Wasmtime's wasi-tls (Transport Layer Security) Implementation

This crate provides the Wasmtime host implementation for the wasi-tls API. The wasi-tls world allows WebAssembly modules to perform SSL/TLS operations, such as establishing secure connections to servers. TLS often relies on other wasi networking systems to provide the stream so it will be common to enable the wasi:cli world as well with the networking features enabled.

An example of how to configure wasi-tls is the following:

use wasmtime_wasi::{WasiCtx, WasiCtxView, WasiView};
use wasmtime::{
    component::{Linker, ResourceTable},
    Store, Engine, Result,
};
use wasmtime_wasi_tls::{LinkOptions, WasiTls, WasiTlsCtx, WasiTlsCtxBuilder};

struct Ctx {
    table: ResourceTable,
    wasi_ctx: WasiCtx,
    wasi_tls_ctx: WasiTlsCtx,
}

impl WasiView for Ctx {
    fn ctx(&mut self) -> WasiCtxView<'_> {
        WasiCtxView { ctx: &mut self.wasi_ctx, table: &mut self.table }
    }
}

#[tokio::main]
async fn main() -> Result<()> {
    let ctx = Ctx {
        table: ResourceTable::new(),
        wasi_ctx: WasiCtx::builder()
            .inherit_stderr()
            .inherit_network()
            .allow_ip_name_lookup(true)
            .build(),
        wasi_tls_ctx: WasiTlsCtxBuilder::new()
            // Optionally, configure a different TLS provider:
            // .provider(Box::new(wasmtime_wasi_tls_nativetls::NativeTlsProvider::default()))
            .build(),
    };

    let engine = Engine::default();

    // Set up wasi-cli
    let mut store = Store::new(&engine, ctx);
    let mut linker = Linker::new(&engine);
    wasmtime_wasi::p2::add_to_linker_async(&mut linker)?;

    // Add wasi-tls types and turn on the feature in linker
    let mut opts = LinkOptions::default();
    opts.tls(true);
    wasmtime_wasi_tls::add_to_linker(&mut linker, &mut opts, |h: &mut Ctx| {
        WasiTls::new(&h.wasi_tls_ctx, &mut h.table)
    })?;

    // ... use `linker` to instantiate within `store` ...
    Ok(())
}