void CAST_set_key(key, len, data)
CAST_KEY *key;
int len;
unsigned char *data;
void CAST_ecb_encrypt(in, out, key, enc)
unsigned char *in,*out;
CAST_KEY *key;
int enc;
void CAST_encrypt(data,key)
CAST_LONG *data;
CAST_KEY *key;
void CAST_decrypt(data,key)
CAST_LONG *data;
CAST_KEY *key;
void CAST_cbc_encrypt(in,out,length,ks,iv,enc)
unsigned char *in, *out, *iv;
long length;
CAST_KEY *ks;
int enc;
void CAST_cfb64_encrypt(in,out,length,schedule,ivec,num,enc)
unsigned char *in, *out, *ivec;
long length;
CAST_KEY *schedule;
int *num, enc;
void CAST_ofb64_encrypt(in,out,length,schedule,ivec,num)
unsigned char *in, *out, *ivec;
unsigned char *out;
long length;
CAST_KEY *schedule;
int *num;
typedef struct cast_key_st
{
CAST_LONG data[32];
} CAST_KEY;
This is an expanded form of the actual key.
Cast-128 is a symmetric block cipher that operates on 64 bit (8 byte) quantities. It uses a variable length key up to 16 bytes; the 16-byte value is considered standard and is used in this implementation. Cast-128 is one of a family of such algorithms; it is possible to implement versions of this algortithm with other maximum key sizes. Cast-128 can be used in all the modes that DES can be used. This library implements the ecb, cbc, cfb64, and ofb64 modes. For more information on these, see the DES encryption modes overview.
All functions that have input and output for arguments may be passed the same argument for both.
The value CAST_ENCRYPT is passed to specify encryption for the functions that require an encryption/decryption flag. CAST_DECRYPT is passed to specify decryption.
Note that triple-CAST has not been implemented, but if you really feel that you need the security that a 384-bit key provides, you can follow the template of des_ecb3_encrypt and replace the des_encrypt() calls to CAST_encrypt. The same goes for triple-CAST in the other modes.
CAST_set_key() converts a len-byte key as passed in data to a CAST_KEY. If len is greater than 16 it will silently be reset to 16 and only the first 16 bytes of data used.
To generate a password from a text string, you might use MD5 (or the first 16 bytes of SHA-1 output) to produce a 16 byte message digest that can then be passed directly to CAST_set_key().
For reading passwords, you can use des_read_pw_string().
CAST_encrypt() is the encryption function that gets called by just about every other CAST routine in the library. You should not use this function except to implement modes of CAST. If you do use it you need to do char-to-long conversion beforehand and the reverse after, to make sure 'non-aligned' memory accesses do not occur. See the c2l and l2c routines in CAST_locl.h, for example of such routines. See the des_encrypt() man page for use of these routines in implementing various encryption modes from the underlying function.
data is a pointer to 2 unsigned longs and key is the CAST_KEY to use. Encryption or decryption is indicated by encrypt, which can have the values CAST_ENCRYPT or CAST_DECRYPT.
CAST_ecb_encrypt() (Electronic Code Book) encrypts/decrypts in into out using the key given by key. Encryption or decryption is indicated by enc, which can have the values CAST_ENCRYPT or CAST_DECRYPT. in and out must be pointers to 8-byte arrays.
CAST_cbc_encrypt() (Cipher Block Chaining mode) encrypts/decrypts in into out using the key given by ks. Encryption or decryption is indicated by enc, which can have the values CAST_ENCRYPT or CAST_DECRYPT. in and out must be pointers to character arrays that are a multiple of 8 bytes in length, same length for both, given by the argument length. iv is the initialization vector. This function updates iv after each call so that it can be passed to the next call to CAST_cbc_encrypt().
CAST_cfb64_encrypt() (Cipher Feedback mode with 64-bit feedback) encrypts/decrypts in into out using the key given by schedule. Encryption or decryption is indicated by enc, which can have the values CAST_ENCRYPT or CAST_DECRYPT. in and out must be pointers to character arrays which can be of arbitrary length, given by the argument length. ivec is the initialization vector. This function updates ivec after each call so that it can be passed to the next call to CAST_cfb64_encrypt(). num is also updated to indicate how many bytes of the initialization vector we have used.
CAST_ofb64_encrypt() (Output Feedback Mode with 64-bit feedback) encrypts/decrypts in into out using the key given by schedule. in and out must be pointers to character arrays which can be of arbitrary length, given by the argument length. ivec is the initialization vector. This function updates ivec after each call so that it can be passed to the next call to CAST_cfb64_encrypt(). num is also updated to indicate how many bytes of the initialization vector we have used.
For more information about the specific CAST modes in this library (ecb, cbc, cfb and ofb), read the section entitled DES encryption modes overview. What is said about DES is directly applicable for CAST.