bc 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -2743,7 +2743,7 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
             return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
         }
 
-        ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len;
+        ssl->handshake->pmslen = POLARSSL_PREMASTER_SIZE;
 
         if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
                                       ssl->handshake->premaster,
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3de7f7c93..a1428dccf 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -908,10 +908,7 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex )
     if( key_ex == POLARSSL_KEY_EXCHANGE_DHE_PSK )
     {
         int ret;
-        size_t len = ssl->handshake->dhm_ctx.len;
-
-        if( end - p < 2 + (int) len )
-            return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
+        size_t len = end - ( p + 2 );
 
         /* Write length only when we know the actual value */
         if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,