From bf332b459ba28daca0f2549df0703b47c3b40a45 Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Tue, 7 Apr 2020 10:36:23 -0600
Subject: [PATCH] set ChaCha counter state for TLS 1.3 AEAD

---
 src/tls13.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/tls13.c b/src/tls13.c
index 639cc9ef5..ce476f9b4 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -1656,6 +1656,9 @@ static int ChaCha20Poly1305_Encrypt(WOLFSSL* ssl, byte* output,
         return ret;
     /* Create Poly1305 key using ChaCha20 keystream. */
     ret = wc_Chacha_Process(ssl->encrypt.chacha, poly, poly, sizeof(poly));
+    if (ret != 0)
+        return ret;
+    ret = wc_Chacha_SetIV(ssl->encrypt.chacha, nonce, 1);
     if (ret != 0)
         return ret;
     /* Encrypt the plain text. */
@@ -1939,6 +1942,9 @@ static int ChaCha20Poly1305_Decrypt(WOLFSSL* ssl, byte* output,
         return ret;
     /* Use ChaCha20 keystream to get Poly1305 key for tag. */
     ret = wc_Chacha_Process(ssl->decrypt.chacha, poly, poly, sizeof(poly));
+    if (ret != 0)
+        return ret;
+    ret = wc_Chacha_SetIV(ssl->decrypt.chacha, nonce, 1);
     if (ret != 0)
         return ret;