Feat: Support WASI-Crypto proposal

[hydai]

Motivation

After WasmEdge provides an experimental API, WASI Socket, for supporting Berkeley Sockets API in Wasm. WasmEdge enabled a new way to open a new socket, listen to an existed socket, and send and receive data. Moreover, it will be nice if we can do more things in the related features such as SSL support.

To achieve this feature, one possible way is to compile the OpenSSL library to Wasm and link it as a library. However, the performance may be not good, because all the computation jobs are done at the wasm level. Here is an alternative way, instead of the previous one, we can wrap the OpenSSL library to Wasm external functions. For example, binding ssl_connect to (import "openssl" "ssl_connect" ... ). Unfortunately, this is not an easy way to do it.

To simply the workload, we decide to implement the WASI-crypto proposal first, and then use this proposal to make the above things happen.

Specification

1. Follow the spec of WASI-crypto proposal.
2. Implement the interface functions in WasmEdge wasi-crypto modules.
3. Add unit tests and coverage to related functions.
4. Create a demo kit to show the WASI-Crypto features.

Appendix

1. WASI-Crypto: https://github.com/WebAssembly/wasi-crypto
2. WASI-Crypto Rust SDK: https://github.com/WebAssembly/wasi-crypto/tree/main/implementations/bindings/rust

[feniljain]

Hey @hydai, the project seems fascinating, I have always been interested in learning more about wasm. I would like to work on the project, could you guide me on how I could get started?

[hydai]

Hi @feniljain, that's good to hear.

This feature contains the following background knowledge:

1. WebAssembly Binary Format. WasmEdge is followed the Spec version 1.1
2. WebAssembly Concept. You can find some tutorials and examples on the MDN Web Docs
3. After you have the basic understanding of Wasm, then the next step is to study the spec definitions between the current working version and the WASI-Crypto version. And try to integrate them into WasmEdge.
4. Finally, we can start to write the implementation and tests. The headers are under include/host/wasi-crypto. And the implementation codes are under lib/host.

This issue is a three months project which is on the LFX Mentorship. If you are interested, please apply on this webpage when the applications open.

[feniljain]

Thanks @hydai. I would like to apply for it, what all do I need to provide to improve my application, do I need to have previous contributions in this project, provide implementation proposal, etc.?

[hydai]

That will be awesome 😎
No worries. You don't need to have any contributions in WasmEdge before.
However, we would like to know why are you interested in WasmEdge and what experience and skills you have that are applicable to this mission. These are very important to us ;-)

[VedantParanjape]

Hi @hydai I am interested in this project. Can you specify the tech stack of this project. I am C/C++ developer.

[vedangj044]

Hello @hydai, I am a student from India. I would like to contribute to this project. I have previously contributed to open-source projects that use Rust. I have enjoyed rust very much and am excited about WASM. I love cryptography, I am a beginner though. I have worked on X.509 certificates. Where we used crates like rcgen, ring, and rsa. This is why the WasmEdge project intrigued me, I would read more about it!

[hangedfish]

I think IoT devices need a mbedtls backend because OpenSSL is not lightweight

[hydai]

I am not familiar with mbedtls. Does it have the functionality equivalent to OpenSSL?

[hangedfish]

I am not familiar with mbedtls. Does it have the functionality equivalent to OpenSSL?

mbedtls provides a minimum viable implementation of the TLS 1.2/1.3 protocol. In other respects some openssl features are not supported, such as pkcs#7.

[q82419]

Merged: #1590 #1643