Allow DSA q=224 (#4147)

* load Q=224 vectors * DSA parameters should support 224 for q length * oxford comma
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2018-03-18 10:12:14 -0400
committer: Alex Gaynor <alex.gaynor@gmail.com> 2018-03-18 10:12:14 -0400
commit: 47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0 (patch)
tree: 8fbf291fc927dafe9ed0cf3fb20fecf192274a2a /src
parent: 17c8f126c7c7d5ce886112a6e924277a7b203f25 (diff)
download: cryptography-47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0.tar.gz
cryptography-47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0.tar.bz2
cryptography-47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/cryptography/hazmat/primitives/asymmetric/dsa.py b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
index f2f600dd..e380a441 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/dsa.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
@@ -130,8 +130,8 @@ def generate_private_key(key_size, backend):
 def _check_dsa_parameters(parameters):
     if parameters.p.bit_length() not in [1024, 2048, 3072]:
         raise ValueError("p must be exactly 1024, 2048, or 3072 bits long")
-    if parameters.q.bit_length() not in [160, 256]:
-        raise ValueError("q must be exactly 160 or 256 bits long")
+    if parameters.q.bit_length() not in [160, 224, 256]:
+        raise ValueError("q must be exactly 160, 224, or 256 bits long")
 
     if not (1 < parameters.g < parameters.p):
         raise ValueError("g, p don't satisfy 1 < g < p.")
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2018-03-18 10:12:14 -0400
committer	Alex Gaynor <alex.gaynor@gmail.com>	2018-03-18 10:12:14 -0400
commit	47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0 (patch)
tree	8fbf291fc927dafe9ed0cf3fb20fecf192274a2a /src
parent	17c8f126c7c7d5ce886112a6e924277a7b203f25 (diff)
download	cryptography-47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0.tar.gz cryptography-47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0.tar.bz2 cryptography-47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0.zip