docs/ci: abondon HTTPS_CRYPTO and update token verifier config

Due to latest change, KBS will not maintain both rustls and openssl
suites for HTTPS. Thus we need to delete all the options of HTTPS_CRYPTO
config in documents and codes.

Also, the latest change changes the config format of
`attestation_token_config`, this patch also applies the change.

Signed-off-by: Xynnn007 <[email protected]>

.github/workflows/kbs-rust.yml

@@ -58,7 +58,7 @@ jobs:
 
     - name: KBS Build [Built-in CoCo AS, OpenSSL]
       working-directory: kbs
-      run: make HTTPS_CRYPTO=openssl
+      run: make
 
     - name: KBS Build [gRPC CoCo AS, RustTLS]
       working-directory: kbs

.github/workflows/push-kbs-image-to-ghcr.yml

@@ -25,15 +25,12 @@ jobs:
         include:
           - tag: kbs
             docker_file: kbs/docker/Dockerfile
-            https_crypto: openssl
             name: build-in AS
           - tag: kbs-grpc-as
             docker_file: kbs/docker/coco-as-grpc/Dockerfile
-            https_crypto: rustls
             name: gRPC AS
           - tag: kbs-ita-as
             docker_file: kbs/docker/intel-trust-authority/Dockerfile
-            https_crypto: rustls
             name: Intel Trust Authority AS
 
     runs-on: ${{ matrix.instance }}
@@ -56,12 +53,10 @@ jobs:
       run: |
         commit_sha=${{ github.sha }}
         arch=$(uname -m)
-        https_crypto=${{ matrix.https_crypto }}
-        [ "${arch}" = "s390x" ] && https_crypto=openssl
         DOCKER_BUILDKIT=1 docker build -f "${{ matrix.docker_file }}" --push \
           -t "ghcr.io/confidential-containers/staged-images/${{ matrix.tag }}:${commit_sha}-${arch}" \
           -t "ghcr.io/confidential-containers/staged-images/${{ matrix.tag }}:latest-${arch}" \
-          --build-arg ARCH="${arch}" --build-arg HTTPS_CRYPTO="${https_crypto}" .
+          --build-arg ARCH="${arch}" .
 
   publish_multi_arch_image:
     needs: build_and_push

deps/verifier/src/se/README.md

@@ -67,7 +67,7 @@ openssl pkey -in kbs.key -pubout -out kbs.pem
 
 - Build KBS
 ```bash
-cargo install --locked --debug --path kbs/src/kbs --no-default-features --features coco-as-builtin,openssl,resource,opa 
+cargo install --locked --debug --path kbs/src/kbs --no-default-features --features coco-as-builtin,resource,opa 
 ```
 
 - Prepare the material retrieved above, similar as:
@@ -101,7 +101,7 @@ auth_public_key = "/kbs/kbs.pem"
 insecure_http = true
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
+insecure_key = true
 
 [as_config]
 work_dir = "/opt/confidential-containers/attestation-service"
@@ -128,7 +128,7 @@ export SE_SKIP_CERTS_VERIFICATION=true
 ## (Option 2) Launch KBS via docker-compose
 - Build the docker image
 ```
-DOCKER_BUILDKIT=1 docker build --build-arg HTTPS_CRYPTO="openssl" --build-arg ARCH="s390x" -t ghcr.io/confidential-containers/staged-images/kbs:latest . -f kbs/docker/Dockerfile
+DOCKER_BUILDKIT=1 docker build --build-arg --build-arg ARCH="s390x" -t ghcr.io/confidential-containers/staged-images/kbs:latest . -f kbs/docker/Dockerfile
 ```
 
 - Prepare a docker compose file, similar as:

kbs/Makefile

@@ -1,5 +1,4 @@
 AS_TYPE ?= coco-as
-HTTPS_CRYPTO ?= rustls
 POLICY_ENGINE ?=
 ALIYUN ?= false
 
@@ -39,16 +38,16 @@ build: background-check-kbs
 
 .PHONY: background-check-kbs
 background-check-kbs:
-	cargo build -p kbs --locked --release --no-default-features --features $(AS_FEATURE),resource,$(HTTPS_CRYPTO),$(POLICY_ENGINE),$(FEATURES)
+	cargo build -p kbs --locked --release --no-default-features --features $(AS_FEATURE),resource,$(POLICY_ENGINE),$(FEATURES)
 
