Next: Interoperability, Previous: Deriving keys for other applications/protocols, Up: Advanced topics [Contents][Index]
In user authentication protocols (e.g., EAP or SASL mechanisms) it is useful to have a unique string that identifies the secure channel that is used, to bind together the user authentication with the secure channel. This can protect against man-in-the-middle attacks in some situations. That unique string is called a “channel binding”. For background and discussion see [RFC5056].
In GnuTLS you can extract a channel binding using the gnutls_session_channel_binding function. Currently only the following types are supported:
GNUTLS_CB_TLS_UNIQUE: corresponds to the tls-unique channel binding for TLS defined in [RFC5929]
GNUTLS_CB_TLS_EXPORTER: corresponds to the tls-exporter channel binding for TLS defined in [RFC9266]
The following example describes how to print the channel binding data. Note that it must be run after a successful TLS handshake.
{
gnutls_datum_t cb;
int rc;
rc = gnutls_session_channel_binding (session,
GNUTLS_CB_TLS_UNIQUE,
&cb);
if (rc)
fprintf (stderr, "Channel binding error: %s\n",
gnutls_strerror (rc));
else
{
size_t i;
printf ("- Channel binding 'tls-unique': ");
for (i = 0; i < cb.size; i++)
printf ("%02x", cb.data[i]);
printf ("\n");
}
}