From 0ff44fc2417217d542bf0e9a7ecfd20020893bc7 Mon Sep 17 00:00:00 2001
From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 19 Dec 2009 20:10:38 +0100
Subject: [PATCH] Reinitialise block cipher IV each time we encrypt a packet
 when using libgcrypt.

---
 src/gcrypt/cipher.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/gcrypt/cipher.c b/src/gcrypt/cipher.c
index 390959cb..ad2a9505 100644
--- a/src/gcrypt/cipher.c
+++ b/src/gcrypt/cipher.c
@@ -207,6 +207,9 @@ bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou
 				pad[i] = padbyte;
 	}
 	
+	if(oneshot)
+		gcry_cipher_setiv(cipher->handle, cipher->key + cipher->keylen, cipher->blklen);
+
 	if((err = gcry_cipher_encrypt(cipher->handle, outdata, *outlen, indata, inlen))) {
 		logger(LOG_ERR, "Error while encrypting: %s", gcry_strerror(err));
 		return false;
@@ -228,6 +231,9 @@ bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *ou
 bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) {
 	gcry_error_t err;
 
+	if(oneshot)
+		gcry_cipher_setiv(cipher->handle, cipher->key + cipher->keylen, cipher->blklen);
+
 	if((err = gcry_cipher_decrypt(cipher->handle, outdata, *outlen, indata, inlen))) {
 		logger(LOG_ERR, "Error while decrypting: %s", gcry_strerror(err));
 		return false;
-- 
2.20.1