 .PHONY: passport-issuer-kbs
 passport-issuer-kbs:
-	cargo build -p kbs --locked --release --no-default-features --features $(AS_FEATURE),$(HTTPS_CRYPTO),$(FEATURES)
+	cargo build -p kbs --locked --release --no-default-features --features $(AS_FEATURE),$(FEATURES)
 	mv ../target/release/kbs ../target/release/issuer-kbs
 
 .PHONY: passport-resource-kbs
 passport-resource-kbs:
-	cargo build -p kbs --locked --release --no-default-features --features $(HTTPS_CRYPTO),resource,$(POLICY_ENGINE),$(FEATURES)
+	cargo build -p kbs --locked --release --no-default-features --features resource,$(POLICY_ENGINE),$(FEATURES)
 	mv ../target/release/kbs ../target/release/resource-kbs
 
 .PHONY: cli

kbs/README.md

@@ -90,11 +90,10 @@ The Makefile supports a number of other configuration parameters.
 
 For example,
 ```shell
-make background-check-kbs [HTTPS_CRYPTO=?] [POLICY_ENGINE=?] [AS_TYPES=?] [COCO_AS_INTEGRATION_TYPE=?] [ALIYUN=?]
+make background-check-kbs [POLICY_ENGINE=?] [AS_TYPES=?] [COCO_AS_INTEGRATION_TYPE=?] [ALIYUN=?]
 ```
 
 The parameters
-- `HTTPS_CRYPTO`: either `rustls` or `openssl` can be specified. If not provided, `rustls` is default.
 - `POLICY_ENGINE`: The KBS has a policy engine to facilitate access control. This should not be confused with the policy engine in the AS, which determines whether or not TEE evidence is valid. `POLICY_ENGINE` determines which type of policy engine the KBS will use. Today only `opa` is supported. The KBS can also be built without a policy engine
 if it is not required.
 - `AS_TYPES`: The KBS supports multiple backend attestation services. `AS_TYPES` selects which verifier to use. The options are `coco-as` and `intel-trust-authority-as`.
@@ -103,8 +102,6 @@ if it is not required.
 ## HTTPS Support
 
 The KBS can use HTTPS. This requires a crypto backend.
-`HTTPS_CRYPTO` determines which backend will be used.
-The options are `rustls` and `openssl`. The default is `rustls`.
 
 If you want a self-signed cert for test cases, please refer to [the document](docs/self-signed-https.md).
 

kbs/config/docker-compose/kbs-config.toml

@@ -3,7 +3,7 @@ auth_public_key = "/opt/confidential-containers/kbs/user-keys/public.pub"
 insecure_http = true
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
+insecure_key = true
 
 [grpc_config]
 as_addr = "http://as:50004"

kbs/config/kbs-config-grpc.toml

@@ -2,7 +2,7 @@ insecure_http = true
 insecure_api = true
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
+insecure_key = true
 
 [grpc_config]
 as_addr = "http://127.0.0.1:50004"

kbs/config/kbs-config-intel-trust-authority.toml

@@ -2,7 +2,6 @@ insecure_http = true
 insecure_api = true
 
 [attestation_token_config]
-attestation_token_type = "Jwk"
 trusted_certs_paths = ["https://portal.trustauthority.intel.com"]
 
 [intel_trust_authority_config]

kbs/config/kbs-config.toml

@@ -2,7 +2,7 @@ insecure_http = true
 insecure_api = true
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
+insecure_key = true
 
 [repository_config]
 type = "LocalFs"

kbs/config/kubernetes/base/kbs-config.toml

@@ -5,7 +5,7 @@ auth_public_key = "/kbs/kbs.pem"
 insecure_http = true
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
+insecure_key = true
 
 [as_config]
 work_dir = "/opt/confidential-containers/attestation-service"

kbs/config/kubernetes/ita/kbs-config.toml

@@ -5,7 +5,6 @@ auth_public_key = "/kbs/kbs.pem"
 insecure_http = true
 
 [attestation_token_config]
-attestation_token_type = "Jwk"
 trusted_certs_paths = ["https://portal.trustauthority.intel.com"]
 
 [intel_trust_authority_config]

kbs/docker/Dockerfile

@@ -1,6 +1,5 @@
 FROM rust:slim as builder
 ARG ARCH=x86_64
-ARG HTTPS_CRYPTO=rustls
 ARG ALIYUN=false
 
 ENV DEBIAN_FRONTEND noninteractive
@@ -37,7 +36,7 @@ RUN if [ "${ARCH}" = "x86_64" ]; then curl -fsSL https://download.01.org/intel-s
 WORKDIR /usr/src/kbs
 COPY . .
 
