Crash with basic ciphers chosen

[CyanoFresh]

Basic Infos

• This issue complies with the issue POLICY doc.
• I have read the documentation at readthedocs and the issue is not addressed there.
• I have tested that the issue is present in current master branch (aka latest git).
• I have searched the issue tracker for a similar issue.
• If there is a stack dump, I have decoded it.
• I have filled out all fields below.

Platform

• Hardware: Wemos D1 mini
• Core Version: a8873c2
• Development Env: Arduino IDE
• Operating System: Windows

Settings in IDE

• Module: Wemos D1 mini r2
• Flash Mode: [qio|dio|other]?
• Flash Size: 4MB
• lwip Variant: v2 Lower Memory || Higher Bandwidth
• Reset Method: ck
• Flash Frequency: [40Mhz]?
• CPU Frequency: 80Mhz || 160MHz
• Upload Using: SERIAL
• Upload Speed: 921600 (serial upload only)

Problem Description

When Basic ciphers selected in HelloServerBearSSL.ino example, crashes on every request

MCVE Sketch

#include <ESP8266WiFi.h>
#include <WiFiClient.h>
#include <ESP8266WebServerSecure.h>

#ifndef STASSID
#define STASSID "HUAWEI-D190"
#define STAPSK  "12307201"
#endif

const char* ssid = STASSID;
const char* password = STAPSK;

BearSSL::ESP8266WebServerSecure server(443);

static const char serverCert[] PROGMEM = R"EOF(
-----BEGIN CERTIFICATE-----
MIIDSzCCAjMCCQD2ahcfZAwXxDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC
VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU9yYW5nZSBDb3VudHkx
EDAOBgNVBAoMB1ByaXZhZG8xGjAYBgNVBAMMEXNlcnZlci56bGFiZWwuY29tMR8w
HQYJKoZIhvcNAQkBFhBlYXJsZUB6bGFiZWwuY29tMB4XDTE4MDMwNjA1NDg0NFoX
DTE5MDMwNjA1NDg0NFowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3Rh
dGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAPVKBwbZ+KDSl40YCDkP6y8Sv4iNGvEOZg8Y
X7sGvf/xZH7UiCBWPFIRpNmDSaZ3yjsmFqm6sLiYSGSdrBCFqdt9NTp2r7hga6Sj
oASSZY4B9pf+GblDy5m10KDx90BFKXdPMCLT+o76Nx9PpCvw13A848wHNG3bpBgI
t+w/vJCX3bkRn8yEYAU6GdMbYe7v446hX3kY5UmgeJFr9xz1kq6AzYrMt/UHhNzO
S+QckJaY0OGWvmTNspY3xCbbFtIDkCdBS8CZAw+itnofvnWWKQEXlt6otPh5njwy
+O1t/Q+Z7OMDYQaH02IQx3188/kW3FzOY32knER1uzjmRO+jhA8CAwEAATANBgkq
hkiG9w0BAQsFAAOCAQEAnDrROGRETB0woIcI1+acY1yRq4yAcH2/hdq2MoM+DCyM
E8CJaOznGR9ND0ImWpTZqomHOUkOBpvu7u315blQZcLbL1LfHJGRTCHVhvVrcyEb
fWTnRtAQdlirUm/obwXIitoz64VSbIVzcqqfg9C6ZREB9JbEX98/9Wp2gVY+31oC
JfUvYadSYxh3nblvA4OL+iEZiW8NE3hbW6WPXxvS7Euge0uWMPc4uEcnsE0ZVG3m
+TGimzSdeWDvGBRWZHXczC2zD4aoE5vrl+GD2i++c6yjL/otHfYyUpzUfbI2hMAA
5tAF1D5vAAwA8nfPysumlLsIjohJZo4lgnhB++AlOg==
-----END CERTIFICATE-----
)EOF";

