Crate wasmtime_wasi_tls

Expand description

§Wasmtime’s wasi-tls (Transport Layer Security) Implementation

This crate provides the Wasmtime host implementation for the wasi-tls API. The wasi-tls world allows WebAssembly modules to perform SSL/TLS operations, such as establishing secure connections to servers. TLS often relies on other wasi networking systems to provide the stream so it will be common to enable the wasi:cli world as well with the networking features enabled.

§An example of how to configure wasi-tls is the following:

use wasmtime_wasi::p2::{IoView, WasiCtx, WasiCtxBuilder, WasiView};
use wasmtime::{
    component::{Linker, ResourceTable},
    Store, Engine, Result, Config
};
use wasmtime_wasi_tls::{LinkOptions, WasiTls, WasiTlsCtx, WasiTlsCtxBuilder};

struct Ctx {
    table: ResourceTable,
    wasi_ctx: WasiCtx,
    wasi_tls_ctx: WasiTlsCtx,
}

impl IoView for Ctx {
    fn table(&mut self) -> &mut ResourceTable {
        &mut self.table
    }
}

impl WasiView for Ctx {
    fn ctx(&mut self) -> &mut WasiCtx {
        &mut self.wasi_ctx
    }
}

#[tokio::main]
async fn main() -> Result<()> {
    let ctx = Ctx {
        table: ResourceTable::new(),
        wasi_ctx: WasiCtxBuilder::new()
            .inherit_stderr()
            .inherit_network()
            .allow_ip_name_lookup(true)
            .build(),
        wasi_tls_ctx: WasiTlsCtxBuilder::new()
            // Optionally, configure a different TLS provider:
            // .provider(Box::new(wasmtime_wasi_tls_nativetls::NativeTlsProvider::default()))
            .build(),
    };

    let mut config = Config::new();
    config.async_support(true);
    let engine = Engine::new(&config)?;

    // Set up wasi-cli
    let mut store = Store::new(&engine, ctx);
    let mut linker = Linker::new(&engine);
    wasmtime_wasi::p2::add_to_linker_async(&mut linker)?;

    // Add wasi-tls types and turn on the feature in linker
    let mut opts = LinkOptions::default();
    opts.tls(true);
    wasmtime_wasi_tls::add_to_linker(&mut linker, &mut opts, |h: &mut Ctx| {
        WasiTls::new(&h.wasi_tls_ctx, &mut h.table)
    })?;

    // ... use `linker` to instantiate within `store` ...
    Ok(())
}

Modules§

bindings: Auto-generated bindings.

Structs§

HostClientConnection: Represents the client connection and used to shut down the tls stream
HostClientHandshake: Represents the ClientHandshake which will be used to configure the handshake
HostFutureClientStreams: Future streams provides the tls streams after the handshake is completed
LinkOptions: Link-time configurations.
RustlsProvider: The rustls provider.
WasiTls: Capture the state necessary for use in the wasi-tls API implementation.
WasiTlsCtx: Wasi TLS context needed for internal wasi-tls state.
WasiTlsCtxBuilder: Builder-style structure used to create a WasiTlsCtx.

Traits§

TlsProvider: A TLS implementation.
TlsStream: A TLS connection.
TlsTransport: The data stream that carries the encrypted TLS data. Typically this is a TCP stream.

Functions§

add_to_linker: Add the wasi-tls world’s types to a [wasmtime::component::Linker].