gnutls_session_channel_binding returns empty binding data for TLS1.3
Description of problem:
When using TLS1.3 connection and attempting to retrieve tls-unique binding data the
gnutls_session_channel_binding()
call succeeds however returns empty data (zero size buffer).
Looking at the code - the call intercepts finished message only on lib/handshake.c
but not in lib/tls13/finished.c
Technically you don't need to store finished in tls13 as it could always be computed, which is not done in this call.
Version of gnutls used:
3.6.14-1
Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
ArchLinux
How reproducible:
gnutls_datum_t cb;
int ret = gnutls_session_channel_binding (priv->session, GNUTLS_CB_TLS_UNIQUE, &cb);
if (ret == GNUTLS_E_SUCCESS)
{
if (data != NULL)
{
g_tls_log_debug (gnutls, "tls-unique binding size %d", cb.size);
g_free (g_byte_array_steal (data, NULL));
g_byte_array_append (data, cb.data, cb.size);
}
g_free (cb.data);
return TRUE;
}
Steps to Reproduce:
- run with G_TLS_GNUTLS_PRIORITY='NORMAL:%COMPAT:!VERS-TLS1.3' - result is
(/home/ruff/co/glib-networking/_build/tls/tests/connection-gnutls:430951): GLib-Net-DEBUG: 11:27:43.445: CLIENT[0x55b24b896440]: tls-unique binding size 12
(/home/ruff/co/glib-networking/_build/tls/tests/connection-gnutls:430951): GLib-Net-DEBUG: 11:27:43.445: SERVER[0x55b24b8a29d0]: tls-unique binding size 12
- run with defaults (which prefers TLS1.3)
(/home/ruff/co/glib-networking/_build/tls/tests/connection-gnutls:430949): GLib-Net-DEBUG: 11:27:43.398: CLIENT[0x564054f58440]: tls-unique binding size 0
(/home/ruff/co/glib-networking/_build/tls/tests/connection-gnutls:430949): GLib-Net-DEBUG: 11:27:43.398: SERVER[0x564054f649d0]: tls-unique binding size 0
Actual results:
see above
Expected results:
tls-unique binding size 48 (at least that's what I get with OpenSSL)
Edited by Daiki Ueno