Module CAST
CAST-128 symmetric cipher
CAST-128 (or CAST5) is a symmetric block cipher specified in RFC2144.
It has a fixed data block size of 8 bytes. Its key can vary in length
from 40 to 128 bits.
CAST is deemed to be cryptographically secure, but its usage is not widespread.
Keys of sufficient length should be used to prevent brute force attacks
(128 bits are recommended).
As an example, encryption can be done as follows:
>>> from Crypto.Cipher import CAST
>>> from Crypto import Random
>>>
>>> key = b'Sixteen byte key'
>>> iv = Random.new().read(CAST.block_size)
>>> cipher = CAST.new(key, CAST.MODE_OPENPGP, iv)
>>> plaintext = b'sona si latine loqueris '
>>> msg = cipher.encrypt(plaintext)
>>>
...
>>> eiv = msg[:CAST.block_size+2]
>>> ciphertext = msg[CAST.block_size+2:]
>>> cipher = CAST.new(key, CAST.MODE_OPENPGP, eiv)
>>> print cipher.decrypt(ciphertext)
|
new(key,
*args,
**kwargs)
Create a new CAST-128 cipher |
|
|
|
MODE_ECB = 1
Electronic Code Book (ECB).
|
|
MODE_CBC = 2
Cipher-Block Chaining (CBC).
|
|
MODE_CFB = 3
Cipher FeedBack (CFB).
|
|
MODE_PGP = 4
This mode should not be used.
|
|
MODE_OFB = 5
Output FeedBack (OFB).
|
|
MODE_CTR = 6
CounTer Mode (CTR).
|
|
MODE_OPENPGP = 7
OpenPGP Mode.
|
|
MODE_EAX = 9
EAX Mode.
|
|
block_size = 8
Size of a data block (in bytes)
|
|
key_size = xrange(5, 17)
Size of a key (in bytes)
|
new(key,
*args,
**kwargs)
|
|
Create a new CAST-128 cipher
- Parameters:
key (byte string) - The secret key to use in the symmetric cipher.
Its length may vary from 5 to 16 bytes.
mode (a MODE_* constant) - The chaining mode to use for encryption or decryption.
Default is MODE_ECB.
IV (byte string) - (Only MODE_CBC, MODE_CFB, MODE_OFB, MODE_OPENPGP).
The initialization vector to use for encryption or decryption.
It is ignored for MODE_ECB and MODE_CTR.
For MODE_OPENPGP, IV must be block_size bytes long for encryption
and block_size +2 bytes for decryption (in the latter case, it is
actually the encrypted IV which was prefixed to the ciphertext).
It is mandatory.
For all other modes, it must be 8 bytes long.
nonce (byte string) - (Only MODE_EAX).
A mandatory value that must never be reused for any other encryption.
There are no restrictions on its length, but it is recommended to
use at least 16 bytes.
counter (callable) - (Only MODE_CTR). A stateful function that returns the next
counter block, which is a byte string of block_size bytes.
For better performance, use Crypto.Util.Counter.
mac_len (integer) - (Only MODE_EAX). Length of the MAC, in bytes.
It must be no larger than 8 (which is the default).
segment_size (integer) - (Only MODE_CFB).The number of bits the plaintext and ciphertext
are segmented in.
It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
- Returns:
- an CAST128Cipher object
|