From 2fa2f8e88d5571cfb0ecdaed64d4cad4ef89ae61 Mon Sep 17 00:00:00 2001
From: Marco Oliverio <marco@wolfssl.com>
Date: Fri, 7 Oct 2022 16:15:52 +0200
Subject: [PATCH] fix: wrong size using DTLSv1.3 in
 RestartHandshakeHashWithCookie

HRR_MAX_HS_HEADER_SZ does not consider DTLS handshake extra fields.
---
 src/tls13.c                |  8 ++++++--
 tests/test-dtls13-psk.conf | 16 ++++++++++++++++
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/src/tls13.c b/src/tls13.c
index 23b871d81..0a44cbd01 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -3197,7 +3197,11 @@ static int CreateCookie(WOLFSSL* ssl, byte* hash, byte hashSz)
 }
 #endif
 
+#ifdef WOLFSSL_DTLS13
+#define HRR_MAX_HS_HEADER_SZ DTLS_HANDSHAKE_HEADER_SZ
+#else
 #define HRR_MAX_HS_HEADER_SZ HANDSHAKE_HEADER_SZ
+#endif /* WOLFSSL_DTLS13 */
 
 /* Restart the handshake hash with a hash of the previous messages.
  *
@@ -3208,7 +3212,7 @@ int RestartHandshakeHash(WOLFSSL* ssl)
 {
     int    ret;
     Hashes hashes;
-    byte   header[HRR_MAX_HS_HEADER_SZ] = {0};
+    byte   header[HANDSHAKE_HEADER_SZ] = {0};
     byte*  hash = NULL;
     byte   hashSz = 0;
 
@@ -5396,7 +5400,7 @@ static int CheckCookie(WOLFSSL* ssl, byte* cookie, byte cookieSz)
  */
 static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie)
 {
-    byte   header[HRR_MAX_HS_HEADER_SZ] = {0};
+    byte   header[HANDSHAKE_HEADER_SZ] = {0};
     byte   hrr[MAX_HRR_SZ] = {0};
     int    hrrIdx;
     word32 idx;
diff --git a/tests/test-dtls13-psk.conf b/tests/test-dtls13-psk.conf
index bb4093f29..72dbc2aa0 100644
--- a/tests/test-dtls13-psk.conf
+++ b/tests/test-dtls13-psk.conf
@@ -52,3 +52,19 @@
 -u
 -s
 -l TLS13-AES256-GCM-SHA384
+
+# server TLSv1.3 PSK and resumption
+# AES256-GCM and SHA384
+-v 4
+-u
+-s
+-l TLS13-AES256-GCM-SHA384
+-r
+
+# client TLSv1.3 PSK
+# AES256-GCM and SHA384
+-v 4
+-u
+-s
+-l TLS13-AES256-GCM-SHA384
+-r