Crypto support in wasi-wasm runtime

knutwannheden commented 7 months ago

Description

Currently, the System.Security.Cryptography.HashAlgorithmName methods throw a PlatformNotSupportedException when executed in a C# program that got compiled against the wasi-wasm runtime. While the WASI Crypto API hasn't been finalized (AFAICT) and wasmtime doesn't provide any implementation, it would be really useful if at least the managed implementation of these crypto functions were available for programs running under wasi-wasm.

Reproduction Steps

Compile any program accessing any of the crypto functions (e.g. SHA1). When run an exception will be thrown:

System.PlatformNotSupportedException: SystemSecurityCryptography_PlatformNotSupported
   at System.Security.Cryptography.SHA1.Create()
   ...

Expected behavior

While no WASI Crypto API has been finalized and made available via wasmtime, it would be really useful if the managed implementations could be used. I am trying to use Roslyn APIs, which internally use both SHA1 and SHA256 and thus cannot be executed under wasi-wasm.

Actual behavior

A PlatformNotSupportedException gets thrown.

Regression?

No response

Known Workarounds

No response

Configuration

.NET 9 (preview 1)
wasi-wasm runtime platform

Other information

No response

ghost commented 7 months ago

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones See info in area-owners.md if you want to be subscribed.

Issue Details

### Description Currently, the `System.Security.Cryptography.HashAlgorithmName` methods throw a `PlatformNotSupportedException` when executed in a C# program that got compiled against the `wasi-wasm` runtime. While the WASI Crypto API hasn't been finalized (AFAICT) and `wasmtime` [doesn't provide any implementation](https://github.com/bytecodealliance/wasmtime/pull/6816), it would be really useful if at least the managed implementation of these crypto functions were available for programs running under wasi-wasm. ### Reproduction Steps Compile any program accessing any of the crypto functions (e.g. SHA1). When run an exception will be thrown: ``` System.PlatformNotSupportedException: SystemSecurityCryptography_PlatformNotSupported at System.Security.Cryptography.SHA1.Create() ... ``` ### Expected behavior While no WASI Crypto API has been finalized and made available via `wasmtime`, it would be really useful if the managed implementations could be used. I am trying to use Roslyn APIs, which internally use both SHA1 and SHA256 and thus cannot be executed under wasi-wasm. ### Actual behavior A `PlatformNotSupportedException` gets thrown. ### Regression? _No response_ ### Known Workarounds _No response_ ### Configuration - .NET 9 (preview 1) - wasi-wasm runtime platform ### Other information _No response_

Author:	knutwannheden
Assignees:	-
Labels:	`area-System.Security`
Milestone:	-

bartonjs commented 7 months ago

There's not a special wasi build of System.Security.Cryptography. Is it not the same as browser?

https://github.com/dotnet/runtime/blob/8688afa62804140484997fd4a3f5bd32ee04451e/src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj#L6

Based on the message, I think it's just pulling in the RID-less build; since that looks like the output from <GeneratePlatformNotSupportedAssemblyMessage Condition="'$(TargetPlatformIdentifier)' == ''">SR.SystemSecurityCryptography_PlatformNotSupported</GeneratePlatformNotSupportedAssemblyMessage>

vcsjones commented 7 months ago

Is it not the same as browser?

It's not. We would need to treat $(NetCoreAppCurrent)-wasi the same as browser.

vcsjones commented 7 months ago

We would also need to go and annotate all of our UnsupportedOSPlatforms that have browser with "wasi", I think.

lewing commented 6 months ago

Correct, since wasi is still an experiemental platform we haven't annotated the apis for the analyzer yet. https://github.com/WebAssembly/WASI-crypto is the proposal we would wrap if we decide to add platform support.

dotnet / runtime