Verification of the message MAC failed

Hi @mathieubordere
Thank you for your question!

Unfortunately, the logs do not say much, as these are partial logs of the handshake from the server side only. They do not contain client side, and not the bad_mac record message.

If the master key and derived data are in fact the same, I would think that perhaps the MBEDTLS_SSL_MAX_CONTENT_LEN is different in both sides, and that the server is sending a data larger than what the client can read.
It could be other reasons, such as memory corruption of the key material \ iv in one if the peers, or other reasons that cause the iv to be different.
Have you looked at older related posts? For example:

Regards,
Mbed TLS Team member
Ron