From 9f0a623f7cbd906d28e24f85d4fd69b971c95f59 Mon Sep 17 00:00:00 2001
From: Simon Maddocks <git@51m0n.com>
Date: Wed, 2 Feb 2022 02:01:56 +0000
Subject: [PATCH] Fix authenticated data endian issue

---
 Romulus-M/encrypt_wrapper.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/Romulus-M/encrypt_wrapper.c b/Romulus-M/encrypt_wrapper.c
index faaac86..275b40b 100644
--- a/Romulus-M/encrypt_wrapper.c
+++ b/Romulus-M/encrypt_wrapper.c
@@ -43,6 +43,7 @@ int encrypt(packet *packet, unsigned char *outBuf, UINT16 *len, unsigned char *k
     unsigned char *m = packet->Data;
 
     // additional text
+    packet->DataType = __bswap_16(packet->DataType);
     int adlen = sizeof(packet->DataType);
     unsigned char *ad = (unsigned char *)&packet->DataType;
 
@@ -61,8 +62,6 @@ int encrypt(packet *packet, unsigned char *outBuf, UINT16 *len, unsigned char *k
     }
 
     // type 0 1
-    // Swap after adding it as additional data
-    packet->DataType = __bswap_16(packet->DataType);
     int loc = 0;
     memcpy(&outBuf[loc], &packet->DataType, sizeof(UINT16));
     loc += sizeof(UINT16);
@@ -97,6 +96,7 @@ int decrypt(packetEx *packet, unsigned char *inBuf, UINT16 len, unsigned char *k
     {
         return 1;
     }
+    
     DEBUG_PRINT("line %d\n", __LINE__);
     memcpy(&packet->DataType, &inBuf[loc], sizeof(UINT16));
     loc += sizeof(UINT16);
@@ -105,7 +105,6 @@ int decrypt(packetEx *packet, unsigned char *inBuf, UINT16 len, unsigned char *k
     memcpy(&packet->Size, &inBuf[loc], sizeof(UINT16));
     loc += sizeof(UINT16);
 
-    packet->DataType = __bswap_16(packet->DataType);
     packet->Size = __bswap_16(packet->Size);
     packet->Id = __bswap_32(packet->Id);
 
@@ -138,6 +137,9 @@ int decrypt(packetEx *packet, unsigned char *inBuf, UINT16 len, unsigned char *k
     DEBUG_PRINT("line %d mlen:%d clen:%d\n", __LINE__, mlen, clen);
     int ret = romulus_m_decrypt(m, &mlen, 0, c, clen, ad, adlen, npub, key);
     DEBUG_PRINT("line %d packet:%d, mlen %d\n", __LINE__, packet->Size, mlen);
+
+    // swap after decrypt, we sign the big endian bytes
+    packet->DataType = __bswap_16(packet->DataType);
     if (ret == 0)
     {
         DEBUG_PRINT("line %d\n", __LINE__);