static const char serverKey[] PROGMEM =  R"EOF(
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA9UoHBtn4oNKXjRgIOQ/rLxK/iI0a8Q5mDxhfuwa9//FkftSI
IFY8UhGk2YNJpnfKOyYWqbqwuJhIZJ2sEIWp2301OnavuGBrpKOgBJJljgH2l/4Z
uUPLmbXQoPH3QEUpd08wItP6jvo3H0+kK/DXcDzjzAc0bdukGAi37D+8kJfduRGf
zIRgBToZ0xth7u/jjqFfeRjlSaB4kWv3HPWSroDNisy39QeE3M5L5ByQlpjQ4Za+
ZM2yljfEJtsW0gOQJ0FLwJkDD6K2eh++dZYpAReW3qi0+HmePDL47W39D5ns4wNh
BofTYhDHfXzz+RbcXM5jfaScRHW7OOZE76OEDwIDAQABAoIBAQDKov5NFbNFQNR8
djcM1O7Is6dRaqiwLeH4ZH1pZ3d9QnFwKanPdQ5eCj9yhfhJMrr5xEyCqT0nMn7T
yEIGYDXjontfsf8WxWkH2TjvrfWBrHOIOx4LJEvFzyLsYxiMmtZXvy6YByD+Dw2M
q2GH/24rRdI2klkozIOyazluTXU8yOsSGxHr/aOa9/sZISgLmaGOOuKI/3Zqjdhr
eHeSqoQFt3xXa8jw01YubQUDw/4cv9rk2ytTdAoQUimiKtgtjsggpP1LTq4xcuqN
d4jWhTcnorWpbD2cVLxrEbnSR3VuBCJEZv5axg5ZPxLEnlcId8vMtvTRb5nzzszn
geYUWDPhAoGBAPyKVNqqwQl44oIeiuRM2FYenMt4voVaz3ExJX2JysrG0jtCPv+Y
84R6Cv3nfITz3EZDWp5sW3OwoGr77lF7Tv9tD6BptEmgBeuca3SHIdhG2MR+tLyx
/tkIAarxQcTGsZaSqra3gXOJCMz9h2P5dxpdU+0yeMmOEnAqgQ8qtNBfAoGBAPim
RAtnrd0WSlCgqVGYFCvDh1kD5QTNbZc+1PcBHbVV45EmJ2fLXnlDeplIZJdYxmzu
DMOxZBYgfeLY9exje00eZJNSj/csjJQqiRftrbvYY7m5njX1kM5K8x4HlynQTDkg
rtKO0YZJxxmjRTbFGMegh1SLlFLRIMtehNhOgipRAoGBAPnEEpJGCS9GGLfaX0HW
YqwiEK8Il12q57mqgsq7ag7NPwWOymHesxHV5mMh/Dw+NyBi4xAGWRh9mtrUmeqK
iyICik773Gxo0RIqnPgd4jJWN3N3YWeynzulOIkJnSNx5BforOCTc3uCD2s2YB5X
jx1LKoNQxLeLRN8cmpIWicf/AoGBANjRSsZTKwV9WWIDJoHyxav/vPb+8WYFp8lZ
zaRxQbGM6nn4NiZI7OF62N3uhWB/1c7IqTK/bVHqFTuJCrCNcsgld3gLZ2QWYaMV
kCPgaj1BjHw4AmB0+EcajfKilcqtSroJ6MfMJ6IclVOizkjbByeTsE4lxDmPCDSt
/9MKanBxAoGAY9xo741Pn9WUxDyRplww606ccdNf/ksHWNc/Y2B5SPwxxSnIq8nO
j01SmsCUYVFAgZVOTiiycakjYLzxlc6p8BxSVqy6LlJqn95N8OXoQ+bkwUux/ekg
gz5JWYhbD6c38khSzJb0pNXCo3EuYAVa36kDM96k1BtWuhRS10Q1VXk=
-----END RSA PRIVATE KEY-----
)EOF";

const int led = 13;

void handleRoot() {
  digitalWrite(led, 1);
  server.send(200, "text/plain", "Hello from esp8266 over HTTPS!");
  digitalWrite(led, 0);
}

void handleNotFound(){
  digitalWrite(led, 1);
  String message = "File Not Found\n\n";
  message += "URI: ";
  message += server.uri();
  message += "\nMethod: ";
  message += (server.method() == HTTP_GET)?"GET":"POST";
  message += "\nArguments: ";
  message += server.args();
  message += "\n";
  for (uint8_t i=0; i<server.args(); i++){
    message += " " + server.argName(i) + ": " + server.arg(i) + "\n";
  }
  server.send(404, "text/plain", message);
  digitalWrite(led, 0);
}

void setup(void){
  pinMode(led, OUTPUT);
  digitalWrite(led, 0);
  Serial.begin(115200);
  WiFi.begin(ssid, password);
  Serial.println("");

  // Wait for connection
  while (WiFi.status() != WL_CONNECTED) {
    delay(500);
    Serial.print(".");
  }

  configTime(3 * 3600, 0, "pool.ntp.org", "time.nist.gov");

