Well, textbook explanation of SSL is not short, but once the connection is established, each party will have a set keys composed of a MAC key (message authentication code) and an encryption key. Within the SSL record, the payload is encrypted, and the MAC is basically a hash of the MAC Key + data + sequence + nonce + etc (I don’t remember the exact list of parameters that are authenticated by the MAC off the top of my head). Also, at the end of the handshake, there is a final exchange of the MAC of all of the Records sent before the connection was “settled”. If any of the items of the SSL Record change the client will be able to detect that because the MAC will not match. First place I would look is at the firewall logs, or maybe any app (such as HIDS/NIDS) that might be doing something to the packet. Hope this helps. -Eduardo
From: Jmail Clist Sent: Wednesday, June 08, 2011 2:33 PM To: openssl-users@openssl.org Subject: Fatal Error: Bad Record MAC Hello, I am new to the list and definitely lack knowledge regarding the inner workings of the openssl stack. I will attempt to post all relevant information in hopes of getting feedback on this issue. Basically, I have an IBM Datatpower appliance that cannot complete a successful handshake with a F5 LTM (load balancer). After the client and server hellos, i get a "Fatal Alert" Bad Record Mac". Can someone explain this error more clearly and what are the possible causes along with some tips on how to debug/troubleshoot this issue? I have also traces available if anyone wants them. Please refer to frame 7 below for the error. Frame 5 (192 bytes on wire, 192 bytes captured) Ethernet II, Src: Cisco_08:34:00 (00:1b:2b:08:34:00), Dst: Ibm_f1:c2:24 (00:14:5e:f1:c2:24) Internet Protocol, Src: 10.97.127.7 (10.97.127.7), Dst: 10.97.85.73 (10.97.85.73) Transmission Control Protocol, Src Port: https (443), Dst Port: 27608 (27608), Seq: 1, Ack: 106, Len: 126 Secure Socket Layer TLSv1 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 74 Handshake Protocol: Server Hello TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec Content Type: Change Cipher Spec (20) Version: TLS 1.0 (0x0301) Length: 1 Change Cipher Spec Message TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 36 Handshake Protocol: Encrypted Handshake Message No. Time Delta Source tcp win size Len Total Bytes Destination Protocol Info 6 0.000699 0.000008 10.97.85.73 5888 66 647 10.97.127.7 TCP 27608 > https [ACK] Seq=106 Ack=127 Win=5888 Len=0 TSV=154345430 TSER=1789553040 Frame 6 (66 bytes on wire, 66 bytes captured) Ethernet II, Src: Ibm_f1:c2:24 (00:14:5e:f1:c2:24), Dst: All-HSRP-routers_0a (00:00:0c:07:ac:0a) Internet Protocol, Src: 10.97.85.73 (10.97.85.73), Dst: 10.97.127.7 (10.97.127.7) Transmission Control Protocol, Src Port: 27608 (27608), Dst Port: https (443), Seq: 106, Ack: 127, Len: 0 No. Time Delta Source tcp win size Len Total Bytes Destination Protocol Info 7 0.000771 0.000072 10.97.85.73 5888 73 720 10.97.127.7 TLSv1 Alert (Level: Fatal, Description: Bad Record MAC) Frame 7 (73 bytes on wire, 73 bytes captured) Ethernet II, Src: Ibm_f1:c2:24 (00:14:5e:f1:c2:24), Dst: All-HSRP-routers_0a (00:00:0c:07:ac:0a) Internet Protocol, Src: 10.97.85.73 (10.97.85.73), Dst: 10.97.127.7 (10.97.127.7) Transmission Control Protocol, Src Port: 27608 (27608), Dst Port: https (443), Seq: 106, Ack: 127, Len: 7 Secure Socket Layer TLSv1 Record Layer: Alert (Level: Fatal, Description: Bad Record MAC) Content Type: Alert (21) Version: TLS 1.0 (0x0301) Length: 2 Alert Message Level: Fatal (2) Description: Bad Record MAC (20) After this the communication closes cleanly - Fin-Ack-Fin-Ack. Thank you,