From MacOS to Raspberry Pi — Extending the Enarx Development Platforms

As of git HEAD 90e539cd Enarx now additionally supports the following targets:

  • aarch64-apple-darwin
  • x86_64-apple-darwin
  • aarch64-unknown-linux-gnu
  • aarch64-unknown-linux-musl

This is made possible by using the wasmtime crate directly with the nil backend. The nil backend does not use a trusted execution environment (TEE) to run the Wasm application.

$ cd [ENARX GIT REPO]
$ cargo install --no-default-features --features backend-nil --path .
$ enarx run [SOME WASM FILE]

With that in place, you can even develop and test Wasm code on platforms which do not provide TEEs, and see if it can be run securely in an Enarx Keep on a platform with SGX2 or SEV-SNP support.

For example, you can test the transparent TLS encryption — which Enarx does for wasm32-wasi code in the Keep — on your Mac M1 or your Raspberry Pi 4B.

$ git clone https://github.com/haraldh/mini_http.git
$ cd mini_http
$ CARGO_TARGET_WASM32_WASI_RUNNER="enarx run --wasmcfgfile examples/Enarx.toml"  \
  cargo run --target wasm32-wasi --example hello_enarx

Point your browser to https://127.0.0.1:3000 and accept the self-signed certificate and see the Enarx Wasm web server in action.

For more information, please refer to the mini_http README.md.

Note that the Enarx runtime only does transparent TLS encryption, and the Wasm application fully implements the web server. That means your app is not limited to a given Wasm framework like handling one http connection. It is free to implement any protocol underneath the TLS layer. In the Enarx.toml configuration you can specify several pre-opened sockets, on which your app can listen on and accept new connections.

Networking in the WebAssembly System Interface (WASI) standard was made possible by multiple contributions of Profian employees:

In the future we will enable networking for the Wasm WASI standard in many more programming languages. Everything is open source and free for everyone.

Happy coding!