-RUN cd kbs && make AS_FEATURE=coco-as-builtin HTTPS_CRYPTO=${HTTPS_CRYPTO} POLICY_ENGINE=opa ALIYUN=${ALIYUN} && \
+RUN cd kbs && make AS_FEATURE=coco-as-builtin POLICY_ENGINE=opa ALIYUN=${ALIYUN} && \
     make install-kbs
 
 FROM ubuntu:22.04

kbs/docker/coco-as-grpc/Dockerfile

@@ -1,6 +1,5 @@
 FROM rust:latest as builder
 ARG ARCH=x86_64
-ARG HTTPS_CRYPTO=rustls
 ARG ALIYUN=false
 
 WORKDIR /usr/src/kbs
@@ -9,7 +8,7 @@ COPY . .
 RUN apt-get update && apt install -y protobuf-compiler git
 
 # Build and Install KBS
-RUN cd kbs && make AS_FEATURE=coco-as-grpc HTTPS_CRYPTO=${HTTPS_CRYPTO} POLICY_ENGINE=opa ALIYUN=${ALIYUN} && \
+RUN cd kbs && make AS_FEATURE=coco-as-grpc POLICY_ENGINE=opa ALIYUN=${ALIYUN} && \
     make install-kbs
 
 FROM ubuntu:22.04

kbs/docker/intel-trust-authority/Dockerfile

@@ -1,5 +1,4 @@
 FROM rust:latest as builder
-ARG HTTPS_CRYPTO=rustls
 ARG ALIYUN=false
 
 WORKDIR /usr/src/kbs
@@ -8,7 +7,7 @@ COPY . .
 RUN apt-get update && apt install -y git
 
 # Build and Install KBS
-RUN cd kbs && make AS_FEATURE=intel-trust-authority-as HTTPS_CRYPTO=${HTTPS_CRYPTO} POLICY_ENGINE=opa ALIYUN=${ALIYUN} && \
+RUN cd kbs && make AS_FEATURE=intel-trust-authority-as POLICY_ENGINE=opa ALIYUN=${ALIYUN} && \
     make install-kbs
 
 FROM ubuntu:22.04

kbs/docker/rhel-ubi/Dockerfile

@@ -15,7 +15,7 @@ dnf -y install --nogpgcheck --repofrompath "sgx,file:///root/sgx_rpm_local_repo"
 # Build.
 WORKDIR /usr/src/kbs
 COPY . .
-ARG KBS_FEATURES=coco-as-builtin,rustls,resource,opa
+ARG KBS_FEATURES=coco-as-builtin,resource,opa
 RUN \
 cargo install --locked --root /usr/local/ --path kbs --bin kbs --no-default-features --features ${KBS_FEATURES} && \
 # Collect linked files necessary for the binary to run.

kbs/docs/config.md

@@ -39,12 +39,26 @@ The following properties can be set under the `attestation_token_config` section
 
 | Property                   | Type         | Description                                                                                                                                              | Required | Default |
 |----------------------------|--------------|----------------------------------------------------------------------------------------------------------------------------------------------------------|----------|---------|
-| `attestation_token_config` | String       | Attestation token broker type. Valid values: `CoCo`, `Jwk`                                                                                               | Yes      | -       |
-| `trusted_certs_paths`      | String Array | Trusted Certificates file (PEM format) for `CoCo` or a valid Url (`file://` or `https://`) pointing to a JWKSet certificates (local or OpenID) for `Jwk` | No       | -       |
+| `trusted_jwk_sets` | String Array      | Valid Url (`file://` or `https://`) pointing to trusted JWKSets (local or OpenID) for Attestation Tokens trustworthy verification                                                                                             | No      | -       |
+| `trusted_certs_paths` | String Array | Trusted Certificates file (PEM format) for Attestation Tokens trustworthy verification  | No       | -       |
+| `extra_teekey_paths` | String Array | User defined paths to the tee public key in the JWT body  | No       | -       |
+| `insecure_key` | Boolean | Whether to check the trustworthy of the JWK inside JWT. See comments. | No       | `false`      |
 
