Reuse std.crypto.tls; remove duplicated TLS plumbing#27
Merged
Conversation
RFC 9218 §4.2 default is non-incremental (sequential). Flip the SendStream default and have WebTransport bidi/uni opens explicitly set incremental=true, since WT streams have no defined inter-stream ordering and round-robin interleaving matches the quicperf path. Browser demo: allow empty cert hash to rely on CA trust, and use datagrams.createWritable() fallback for the Safari 26.4 API change. Assisted-by: Claude Opus 4.7
QUIC borrows only the TLS 1.3 handshake (carried in CRYPTO frames, RFC 9001), but several handshake primitives and protocol constants were hand-rolled despite std.crypto.tls already defining them authoritatively. Remove that duplication across both TLS paths (QUIC + legacy HTTP/1) with no behavior change. - hkdfExpandLabel / empty-transcript-hash / Finished HMAC now delegate to std.crypto.tls; the two duplicate hkdf wrappers and deriveHpKeyPaddedV are collapsed (~80 lines). - QUIC TLS constants reference std.crypto.tls enums directly; verifyCertificateVerifySignature switches on a typed SignatureScheme; negotiated_group is typed NamedGroup. - RFC 9001 §4.8 CRYPTO_ERROR mapping uses tls.Alert.Description instead of magic alert-code integers. - Legacy http1/tls.zig uses std.crypto.tls enums + tls.Alert; 4 dead constants dropped. - readU16/writeU16 delegate to std.mem.readInt/writeInt (was reinvented bit-math duplicated across both files). Deliberately not done: tls.Decoder rewrite (abstraction shaped for std client's record loop; ~94 sites of already-bounds-checked fuzz-tested parsing), make* context family (idiomatic Zig default-arg layering), and unifying the tls13.zig/http1 handshake message codec (the record-layer vs CRYPTO-frame split is correct; codec consolidation is a separate scoped project needing http1 test coverage first). No second source of truth for any TLS protocol value remains in either path. Tests 522/522, client/server build clean. Assisted-by: Claude Opus 4.7
endel
force-pushed
the
refactor/dedupe-tls-stdlib
branch
from
ed6775d to
386b73e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
QUIC borrows only the TLS 1.3 handshake (carried in CRYPTO frames, RFC 9001), but several handshake primitives and protocol constants were hand-rolled despite
std.crypto.tlsalready defining them authoritatively. This branch removes that duplication across both TLS paths (QUIC + legacy HTTP/1) with no behavior change.Commits
7511f88hkdfExpandLabel/empty-hash/Finished-HMAC tostd.crypto.tls; collapse the duplicate hkdf wrappers andderiveHpKeyPaddedV(~80 lines)ac209edstd.crypto.tlsenums directly; cert-verify switches on typedSignatureScheme;negotiated_grouptyped asNamedGroup5f76908tls.Alert.Description(magic alert codes gone)3f8cdc0http1/tls.zig→std.crypto.tlsenums +tls.Alert; dropped 4 dead constantsed6775dreadU16/writeU16→std.mem.readInt/writeInt(was reinvented bit-math, duplicated across both files)What was deliberately not done
tls.Decoderfor handshake parsing — abstraction is shaped for the std client's record-fill loop; would churn ~94 sites of already-bounds-checked, fuzz-tested parsing for cosmetic gain.make*crypto-context family — the layering is idiomatic Zig default-arg simulation; the only real dup is ~10 lines over two intentionally-distinct structs.No second source of truth for any TLS protocol value remains in either TLS path.
Verification
zig build test --summary all: 522/522 at every commitzig build: client/server binaries clean🤖 Generated with Claude Code