Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid mac #535

Closed
brookman opened this issue Feb 19, 2024 · 3 comments
Closed

Invalid mac #535

brookman opened this issue Feb 19, 2024 · 3 comments

Comments

@brookman
Copy link

brookman commented Feb 19, 2024
edited
Loading

Hi. Thanks for providing this awesome crate!🦀

I am trying to connect to a device which runs WebRTC (afaik implemented in Python). I can successfully connect but get an error when trying to open a data channel.

Opening a data channel between Flutter and the device works fine.

Logs:

2024-02-19T15:47:19.023741Z  INFO webrtc_ice::agent::agent_internal: [controlling]: Setting new connection state: Connected
2024-02-19T15:47:19.023908Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 0: Preparing
2024-02-19T15:47:19.023989Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 0: Sending
2024-02-19T15:47:19.023959Z  INFO webrtc::peer_connection: ICE connection state changed: connected
2024-02-19T15:47:19.024098Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 0: Waiting
2024-02-19T15:47:19.024151Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 35
2024-02-19T15:47:19.024611Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 22
2024-02-19T15:47:19.024903Z TRACE webrtc_dtls::conn: Recv [handshake:server] -> ClientHello (epoch: 0, seq: 0)
2024-02-19T15:47:19.025137Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 35
2024-02-19T15:47:19.025218Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 22
2024-02-19T15:47:19.025290Z DEBUG webrtc_dtls::flight::flight0: [handshake:server] use cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
2024-02-19T15:47:19.025485Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 0 -> Flight 2
2024-02-19T15:47:19.025557Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 2: Preparing
2024-02-19T15:47:19.025627Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 2: Sending
2024-02-19T15:47:19.025701Z TRACE webrtc_dtls::conn: Send [handshake:server] -> HelloVerifyRequest (epoch: 0, seq: 0)
2024-02-19T15:47:19.025829Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 2: Waiting
2024-02-19T15:47:19.027601Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 35
2024-02-19T15:47:19.027759Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 22
2024-02-19T15:47:19.027860Z TRACE webrtc_dtls::conn: Recv [handshake:server] -> ClientHello (epoch: 0, seq: 1)
2024-02-19T15:47:19.028012Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 35
2024-02-19T15:47:19.028105Z  WARN webrtc_dtls::handshake::handshake_message_client_hello: Unsupported Extension Type 0 22
2024-02-19T15:47:19.028186Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 2 -> Flight 4
2024-02-19T15:47:19.028338Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 4: Preparing
2024-02-19T15:47:19.028525Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 4: Sending
2024-02-19T15:47:19.028614Z TRACE webrtc_dtls::conn: Send [handshake:server] -> ServerHello (epoch: 0, seq: 1)
2024-02-19T15:47:19.028798Z TRACE webrtc_dtls::conn: Send [handshake:server] -> Certificate (epoch: 0, seq: 2)
2024-02-19T15:47:19.028880Z TRACE webrtc_dtls::conn: Send [handshake:server] -> ServerKeyExchange (epoch: 0, seq: 3)
2024-02-19T15:47:19.028954Z TRACE webrtc_dtls::conn: Send [handshake:server] -> CertificateRequest (epoch: 0, seq: 4)
2024-02-19T15:47:19.029034Z TRACE webrtc_dtls::conn: Send [handshake:server] -> ServerHelloDone (epoch: 0, seq: 5)
2024-02-19T15:47:19.029174Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 4: Waiting
2024-02-19T15:47:19.036359Z TRACE webrtc_dtls::conn: Recv [handshake:server] -> Certificate (epoch: 0, seq: 2)    
2024-02-19T15:47:19.036485Z TRACE webrtc_dtls::conn: Recv [handshake:server] -> ClientKeyExchange (epoch: 0, seq: 3)
2024-02-19T15:47:19.036592Z TRACE webrtc_dtls::conn: Recv [handshake:server] -> CertificateVerify (epoch: 0, seq: 4)
2024-02-19T15:47:19.036660Z DEBUG webrtc_dtls::conn: server: CipherSuite not initialized, queuing packet
2024-02-19T15:47:19.036774Z DEBUG webrtc_dtls::conn: server: received packet of next epoch, queuing packet
2024-02-19T15:47:19.036861Z TRACE webrtc_dtls::flight::flight4: [handshake] PeerCertificates4 1
2024-02-19T15:47:19.036947Z TRACE webrtc_dtls::crypto: Picked an algorithm ECDSA_P256_SHA256_ASN1
2024-02-19T15:47:19.037241Z TRACE webrtc_dtls::conn: server: <- ChangeCipherSpec (epoch: 1)
2024-02-19T15:47:19.037335Z DEBUG webrtc_dtls::conn: server: decrypt failed: invalid mac
...
2024-02-19T12:43:32.145109Z TRACE webrtc_dtls::flight::flight4: [handshake] PeerCertificates4 1    
2024-02-19T12:43:32.145792Z TRACE webrtc_dtls::crypto: Picked an algorithm ECDSA_P256_SHA256_ASN1
2024-02-19T12:43:32.146344Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 4 result alert:None, err:None
2024-02-19T12:43:32.146772Z TRACE webrtc_dtls::flight::flight4: [handshake] PeerCertificates4 1
2024-02-19T12:43:32.147006Z TRACE webrtc_dtls::crypto: Picked an algorithm ECDSA_P256_SHA256_ASN1
2024-02-19T12:43:32.147258Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 4 result alert:None, err:None
2024-02-19T12:43:32.147443Z TRACE webrtc_dtls::flight::flight4: [handshake] PeerCertificates4 1
2024-02-19T12:43:32.147612Z TRACE webrtc_dtls::crypto: Picked an algorithm ECDSA_P256_SHA256_ASN1
2024-02-19T12:43:32.147751Z TRACE webrtc_dtls::handshaker: [handshake:server] Flight 4 result alert:None, err:None
2024-02-19T12:43:32.147892Z TRACE webrtc_dtls::conn: server: <- ChangeCipherSpec (epoch: 1)
2024-02-19T12:43:32.147980Z DEBUG webrtc_dtls::conn: server: decrypt failed: invalid mac

I have tried to force it to use different algorithms than TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA but without success.

Btw. I'm on Windows and use no features like "openssl" or "vendored-openssl".
@brookman
Copy link
Author

Meanwhile I have tried it again by upgrading to the newest crate version and using the "openssl" feature:
webrtc = { "version" = "0.10.1", "features" = ["openssl"] }

I installed OpenSSL on Windows like this:

cd c:
git clone https://github.com/microsoft/vcpkg.git
cd vcpkg
bootstrap-vcpkg.bat
vcpkg integrate install
vcpkg install openssl
[create env var OPENSSL_DIR=c:\vcpkg\packages\openssl_x64-windows]

I can compile it but unfortunately I'm still getting the same error when trying to open a data channel.

@edaniels
Copy link

edaniels commented May 1, 2024

@brookman this is fixed by 4e09f92. I'm not sure why the code was changed at 0.9.0 and I'm trying to understand @ #557 (comment)

@brookman
Copy link
Author

brookman commented May 2, 2024

@edaniels Thanks for the update. Using the newly released version 0.11.0 I can now successfully establish data channels.

@brookman brookman closed this as completed May 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@edaniels @brookman