Documentation ¶
Overview ¶
Package channelbinding provides TLS Channel Binding support as defined in RFC 5929:
tls-unique: binds to an individual TLS connection tls-endpoint: binds to the server's TLS certificate
These bindings are available for TLS versions prior to TLS1.3 only, and are subject to issues related to session resumption and renegotiation, as described in https://mitls.org/pages/attacks/3SHAKE#channelbindings. Please take time to read and understand the limitations before relying on channel bindings to secure authentication protocols.
Index ¶
Constants ¶
const ( TLSChannelBindingNone = iota TLSChannelBindingUnique TLSChannelBindingEndpoint TLSChannelBindingExporter )
Supported TLS channel binding types
Variables ¶
This section is empty.
Functions ¶
func MakeTLSChannelBinding ¶
func MakeTLSChannelBinding(state tls.ConnectionState, serverCert *x509.Certificate, bindingType TLSChannelBindingType) (cbData []byte, err error)
MakeTLSChannelBinding creates the TLS channel binding data for a given binding type.
Unfortunately it is not possible to determine whether the caller is the client or server from the ConncetionState alone. Therefore, serverCert must be passed when requesting TLSCHannelBindingEndpoint binding. For a client, this value is state.PeerCertificates[0]. Determining which certificate to use for a server is more complex when multiple server certs are used (eg. when making use of SNI), and this is left to the caller to determine.
serverCert may be nil when requesting TLSChannelBindingUnique binding.
A request for TLSChannelBindingUnique will fail if TLS1.3 is in use, or if session resumption is enabled.
A request for TLSChannelBindingEndpoint will fail if TLS1.3 is in use or no serverCert is supplied.
The returned data is suitable for passing to SASL or GSSAPI authentication mechanisms.
Note that it is the caller's responsibility to ensure that session renegotiation does not occur between the time that MakeTLSChannelBinding() is called and the end of the authentication phase of the application protocol.
The TLSChannelBindingExporter binding type is experimental.
Types ¶
type TLSChannelBindingType ¶
type TLSChannelBindingType int
TLSChannelBindingType defines a TLS Channel Binding type