Next: Interoperability, Previous: Deriving keys for other applications/protocols, Up: Advanced topics [Contents][Index]
In user authentication protocols (e.g., EAP or SASL mechanisms) it is useful to have a unique string that identifies the secure channel that is used, to bind together the user authentication with the secure channel. This can protect against man-in-the-middle attacks in some situations. That unique string is called a “channel binding”. For background and discussion see [RFC5056].
In GnuTLS you can extract a channel binding using the gnutls_session_channel_binding function. Currently only the following types are supported:
GNUTLS_CB_TLS_UNIQUE
: corresponds to the tls-unique
channel binding for TLS defined in [RFC5929]
GNUTLS_CB_TLS_EXPORTER
: corresponds to the tls-exporter
channel binding for TLS defined in [RFC9266]
The following example describes how to print the channel binding data. Note that it must be run after a successful TLS handshake.
{ gnutls_datum_t cb; int rc; rc = gnutls_session_channel_binding (session, GNUTLS_CB_TLS_UNIQUE, &cb); if (rc) fprintf (stderr, "Channel binding error: %s\n", gnutls_strerror (rc)); else { size_t i; printf ("- Channel binding 'tls-unique': "); for (i = 0; i < cb.size; i++) printf ("%02x", cb.data[i]); printf ("\n"); } }