New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid ClientFinish message when EarlyData sent #48
Comments
I recalculated some of the keys (e.g. "client finished") and things look ok. I opened this issue so we might get some help: https://stackoverflow.com/questions/73268472/bad-record-mac-on-tls-v1-3-when-using-eary-data |
Further development led me to new discoveries. First, here's a simple HTTP request that I'm sending to the server.
I went "testing" all over and finally disabled the line that is sending PSK-based authentication happens as a side effect of key exchange. However, this solution doesn't work in the case where you want to split application data into 1) So ... I don't know, looks like this might be the way it is supposed to work. If this is the "expected" functionality it could make sense that client authentication happens in the first negotiation only and the resumed sessions are treated as already-authenticated channels. Since the solution works for the majority of the valid cases, I made a PR #49 with short notice so we can come back later if needed. |
I'm still not entirely sure if the issue isn't actually with the current server implementations (some old stuff or smth) so I contacted IETF guys to hopefully get support. |
The IETF just confirmed that the finished message must always be sent. |
I noticed that the error is present only when Works: GET / HTTP/1.1
Host: $HOST
Connection: close
Doesn't work: GET / HTTP/1.1
Host: $HOST
This must be Closing this for now. |
@xpepermint Thank you for contributing. |
Hum, good! Let’s see if the PR resolves it. Please test it against the same URL. |
I've noticed an issue with, I believe, the ClientFinished record when early data are sent. It could be something wrong with the transcript hash - just guessing.
Run an example below:
You will notice that the server reponded with
bad_record_mac
alert.The text was updated successfully, but these errors were encountered: