Fixed IV feed into initial HMAC during chan setup

Fix for local groestl module

xsnet/chan.go

@@ -31,7 +31,7 @@ import (
 	// on this...)
 	_ "crypto/sha256"
 	_ "crypto/sha512"
-	groestl "groestl/pkg/groestl"
+	groestl "blitter.com/go/groestl"
 )
 
 // Expand keymat, if necessary, to a minimum of 2x(blocksize).
@@ -106,9 +106,11 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er
 		log.Printf("[cipher BLOWFISH_64 (%d)]\n", copts)
 	case CAlgCryptMT1:
 		rc = cryptmt.New(nil, nil, keymat)
+		//NOTE: this alg is not based on block cipher, no IV
 		log.Printf("[cipher CRYPTMT1 (%d)]\n", copts)
 	case CAlgHopscotch:
 		rc = hopscotch.New(nil, nil, 4, keymat)
+		//NOTE: this alg is not based on block cipher, no IV
 		log.Printf("[cipher HOPSCOTCH (%d)]\n", copts)
 	case CAlgChaCha20_12:
 		keymat = expandKeyMat(keymat, chacha.KeySize)
@@ -156,7 +158,7 @@ func (hc *Conn) getStream(keymat []byte) (rc cipher.Stream, mc hash.Hash, err er
 		//os.Exit(1)
 	}
 
-	if err != nil {
+	if err == nil && ivlen > 0 {
 		// Feed the IV into the hmac: all traffic in the connection must
 		// feed its data into the hmac afterwards, so both ends can xor
 		// that with the stream to detect corruption.