乐鑫技术交流
直播中

李秀珍

7年用户 974经验值
私信 关注
[问答]

有人在esp32上成功跑过TLS 1.3吗?

有人在esp32上成功跑过 TLS 1.3吗?

用的master esp-idf 5.0, 然后 mbedtls用的是branch mbedtls git:(mbedtls-3.1.0-idf)

我想测下MQTT over TLS 1.3

在menuconfig里面enable了tls 1.3

第一次 tls 1.3 的handshake没问题,ssl状态在WRAPUP后设置为  MBEDTLS_SSL_HANDSHAKE_OVER

然后在 ssl_handle_hs_message_post_handshake()函数里面报错,

我看了下是收到了NEW_SESSION_tiCKET 包裹。

原代码在这边就直接 return UNEXPECTED_MESSAGE了。


Code: Select all
        MBEDTLS_SSL_DEBUG_MSG( 1, ("hangmao debug: post ssl handshake '%d'", ssl->in_msg[0]));
        //if (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET)
            return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );



mbedtls: ssl_msg.c:4976 hangmao debug: post ssl handshake '4'
Code: Select all
I (3606) mbedtls: ssl_tls13_client.c:1723 tls13 client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP(15)

W (3616) mbedtls: ssl_tls13_client.c:1705 Switch to application keys for inbound traffic

W (3626) mbedtls: ssl_tls13_client.c:1708 Switch to application keys for outbound traffic

I (3636) mbedtls: ssl_tls.c:5323 <= handshake

I (3646) mbedtls: ssl_msg.c:5348 => write

I (3646) mbedtls: ssl_msg.c:2369 => write record

I (3656) mbedtls: ssl_msg.c:546 => encrypt buf

I (3656) mbedtls: ssl_msg.c:990 <= encrypt buf

I (3666) mbedtls: ssl_msg.c:1789 => flush output

I (3666) mbedtls: ssl_msg.c:1809 message length: 53, out_left: 53

I (3676) mbedtls: ssl_msg.c:1814 ssl->f_send() returned 53 (-0xffffffcb)

I (3686) mbedtls: ssl_msg.c:1842 <= flush output

I (3686) mbedtls: ssl_msg.c:2514 <= write record

I (3696) mbedtls: ssl_msg.c:5372 <= write

I (3696) mbedtls: ssl_msg.c:5067 => read

I (3706) mbedtls: ssl_msg.c:3546 => read record

I (3706) mbedtls: ssl_msg.c:1573 => fetch input

I (3716) mbedtls: ssl_msg.c:1730 in_left: 0, nb_want: 5

I (3716) mbedtls: ssl_msg.c:1755 in_left: 0, nb_want: 5

I (3726) mbedtls: ssl_msg.c:1756 ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)

I (3736) mbedtls: ssl_msg.c:1776 <= fetch input

I (3736) mbedtls: ssl_msg.c:1573 => fetch input

I (3746) mbedtls: ssl_msg.c:1730 in_left: 5, nb_want: 255

I (3756) mbedtls: ssl_msg.c:1755 in_left: 5, nb_want: 255

I (3756) mbedtls: ssl_msg.c:1756 ssl->f_recv(_timeout)() returned 250 (-0xffffff06)

I (3766) mbedtls: ssl_msg.c:1776 <= fetch input

I (3776) mbedtls: ssl_msg.c:1014 => decrypt buf

I (3776) mbedtls: ssl_msg.c:1539 <= decrypt buf

I (3786) mbedtls: ssl_msg.c:3620 <= read record

W (3786) mbedtls: ssl_msg.c:4967 handshake received (not HelloRequest)

W (3796) mbedtls: ssl_msg.c:4976 hangmao debug: post ssl handshake '4'

W (3806) mbedtls: ssl_msg.c:5004 hangmao debug: renegotiation: disable? '1' secure? '0' legacy? '0'

更多回帖

发帖
×
20
完善资料,
赚取积分