One problem that I noticed while rewriting this is that you don't validate the length of the key and IV, both of which must be ls-DES::BlockSize. I've fixed this (trivially) in my version.
Using the key as the IV is a Bad Idea, in terms of security; but I have no idea what your application or threat model is, so I don't know whether that's relevant. (Using DES is itself a Bad Idea for many applications.)