I am trying to implement the mbedTLS library on my STM32F4xx MCU, trying to connect to an SSL server with double way authentication. I am using TLSv1.2.
After sending the “Client Hello” message, and receiving the “Server Hello, Certificate, Certificate request”, the handshake fails due to the error: “MBEDTLS_X509_BADCERT_BAD_KEY”.
I did some debugging and apparently, the key length is shorter than the minimum length for the RSA key. (1024 < 2048).
It’s worth mentioning that I wrote a Python script that connects to the exact same server, and the issue doesn’t reproduce there at the PC level.
I sniffed the handshake with WireShark, and the “Client Hello” and “Server Hello” messages looks the same both on the PC and the MCU, so I suspect this is a wrong configuration of my MCU, that prevents a correct parsing of the server’s key.
Please share your insights.