Next: , Previous: , Up: Advanced topics   [Contents][Index]


6.12.6 Channel bindings

In user authentication protocols (e.g., EAP or SASL mechanisms) it is useful to have a unique string that identifies the secure channel that is used, to bind together the user authentication with the secure channel. This can protect against man-in-the-middle attacks in some situations. That unique string is called a “channel binding”. For background and discussion see [RFC5056].

In GnuTLS you can extract a channel binding using the gnutls_session_channel_binding function. Currently only the type GNUTLS_CB_TLS_UNIQUE is supported, which corresponds to the tls-unique channel binding for TLS defined in [RFC5929].

The following example describes how to print the channel binding data. Note that it must be run after a successful TLS handshake.

{
  gnutls_datum_t cb;
  int rc;

  rc = gnutls_session_channel_binding (session,
                                       GNUTLS_CB_TLS_UNIQUE,
                                       &cb);
  if (rc)
    fprintf (stderr, "Channel binding error: %s\n",
             gnutls_strerror (rc));
  else
    {
      size_t i;
      printf ("- Channel binding 'tls-unique': ");
      for (i = 0; i < cb.size; i++)
        printf ("%02x", cb.data[i]);
      printf ("\n");
    }
}