From b2c39883bf5712bb9f17667cc9ca2e21bf192219 Mon Sep 17 00:00:00 2001
From: Cameron Gutman <aicommander@gmail.com>
Date: Sat, 17 Jul 2021 22:29:30 -0500
Subject: [PATCH] Fix incorrect IV for encrypted control stream packets on
 big-endian machines

---
 src/ControlStream.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/ControlStream.c b/src/ControlStream.c
index d34f74e..acd5c20 100644
--- a/src/ControlStream.c
+++ b/src/ControlStream.c
@@ -410,6 +410,10 @@ static bool encryptControlMessage(PNVCTL_ENCRYPTED_PACKET_HEADER encPacket, PNVC
     unsigned char iv[16] = { 0 };
     int encryptedSize = sizeof(*packet) + packet->payloadLength;
 
+    // This is a truncating cast, but it's what Nvidia does, so we have to mimic it.
+    // NB: Setting the IV must happen while encPacket->seq is still in native byte-order!
+    iv[0] = (unsigned char)encPacket->seq;
+
     encPacket->encryptedHeaderType = LE16(encPacket->encryptedHeaderType);
     encPacket->length = LE16(encPacket->length);
     encPacket->seq = LE32(encPacket->seq);
@@ -417,9 +421,6 @@ static bool encryptControlMessage(PNVCTL_ENCRYPTED_PACKET_HEADER encPacket, PNVC
     packet->type = LE16(packet->type);
     packet->payloadLength = LE16(packet->payloadLength);
 
-    // This is a truncating cast, but it's what Nvidia does, so we have to mimic it.
-    iv[0] = (unsigned char)encPacket->seq;
-
     return PltEncryptMessage(encryptionCtx, ALGORITHM_AES_GCM, 0,
                              (unsigned char*)StreamConfig.remoteInputAesKey, sizeof(StreamConfig.remoteInputAesKey),
                              iv, sizeof(iv),