+Each JWT contains a TEE Public Key. Users can use the `extra_teekey_paths` field to additionally specify the path of this Key in the JWT.
+Example of `extra_teekey_paths` is `/attester_runtime_data/tee-pubkey` which refers to the key
+`attester_runtime_data.tee-pubkey` inside the JWT body claims. By default CoCo AS Token and Intel TA
+Token TEE Public Key paths are supported.
 
-If `trusted_certs_paths` is set, KBS will forcibly check the validity of the Attestation Token signature public key certificate,
-if not set this field, KBS will skip the verification of the certificate.
+For Attestation Services like CoCo-AS, the public key to verify the JWT will be given
+in the token's `jwk` field (with or without the public key cert chain `x5c`).
+
+- If `insecure_key` is set to `true`, KBS will ignore to verify the trustworthy of the `jwk`.
+- If `insecure_key` is set to `false`, KBS will look up its `trusted_certs_paths` and the `x5c`
+field to verify the trustworthy of the `jwk`.
+
+For Attestation Services like Intel TA, there will only be a `kid` field inside the JWT.
+The `kid` field is used to look up the trusted jwk configured by KBS via `trusted_jwk_sets` to
+verify the integrity and trustworthy of the JWT.
 
 ### Repository Configuration
 
@@ -207,8 +221,7 @@ insecure_http = true
 insecure_api = true
 
 [attestation_token_config]
-attestation_token_type = "Jwk"
-trusted_certs_paths = ["https://portal.trustauthority.intel.com"]
+trusted_jwk_sets = ["https://portal.trustauthority.intel.com"]
 
 [repository_config]
 type = "LocalFs"

kbs/docs/self-signed-https.md

@@ -72,7 +72,7 @@ auth_public_key = "/etc/public.pub"
 insecure_api = true
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
+insecure_key = true
 
 [repository_config]
 type = "LocalFs"

kbs/quickstart.md

@@ -240,13 +240,27 @@ Adding the following content to JSON config file of gRPC AS:
 
 ### Configure trusted root certificate of KBS
 
-Adding the following content to the config file of Resource KBS to specify trusted root certificate (PEM format),
-which used to verify the trustworthy of the certificate in Attestation Token:
+Attestation Tokens are now all in JWT format.
+
+Adding the following content to the config file of Resource KBS to specify trusted root certificate (PEM format)
+or JWK set which are used to verify the trustworthy of the Attestation Token:
 
 ```toml
 [attestation_token_config]
-attestation_token_type = "CoCo"
+# Path of root certificate used to verify the trustworthy of `x5c` extension in the JWT
 trusted_certs_paths = ["/path/to/trusted_cacert.pem"]
+
+# URL (`path://` or `https://`) of the trusted JWK that can be indexed by `kid` in
+# JWT Header.
+trusted_jwk_sets = ["/url/to/trusted_jwk_set"]
+
+# For Attestation Services like CoCo-AS, the public key to verify the JWT will be given
+# in the token's `jwk` field (with or without the public key cert chain `x5c`).
+#
+# - If this flag is set to `true`, KBS will ignore to verify the trustworthy of the `jwk`.
+# - If this flag is set to `false`, KBS will look up its `trusted_certs_paths` and the `x5c`
+# field to verify the trustworthy of the `jwk`.
+insecure_key = false
 ```
 
 If `trusted_certs_paths` field is not set, KBS will skip the verification of the certificate in Attestation Token.

kbs/test/config/kbs.toml

@@ -5,7 +5,7 @@ private_key = "./work/https.key"
 certificate = "./work/https.crt"
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
+trusted_certs_paths = ["./work/token-cert.pem"]
 
 [repository_config]
 type = "LocalFs"

kbs/test/config/resource-kbs.toml

@@ -3,7 +3,6 @@ auth_public_key = "./work/kbs.pem"
 insecure_http = true
 
 [attestation_token_config]
-attestation_token_type = "CoCo"
 trusted_certs_paths = ["./work/ca-cert.pem"]
 
 [repository_config]