  Serial.println("");
  Serial.print("Connected to ");
  Serial.println(ssid);
  Serial.print("IP address: ");
  Serial.println(WiFi.localIP());

  server.getServer().setRSACert(new BearSSL::X509List(serverCert), new BearSSL::PrivateKey(serverKey));

  server.on("/", handleRoot);

  server.on("/inline", [](){
    server.send(200, "text/plain", "this works as well");
  });

  server.onNotFound(handleNotFound);

  server.begin();
  Serial.println("HTTPS server started");
}

void loop(void){
  server.handleClient();
}

Debug Messages

debug:

...
03:32:18.782 -> WS:ac
03:32:18.782 -> :ref 1
03:32:18.782 -> :rn 517
03:32:18.782 -> WS:ac
03:32:18.782 -> :rn 517
03:32:18.782 -> :rd 5, 517, 0
03:32:18.782 -> :rdi 517, 5
03:32:18.782 -> :rd 512, 517, 5
03:32:18.818 -> :rdi 512, 512
03:32:18.818 -> :c0 512, 517
03:32:18.851 -> :wr 517 0
03:32:18.851 -> :wrc 517 517 0
03:32:18.851 -> :wr 435 0
03:32:18.851 -> :wrc 435 435 0
03:32:18.887 -> :ack 517
03:32:18.920 -> :ack 435
03:32:18.920 -> :rn 7
03:32:18.920 -> :rcl
03:32:18.920 -> :abort
03:32:18.920 -> :rd 5, 7, 0
03:32:18.920 -> :rdi 7, 5
03:32:18.920 -> :rd 2, 7, 5
03:32:18.920 -> :rdi 2, 2
03:32:18.920 -> :c0 2, 7
03:32:18.920 -> BSSL:_wait_for_handshake: failed
03:32:18.920 -> :ur 1
03:32:18.920 -> WS:dis
03:32:18.920 -> :del
03:32:18.920 -> WS:av
03:32:18.920 -> :ref 1
03:32:18.920 -> :rd 5, 517, 0
03:32:18.920 -> :rdi 517, 5
03:32:18.920 -> :rd 512, 517, 5
03:32:18.920 -> :rdi 512, 512
03:32:18.920 -> :c0 512, 517
03:32:18.955 -> :wr 517 0
03:32:18.955 -> :wrc 517 517 0
03:32:18.992 -> :wr 435 0
03:32:18.992 -> :wrc 435 435 0
03:32:19.027 -> :ack 517
03:32:19.027 -> :ack 435
03:32:19.027 -> :rn 7
03:32:19.027 -> :rcl
03:32:19.027 -> :abort
03:32:19.027 -> :rd 5, 7, 0
03:32:19.027 -> :rdi 7, 5
03:32:19.027 -> :rd 2, 7, 5
03:32:19.027 -> :rdi 2, 2
03:32:19.027 -> :c0 2, 7
03:32:19.027 -> WS:ac
03:32:19.027 -> :rn 517
03:32:19.027 -> BSSL:_wait_for_handshake: failed
03:32:19.060 -> :ur 1
03:32:19.060 -> WS:dis
03:32:19.060 -> :del
03:32:19.060 -> WS:av
03:32:19.060 -> :ref 1
03:32:19.060 -> :rd 5, 517, 0
03:32:19.060 -> :rdi 517, 5
03:32:19.060 -> :rd 512, 517, 5
03:32:19.060 -> :rdi 512, 512
03:32:19.060 -> :c0 512, 517
03:32:19.096 -> :wr 517 0
03:32:19.096 -> :wrc 517 517 0
03:32:19.096 -> :wr 435 0
03:32:19.096 -> :wrc 435 435 0
03:32:19.133 -> :ack 517
03:32:19.171 -> :ack 435
03:32:19.171 -> :rn 318
03:32:19.171 -> :rd 5, 318, 0
03:32:19.171 -> :rdi 318, 5
03:32:19.171 -> :rd 262, 318, 5
03:32:19.171 -> :rdi 313, 262
03:32:20.828 -> :rd 5, 318, 267
03:32:20.828 -> :rdi 51, 5
03:32:20.828 -> :rd 1, 318, 272
03:32:20.828 -> :rdi 46, 1
03:32:20.828 -> Fatal exception 28(LoadProhibitedCause):
03:32:20.828 -> epc1=0x402224fd, epc2=0x00000000, epc3=0x00000000, excvaddr=0x0000000c, depc=0x00000000
03:32:20.828 -> 
03:32:20.828 -> Exception (28):
03:32:20.828 -> epc1=0x402224fd epc2=0x00000000 epc3=0x00000000 excvaddr=0x0000000c depc=0x00000000
03:32:20.828 -> 
03:32:20.828 -> >>>stack>>>
03:32:20.828 -> 
03:32:20.828 -> ctx: bearssl

