Wasm module signature verification

[asraa]

Title: Wasm module signature verification

Description:
Add the ability to configure verification options to satisfy before executing a Wasm module. This could include checking all/some/at least one signature is present from a list of specified verification keys in the Wasm bytecode according to https://github.com/jedisct1/wasmsign. I propose some kind of VerificationOption struct that contains

• repeated public keys
• verification type (at least 'n', ALL)
• signature type (maybe reference to wasmsign)

If this is something interesting/use-able to others, I am happy to continue implementation.

Relevant Links
Draft PR here: #17221
The change depends on a PR in proxy-wasm-cpp-host: proxy-wasm/proxy-wasm-cpp-host#177

[asraa]

@PiotrSikora

[asraa]

Just a quick bump on this:
The draft PR only specifies a single public key for verification, and I'd expect that instead, some VerificationOption message should encapsulate that (e.g. with repeated public keys, options for the number of signatures expected).
WDYT?

[github-actions]

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.

[github-actions]

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.

[github-actions]

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.