Well, textbook explanation of SSL is not short, but once the connection is
established, each party will have a set keys composed of a MAC key (message
authentication code) and an encryption key. Within the SSL record, the payload
is encrypted, and the MAC is basically a hash of the MAC Key + data + sequence
+ nonce + etc (I don’t remember the exact list of parameters that are
authenticated by the MAC off the top of my head). Also, at the end of the
handshake, there is a final exchange of the MAC of all of the Records sent
before the connection was “settled”.
If any of the items of the SSL Record change the client will be able to detect
that because the MAC will not match. First place I would look is at the
firewall logs, or maybe any app (such as HIDS/NIDS) that might be doing
something to the packet.
Hope this helps.
-Eduardo
From: Jmail Clist
Sent: Wednesday, June 08, 2011 2:33 PM
To: openssl-users@openssl.org
Subject: Fatal Error: Bad Record MAC
Hello,
I am new to the list and definitely lack knowledge regarding the inner workings
of the openssl stack. I will attempt to post all relevant information in hopes
of getting feedback on this issue.
Basically, I have an IBM Datatpower appliance that cannot complete a successful
handshake with a F5 LTM (load balancer). After the client and server hellos, i
get a "Fatal Alert" Bad Record Mac". Can someone explain this error more
clearly and what are the possible causes along with some tips on how to
debug/troubleshoot this issue? I have also traces available if anyone wants
them. Please refer to frame 7 below for the error.
Frame 5 (192 bytes on wire, 192 bytes captured)
Ethernet II, Src: Cisco_08:34:00 (00:1b:2b:08:34:00), Dst: Ibm_f1:c2:24
(00:14:5e:f1:c2:24)
Internet Protocol, Src: 10.97.127.7 (10.97.127.7), Dst: 10.97.85.73
(10.97.85.73)
Transmission Control Protocol, Src Port: https (443), Dst Port: 27608 (27608),
Seq: 1, Ack: 106, Len: 126
Secure Socket Layer
TLSv1 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 74
Handshake Protocol: Server Hello
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: TLS 1.0 (0x0301)
Length: 1
Change Cipher Spec Message
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 36
Handshake Protocol: Encrypted Handshake Message
No. Time Delta Source tcp win size Len Total
Bytes Destination Protocol Info
6 0.000699 0.000008 10.97.85.73 5888 66 647
10.97.127.7 TCP 27608 > https [ACK] Seq=106 Ack=127
Win=5888 Len=0 TSV=154345430 TSER=1789553040
Frame 6 (66 bytes on wire, 66 bytes captured)
Ethernet II, Src: Ibm_f1:c2:24 (00:14:5e:f1:c2:24), Dst: All-HSRP-routers_0a
(00:00:0c:07:ac:0a)
Internet Protocol, Src: 10.97.85.73 (10.97.85.73), Dst: 10.97.127.7
(10.97.127.7)
Transmission Control Protocol, Src Port: 27608 (27608), Dst Port: https (443),
Seq: 106, Ack: 127, Len: 0
No. Time Delta Source tcp win size Len Total
Bytes Destination Protocol Info
7 0.000771 0.000072 10.97.85.73 5888 73 720
10.97.127.7 TLSv1 Alert (Level: Fatal, Description: Bad
Record MAC)
Frame 7 (73 bytes on wire, 73 bytes captured)
Ethernet II, Src: Ibm_f1:c2:24 (00:14:5e:f1:c2:24), Dst: All-HSRP-routers_0a
(00:00:0c:07:ac:0a)
Internet Protocol, Src: 10.97.85.73 (10.97.85.73), Dst: 10.97.127.7
(10.97.127.7)
Transmission Control Protocol, Src Port: 27608 (27608), Dst Port: https (443),
Seq: 106, Ack: 127, Len: 7
Secure Socket Layer
TLSv1 Record Layer: Alert (Level: Fatal, Description: Bad Record MAC)
Content Type: Alert (21)
Version: TLS 1.0 (0x0301)
Length: 2
Alert Message
Level: Fatal (2)
Description: Bad Record MAC (20)
After this the communication closes cleanly - Fin-Ack-Fin-Ack.
Thank you,
