diff -r 9a406db6729b -r baa63fef5c5c libidav/crypto.c
--- a/libidav/crypto.c	Sun Oct 07 09:14:03 2018 +0200
+++ b/libidav/crypto.c	Thu Oct 11 19:29:45 2018 +0200
@@ -141,7 +141,7 @@
 }
 
 
-AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func) {
+AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
     unsigned char *iv = malloc(16);
     if(!RAND_bytes(iv, 16)) {
         free(iv);
@@ -152,6 +152,7 @@
     SHA256_Init(&enc->sha256);
     enc->stream = stream;
     enc->read = read_func;
+    enc->seek = seek_func;
     enc->tmp = NULL;
     enc->tmplen = 0;
     enc->tmpoff = 0;
@@ -203,7 +204,7 @@
     if(in_len != 0) {
         outlen = len + 32;
         out = malloc(outlen + ivl);
-        if(enc->iv) {
+        if(ivl > 0) {
             memcpy(out, enc->iv, ivl);
         }
         EVP_EncryptUpdate(enc->ctx, out + ivl, &outlen, in, in_len);
@@ -222,9 +223,7 @@
     enc->tmplen = outlen + ivl;
     enc->tmpoff = 0;
     
-    if(enc->iv) {
-        free(enc->iv);
-        enc->iv = NULL;
+    if(enc->ivlen > 0) {
         enc->ivlen = 0;
     }
     
@@ -245,6 +244,18 @@
     free(enc);
 }
 
+int aes_encrypter_reset(AESEncrypter  *enc, curl_off_t offset, int origin) {
+    if(origin != SEEK_SET || offset != 0 || !enc->seek) {
+        return CURL_SEEKFUNC_CANTSEEK;
+    }
+    
+    enc->ivlen = 16;
+    if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
+        return CURL_SEEKFUNC_FAIL;
+    }
+    return CURL_SEEKFUNC_OK;
+}
+
 
 char* aes_encrypt(char *in, size_t len, DavKey *key) {
     unsigned char iv[16];
@@ -529,7 +540,7 @@
     
 }
 
-AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func) {
+AESEncrypter* aes_encrypter_new(DavKey *key, void *stream, dav_read_func read_func, dav_seek_func seek_func) {
     unsigned char *iv = malloc(16);
     if(dav_rand_bytes(iv, 16)) {
         return NULL;
@@ -551,6 +562,7 @@
     CC_SHA256_Init(&enc->sha256);
     enc->stream = stream;
     enc->read = read_func;
+    enc->seek = seek_func;
     enc->tmp = NULL;
     enc->tmplen = 0;
     enc->tmpoff = 0;
@@ -592,7 +604,7 @@
     if(in_len != 0) {
         outlen = len + 32;
         out = malloc(outlen + ivl);
-        if(enc->iv) {
+        if(ivl > 0) {
             memcpy(out, enc->iv, ivl);
         }
         
@@ -616,9 +628,7 @@
     enc->tmplen = outlen + ivl;
     enc->tmpoff = 0;
     
-    if(enc->iv) {
-        free(enc->iv);
-        enc->iv = NULL;
+    if(enc->ivlen > 0) {
         enc->ivlen = 0;
     }
     
@@ -627,6 +637,18 @@
     return aes_read(buf, s, n, enc);
 }
 
+int aes_encrypter_reset(AESEncrypter  *enc, curl_off_t offset, int origin) {
+    if(origin != SEEK_SET || offset != 0 || !enc->seek) {
+        return CURL_SEEKFUNC_CANTSEEK;
+    }
+    
+    enc->ivlen = 16;
+    if(enc->seek(enc->stream, 0, SEEK_SET) != 0) {
+        return CURL_SEEKFUNC_FAIL;
+    }
+    return CURL_SEEKFUNC_OK;
+}
+
 void aes_encrypter_close(AESEncrypter *enc) {
     if(enc->tmp) {
         free(enc->tmp);
@@ -768,7 +790,8 @@
     AESEncrypter *enc = aes_encrypter_new(
             key,
             in,
-            (dav_read_func)ucx_buffer_read);
+            (dav_read_func)ucx_buffer_read,
+            NULL);
     if(!enc) {
         ucx_buffer_free(encbuf);
         return NULL;