-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The OpenSSL CAST CFB code is not handling the initialization
vector the way you want for partial-block lengths. They
don't do a CFB "shift" for the partial block, but you want one.
After 10 bytes have been en/de-crypted, bytes 2-9 of the
ciphertext should appear in the "feedback register"
(called the "initialization vector" here), in that order.
That is, "ivec[0]" should contain "ciphertext[2]".
Unfortunately, it looks like their CFB code does not
"shift" the feedback register. It leaves "ciphertext[2]"
in "ivec[2]", and so forth, so that ciphertext[9] ends
up in "ivec[1]".
This is not necessarily wrong, it's just not what you
want. They may want to be able to feed material piecemeal
without shifting. For OpenPGP, you need the shift.
So, you need to shift "ivec" around 2 bytes. Alternatively,
you could implement your own CFB support based on the
underlying CAST_encrypt function.
Good luck.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.3
iQA/AwUBPd0gflMkvpTT8vCGEQIcxACgtf3jYK2pAzs/YG/44IU5ndBBI8QAoO75
A0hGFJfH11+EvKHIP8WYQND5
=z8FS
-----END PGP SIGNATURE-----