AnsweredAssumed Answered

mbedtls server error on firefox

Question asked by Nicolino Piergiovanni on Apr 23, 2018

Hi all.

I would like to use a SSL connection, so I tried  the mbedtls server example found in

STM32Cube_FW_F7_V1.9.0\Projects\STM32F769I-Discovery\Applications\mbedTLS\SSL_Server

I used IAR_760 with no code optimization and Firefox 56.0 32bit as browser.

The discovery is connected directly to my PC, no DHCP, and fixed address 192.168.1.10 is set.

Before to start with SSL session I sent a ping to discovery to check the ethernet link. All OK.

When I start with the SSL connection https://192.168.1.10:4433 the answers on discovery display are:

 

Waiting for a remote connection...... OK
Performing the SSL/TLS handshake ..... failed
mbedtls_ssl_handshake returned -19056 (MBEDTLS_ERR_SSL_INVALID_MAC)

 

Walking in the code I found the problem around these functions:

File ssl_tls.c

1567         static int ssl_decrypt_buf( mbedtls_ssl_context *ssl )
                  .
                  .
                  .
        /*
         * Decrypt and authenticate
         */
        if( ( ret = mbedtls_cipher_auth_decrypt( &ssl->transform_in->cipher_ctx_dec,
                                         ssl->transform_in->iv_dec,
                                         ssl->transform_in->ivlen,
                                         add_data, 13,
                                         dec_msg, dec_msglen,
                                         dec_msg_result, &olen,
                                         dec_msg + dec_msglen, taglen ) ) != 0 )
        {
            MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_cipher_auth_decrypt", ret );

1678            if( ret == MBEDTLS_ERR_CIPHER_AUTH_FAILED )  <------------------------
                return( MBEDTLS_ERR_SSL_INVALID_MAC );

            return( ret );
        }

 

Any suggestions?

 

Thank in advance

Outcomes