From 47a66f19bd5bc9fb32d34eb1bcb80da297f0d6c0 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sun, 18 Mar 2018 10:12:14 -0400
Subject: Allow DSA q=224 (#4147)

* load Q=224 vectors

* DSA parameters should support 224 for q length

* oxford comma
---
 src/cryptography/hazmat/primitives/asymmetric/dsa.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/asymmetric/dsa.py b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
index f2f600dd..e380a441 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/dsa.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
@@ -130,8 +130,8 @@ def generate_private_key(key_size, backend):
 def _check_dsa_parameters(parameters):
     if parameters.p.bit_length() not in [1024, 2048, 3072]:
         raise ValueError("p must be exactly 1024, 2048, or 3072 bits long")
-    if parameters.q.bit_length() not in [160, 256]:
-        raise ValueError("q must be exactly 160 or 256 bits long")
+    if parameters.q.bit_length() not in [160, 224, 256]:
+        raise ValueError("q must be exactly 160, 224, or 256 bits long")
 
     if not (1 < parameters.g < parameters.p):
         raise ValueError("g, p don't satisfy 1 < g < p.")
-- 
cgit v1.2.3