...

decoded:

Exception 28: LoadProhibited: A load referenced a page mapped with an attribute that does not permit loads
PC: 0x402224fd: br_ssl_engine_switch_gcm_in at src/ssl/ssl_engine.c line 1459
EXCVADDR: 0x0000000c

Decoding stack results
0x4022233e: br_ssl_engine_compute_master at src/ssl/ssl_engine.c line 1336
0x40229968: br_ssl_hs_server_run at src/ssl/ssl_hs_server.c line 1735
0x4022a506: sendpld_flush at src/ssl/ssl_engine.c line 851
0x40221bcc: sendpld_ack at src/ssl/ssl_engine.c line 878
0x4022a524: clear_encrypt at src/ssl/ssl_engine.c line 951
0x40221cd0: jump_handshake at src/ssl/ssl_engine.c line 1081
0x402221b5: br_ssl_engine_recvrec_ack at src/ssl/ssl_engine.c line 1206
0x40207579: BearSSL::WiFiClientSecure::_run_until(unsigned int, bool) (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClientSecureBearSSL.cpp line 523
0x40228994: br_ssl_hs_server_run at src/ssl/ssl_hs_server.c line 943
0x40228940: br_ssl_hs_server_init_main at /home/earle/Arduino/hardware/esp8266com/esp8266/tools/xtensa-lx106-elf/xtensa-lx106-elf/include/sys/pgmspace.h line 77
0x4022126c: br_rsa_i15_private at src/rsa/rsa_i15_priv.c line 33
0x402077a8: BearSSL::WiFiClientSecure::_wait_for_handshake() (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClientSecureBearSSL.cpp line 547
0x40207c9f: BearSSL::WiFiClientSecure::_connectSSLServerRSA(BearSSL::X509List const*, BearSSL::PrivateKey const*, BearSSL::X509List const*) (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClientSecureBearSSL.cpp line 1194
0x402211d8: br_rsa_i15_pkcs1_sign at src/rsa/rsa_i15_pkcs1_sign.c line 32
0x4020ee3a: printf at /home/earle/src/esp-quick-toolchain/repo/newlib/newlib/libc/stdio/printf.c line 61
0x40207e20: BearSSL::WiFiClientSecure::WiFiClientSecure(ClientContext*, BearSSL::X509List const*, BearSSL::PrivateKey const*, int, int, BearSSL::X509List const*) (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClientSecureBearSSL.cpp line 142
0x4020743c: BearSSL::WiFiClientSecure::~WiFiClientSecure() (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClientSecureBearSSL.cpp line 130
0x40208134: BearSSL::WiFiServerSecure::available(unsigned char*) (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiServerSecureBearSSL.cpp line 84
0x4020743c: BearSSL::WiFiClientSecure::~WiFiClientSecure() (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClientSecureBearSSL.cpp line 130
0x4020bf8c: WiFiClient::operator bool() (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClient.cpp line 350
0x402038e9: esp8266webserver::ESP8266WebServerTemplate ::handleClient() (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WebServer\src/ESP8266WebServer-impl.h line 306
0x40203600: esp8266webserver::ESP8266WebServerTemplate ::send(int, char const*, String const&) (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WebServer\src/ESP8266WebServer-impl.h line 437
0x4020743c: BearSSL::WiFiClientSecure::~WiFiClientSecure() (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\libraries\ESP8266WiFi\src\WiFiClientSecureBearSSL.cpp line 130
0x402039fc: loop() at C:\Users\Work\Documents\Arduino\HelloServerBearSSL_dev/HelloServerBearSSL_dev.ino line 142
0x4020a314: loop_wrapper() (C:\Program Files at x86)\Arduino\hardware\esp8266com\esp8266\cores\esp8266\core_esp8266_main.cpp line 140

original comment #6247 (comment)

[earlephilhower]

I'm traveling without VPN home, but it looks like it's trying to start up an AES_GCM engine to do something. But in basic mode, there shouldn't be any need for aes_gcm, per the allowed cipher list, so there are no aes_gcm providers installed (or built into the .BIN to save space).

To let you get on with #6247, you can do a 1-line hack. Change line 950 in libraries/ESP8266WiFi/src/WiFiClientSecure.cpp from #ifndef BEARSSL_SSL_BASIC to #if 1 to install all encryption/decryption (AES is fast, it's not slow like EC) options.