STM32H743 as a client fails in handshake with server at Server Hello using LWIP, mbedTLS and FreeRTO

Question

Hello,I'm using STM32H743 to send and receive REST API. I'm using FreeRTOS, LWIP and mbedTLS to communicate with server. I have the same application working WELL using STM32F765 with MCAL layer of course modified to STM32F7 but using H7 I can see this error "Unknown Record Type" when fetching input and reading input record. I tried solutions like optimizing cipherSuite but was not useful.

MHana.1 · Accepted Answer

Resolved by updating ethernetif.c

MHana.1 · Answer

Here is the log:Setting IotClientHandle options...Modify IotClientHandle Options Success. Try Connect. Connecting to Server URL: port 443...The SSL configuration is tls12 only.Modify IotClientHandle Options Success. Try ConnectPerforming the SSL/TLS handshake...Modify IotClientHandle Options Success. Try Connect=> handshake=> flush output<= flush outputclient state: Ðä=> flush output<= flush outputclient state: ´Ðä=> write client helloclient×?g$þaéZY:2 ciphKÀsuite: 2400BF7C, Ùo633¨\{adding EMPTY_RENEGOTIATION_INFO_SCSVclient hello, got 1 cipher suitesclient hello, adding server name extension: X$¾U$Ðäadding signature_algorithms extensiongot signature scheme [2400BF94]client hello, adding extended_master_secret extensionclient hello, adding session ticket extensionclient hello, total extension length: ?u=> write handshake message=> write recordoutput record: msgtype = ?, version = [?:?], msglen = ?u<= write record<= write handshake message<= write client hello=> flush outputmessage length: ?u, out_left: ?u<= flush outputclient state: <Ðä=> parse server hello=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= handshakeModify IotClientHandle Options Success. Try Connect=> handshake=> flush output<= flush outputclient state: <Ðä=> parse server hello=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputinput record: msgtype = ?, version = [0x2400BF3C], msglen = ?u=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputhandshake message: msglen = ?u, type = ?, hslen = ?u<= read recordserver hello, current time: ?userver hello, session id len.: ?usession has been resumedserver hello, chosen ciphersuite: 2400BFE4server hello, compress alg.: 604028900server hello, chosen ciphersuite: 9server hello, total extension length: ?ufound renegotiation extensionfound extended_master_secret extension<= parse server hello=> flush output<= flush outputclient state: ´Ðä=> parse certificate=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputinput record: msgtype = ?, version = [0x2400BF54], msglen = ?u=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputhandshake message: msglen = ?u, type = ?, hslen = ?u<= read recordUse configuration-specific verification callbackCertificate verification flags clear<= parse certificate=> flush output<= flush outputclient state: 8Ðä=> parse server key exchange<= skip parse server key exchange=> flush output<= flush outputclient state: ðÐä=> parse certificate request=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputinput record: msgtype = ?, version = [0x2400BE14], msglen = ?u=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputhandshake message: msglen = ?u, type = ?, hslen = ?u<= read recordgot D certificate request<= parse certificate request=> flush output<= flush outputclient state: xÐä=> parse server hello done=> read recordreuse previously read message<= read record<= parse server hello done=> flush output<= flush outputclient state: ÔÐä=> write certificate<= skip write certificate=> flush output<= flush outputclient state: XÐä=> write client key exchange=> write handshake message=> write recordoutput record: msgtype = ?, version = [?:?], msglen = ?u=> flush outputmessage length: ?u, out_left: ?u<= flush output<= write record<= write handshake message<= write client key exchange=> flush output<= flush outputclient state: Ðä=> write certificate verify=> derive keys=> calc verify sha256<= calc verifyciphersuite = 9eylen: ?, minlen: ?, ivlen: ?, maclen: ?<= derive keys<= skip write certificate verify=> flush output<= flush outputclient state: ¨Ðä=> write change cipher spec=> write handshake message=> write recordoutput record: msgtype = ?, version = [?:?], msglen = ?u=> flush outputmessage length: ?u, out_left: ?u<= flush output<= write record<= write handshake message<= write change cipher spec=> flush output<= flush outputclient state: Ðä=> write finished=> calc finished tls sha256<= calc finishedswitching to new transform spec for outbound data=> write handshake message=> write record=> encrypt bufbefore encrypt: msglen = ?u, including 0 bytes of padding<= encrypt bufoutput record: msgtype = ?, version = [?:?], msglen = ?u=> flush outputmessage length: ?u, out_left: ?u<= flush output<= write record<= write handshake message<= write finished=> flush output<= flush outputclient state: Ðä=> parse change cipher spec=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= handshakeModify IotClientHandle Options Success. Try Connect=> handshake=> flush output<= flush outputclient state: Ðä=> parse change cipher spec=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= handshakeModify IotClientHandle Options Success. Try Connect=> handshake=> flush output<= flush outputclient state: Ðä=> parse change cipher spec=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= handshakeModify IotClientHandle Options Success. Try Connect=> handshake=> flush output<= flush outputclient state: Ðä=> parse change cipher spec=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputinput record: msgtype = ?, version = [0x2400BF6C], msglen = ?u=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch input<= read recordswitching to new transform spec for inbound data<= parse change cipher spec=> flush output<= flush outputclient state: ÐÐä=> parse finished=> calc finished tls sha256<= calc finished=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputinput record: msgtype = ?, version = [0x2400BF5C], msglen = ?u=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch input=> decrypt buf<= decrypt bufhandshake message: msglen = ?u, type = ?, hslen = ?u<= read record<= parse finished=> flush output<= flush outputclient state: 0Ðähandshake: done=> flush output<= flush outputclient state: ÐÐä=> handshake wrapup=> handshake wrapup: final free<= handshake wrapup: final free<= handshake wrapup<= handshakeok[ Protocol is TLSv1.2 ][ Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256 ][ Record expansion is 29 ]. Verifying peer X.509 certificate...Connection phase complete.Connected to server.Data Buffer Before Send:/token.oauth2?client_id=&client_secret=&grant_type=&scope=api HTTP/1.1Host:Content-Type: application/jsonContent-Length: 0post buffer (?u):=> write=> write record=> encrypt bufbefore encrypt: msglen = ?u, including 0 bytes of padding<= encrypt bufoutput record: msgtype = ?, version = [?:?], msglen = ?u=> flush outputmessage length: ?u, out_left: ?u<= flush output<= write record<= writepost net_sock_send: len=265=> read=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputinput record: msgtype = ?, version = [0x2400C184], msglen = ?u=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch input=> decrypt buf<= decrypt buf<= read record<= readnet_sock_recv() rc = 360=> read=> read record=> fetch inputin_left: ?u, nb_want: ?uin_left: ?u, nb_want: ?u<= fetch inputunknown record type ?failed! mbedtls_ssl_read returned -0x7200net_sock_recv() rc = -1http_recv() ConnectionErrorReceive Connection..........FAILED!, ERROR -0x1=> write close notify=> send alert messagesend alert level=? message=?=> write record=> encrypt bufbefore encrypt: msglen = ?u, including 0 bytes of padding<= encrypt bufoutput record: msgtype = ?, version = [?:?], msglen = ?u=> flush outputmessage length: ?u, out_left: ?u<= flush output<= write record<= send alert message<= write close notifyFreeing the mbedtls context anyway.=> free<= freeClosing and Destorying Connection, Result 0

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded