From 12cc211bf701795f6529c190ef2e4b83d3665492 Mon Sep 17 00:00:00 2001
From: rep <mark@etcho.de>
Date: Fri, 21 Sep 2012 12:59:09 +0200
Subject: [PATCH] IV mandatory on CFB

---
 py/pwrcall/util.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/py/pwrcall/util.py b/py/pwrcall/util.py
index ff2509a..0df56e5 100644
--- a/py/pwrcall/util.py
+++ b/py/pwrcall/util.py
@@ -57,12 +57,12 @@ def rand32():
 	return struct.unpack('I', os.urandom(4))[0]
 
 def gen_forwarder(secret, obj, nonce, options={}):
-	a = AES.new(secret, AES.MODE_CFB)
+	a = AES.new(secret, AES.MODE_CFB, IV=secret)
 	return a.encrypt( msgpack.packb((nonce, id(obj), options)) )
 
 # returns (fp, obj, nonce)
 def cap_from_forwarder(secret, fwd):
-	a = AES.new(secret, AES.MODE_CFB)
+	a = AES.new(secret, AES.MODE_CFB, IV=secret)
 	return msgpack.unpackb( a.decrypt(fwd) )
 
 def parse_url(url):