Troubleshooting SSL_ERROR_BAD_MAC_ALERT

permal
Posts: 359
Joined: Sun May 14, 2017 5:36 pm

Troubleshooting SSL_ERROR_BAD_MAC_ALERT

Postby permal » Sun Jun 09, 2019 5:38 pm

Now that I've finally found the issue with MPI acceleration causing my task to hang I can move on to my other issue; namely Message Authentication Code failure.

The setup is the same as previously; code works fine on native Linux, but as soon as it is brought over to ESP32, I get this:
mbedtls_ssl_handshake returned -29056: SSL - Verification of the message MAC failed
Both FireFox and curl results in the same error. For the record, here is the curl output:
curl -k -vv https://192.168.10.94:8443
* Expire in 0 ms for 6 (transfer 0x55b53ec094f0)
* Trying 192.168.10.94...
* TCP_NODELAY set
* Expire in 200 ms for 4 (transfer 0x55b53ec094f0)
* Connected to 192.168.10.94 (192.168.10.94) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS alert, bad record mac (532):
* error:140943FC:SSL routines:ssl3_read_bytes:sslv3 alert bad record mac
* Closing connection 0
curl: (35) error:140943FC:SSL routines:ssl3_read_bytes:sslv3 alert bad record mac
Running the https_server example does not exhibit this behavior and as such I've been trying to analyze its code to determine what I'm doing differently that would matter when run on the ESP32. Unfortunately, I can't see any such differences.

If you have any input/experience with this problem, please share your knowledge :)

permal
Posts: 359
Joined: Sun May 14, 2017 5:36 pm

Re: Troubleshooting SSL_ERROR_BAD_MAC_ALERT

Postby permal » Mon Jun 10, 2019 4:55 pm

Anyone?

I'm not getting anywhere so even crazy are ideas welcome ;)

permal
Posts: 359
Joined: Sun May 14, 2017 5:36 pm

Re: Troubleshooting SSL_ERROR_BAD_MAC_ALERT

Postby permal » Wed Jun 12, 2019 7:57 pm

Finally made some progress on this: https://github.com/espressif/esp-idf/issues/3624

Who is online

Users browsing this forum: Bing [Bot] and 16 guests