Add support for the experimental wasi-crypto APIs (#2597)

* Add support for the experimental wasi-crypto APIs

The sole purpose of the implementation is to allow bindings and
application developers to test the proposed APIs.

Rust and AssemblyScript bindings are also available as examples.

Like `wasi-nn`, it is currently disabled by default, and requires
the `wasi-crypto` feature flag to be compiled in.

* Rename the wasi-crypto/spec submodule

* Add a path dependency into the submodule for wasi-crypto

* Tell the publish script to vendor wasi-crypto

crates/wasi-crypto/src/wiggle_interfaces/key_exchange.rs

@@ -0,0 +1,40 @@
+use super::{guest_types, WasiCryptoCtx};
+
+impl super::wasi_ephemeral_crypto_kx::WasiEphemeralCryptoKx for WasiCryptoCtx {
+    // --- key exchange
+
+    fn kx_dh(
+        &self,
+        pk_handle: guest_types::Publickey,
+        sk_handle: guest_types::Secretkey,
+    ) -> Result<guest_types::ArrayOutput, guest_types::CryptoErrno> {
+        Ok(self.ctx.kx_dh(pk_handle.into(), sk_handle.into())?.into())
+    }
+
+    // --- Key encapsulation
+
+    fn kx_encapsulate(
+        &self,
+        pk_handle: guest_types::Publickey,
+    ) -> Result<(guest_types::ArrayOutput, guest_types::ArrayOutput), guest_types::CryptoErrno>
+    {
+        let (secret_handle, encapsulated_secret_handle) =
+            self.ctx.kx_encapsulate(pk_handle.into())?;
+        Ok((secret_handle.into(), encapsulated_secret_handle.into()))
+    }
+
+    fn kx_decapsulate(
+        &self,
+        sk_handle: guest_types::Secretkey,
+        encapsulated_secret_ptr: &wiggle::GuestPtr<'_, u8>,
+        encapsulated_secret_len: guest_types::Size,
+    ) -> Result<guest_types::ArrayOutput, guest_types::CryptoErrno> {
+        let encapsulated_secret = &*encapsulated_secret_ptr
+            .as_array(encapsulated_secret_len)
+            .as_slice()?;
+        Ok(self
+            .ctx
+            .kx_decapsulate(sk_handle.into(), encapsulated_secret)?
+            .into())
+    }
+}