Fix a bug in CAST-128 affecting 11, 13, 14, or 15 byte keys

With keys not a multiple of 4 bytes, the zero bytes ended up in the wrong place. In the unlikely event anyone was affected by this they could just use the equivalent 16 byte key. Closes #2081
author: Jack Lloyd <[email protected]> 2019-08-26 11:24:04 -0400
committer: Jack Lloyd <[email protected]> 2019-08-26 11:24:04 -0400
commit: 14ba8584069e927210bc5a1707f865746f6f93c6 (patch)
tree: c191d8e8c97c45f1a3506e11e0552b8eb6bccd99 /news.rst
parent: 8a77591b2dccef8e5849fcefd214f3ae2f48ba6a (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/news.rst b/news.rst
index 2c5f4ec9f..c964f809a 100644
--- a/news.rst
+++ b/news.rst
@@ -10,6 +10,9 @@ Version 2.12.0, Not Yet Released
 
 * Support Argon2 outputs longer than 64 bytes (GH #2079 #2078)
 
+* Correct a bug in CAST-128 which caused incorrect computation using
+  11, 13, 14, or 15 byte keys. (GH #2081)
+
 * In DTLS server, support a client crashing and then reconnecting from
   the same source port, as described in RFC 6347 sec 4.2.8 (GH #2029)
author	Jack Lloyd <[email protected]>	2019-08-26 11:24:04 -0400
committer	Jack Lloyd <[email protected]>	2019-08-26 11:24:04 -0400
commit	14ba8584069e927210bc5a1707f865746f6f93c6 (patch)
tree	c191d8e8c97c45f1a3506e11e0552b8eb6bccd99 /news.rst
parent	8a77591b2dccef8e5849fcefd214f3ae2f48ba6a (diff)