Support X.509 Certificate in Attestation Token.

[jialez0]

cc @Xynnn007 @Lu-Biao @peterzcst @fitzthum

[fitzthum]

Nice job. I think this is a good feature. I made a few notes.

A couple of other things:

Might be good to update the quickstart guide or some of the dockerfiles to make this change easier on users, especially since I think things might break if a user does not supply some trusted certs to the KBS. It would be good to clarify the default behavior.

I guess this does not support updating the certs at runtime. That is probably ok.

[jialez0]

@fitzthum Thanks for reviewing, now this PR is updated.

[fitzthum]

One more comment. Also, are we doing anything to verify requests made from the KBS to the AS? In particular when the AS sends a set policy request to the AS, the AS should probably check if the request is genuine. Do we support this?

[jialez0]

One more comment. Also, are we doing anything to verify requests made from the KBS to the AS? In particular when the AS sends a set policy request to the AS, the AS should probably check if the request is genuine. Do we support this?

@fitzthum When we use KBS with Builtin-AS or gRPC-AS, we have assumed that AS actually runs in the same trusted security domain as KBS and is controlled by the same entity (such as tenants). So under this premise, the interfaces provided by AS are all available for direct invocation without verification now.

We are currently building a scenario which using KBS with RESTful-AS (although we do not fully support it yet). In this scenario, AS and KBS may run on different nodes and be controlled by different entities, which AS may require some additional validation of request from KBS. This is the enhancement point we need to consider next.

[fitzthum]

I think this is fine to merge, but lack of validation of requests (particularly SetPolicy) to the AS seems like potentially a big problem.

[Xynnn007]

Thanks. Only some nits.