I am doing testing with some ethernet device, for which I use an own TLS implementation (using OpenSSL for the actual cryptographic functions). There are pre shared keys used. When I am connecting to the device using the cipher suite TLS_PSK_WITH_AES_256_GCM_SHA384, it aborts the handshake with a bad record MAC alert.
When analyzing the handshake in Wireshark, I set the applied PSK, Wireshark correctly decrypts my Client Handshake Finished record, see below screenshot. Now I am wondering: Would this work if there was something wrong (possibly with the hash calculation) on my (client) side? Or is there rather something wrong on the server side?
I am meanwhile pretty confident in my implementation. Usually TLS_PSK_WITH_AES_128_GCM_SHA256 is used and there are no problems with that.