Introduce keylime TEE attestation service support

Cargo.toml

@@ -42,7 +42,7 @@ jwt-simple = { version = "0.12", default-features = false, features = [
 kbs_protocol = { git = "https://github.com/confidential-containers/guest-components.git", rev = "7be23a1", default-features = false }
 kbs-types = "0.14.0"
 kms = { git = "https://github.com/confidential-containers/guest-components.git", rev = "7be23a1", default-features = false }
-jsonwebtoken = { version = "10", default-features = false, features = ["aws_lc_rs"] }
+jsonwebtoken = { version = "10", features = ["aws_lc_rs"] }
 lazy_static = "1.4.0"
 log = "0.4.28"
 openssl = "0.10.75"
@@ -56,7 +56,7 @@ regorus = { version = "0.5.0", default-features = false, features = [
     "std",
 ] }
 reqwest = { version = "0.12", default-features = false, features = [
-    "default-tls",
+    "rustls-tls",
     "json",
 ] }
 rstest = "0.26.1"

deps/verifier/Cargo.toml

@@ -55,7 +55,7 @@ csv-rs = { git = "https://github.com/openanolis/csv-rs", rev = "b67a07e", option
 eventlog = { path = "../eventlog", optional = true }
 hex.workspace = true
 jsonwebkey = "0.3.5"
-jsonwebtoken = { workspace = true, default-features = false, optional = true }
+jsonwebtoken = { workspace = true, optional = true }
 kbs-types.workspace = true
 openssl = { version = "0.10.75", optional = true }
 pv = { version = "0.10.0", package = "s390_pv", optional = true }

kbs/Cargo.toml

@@ -27,6 +27,9 @@ coco-as-grpc = ["coco-as", "mobc", "tonic", "tonic-prost", "prost"]
 # Use Intel TA as backend attestation service
 intel-trust-authority-as = ["as", "az-cvm-vtpm"]
 
+# Use the keylime /verify/evidence handler as backend attestation service
+keylime-as = ["as"]
+
 # Use aliyun KMS as KBS backend
 aliyun = ["kms/aliyun"]
 
@@ -57,7 +60,7 @@ cryptoki = { version = "0.10.0", optional = true }
 derivative.workspace = true
 env_logger.workspace = true
 hex.workspace = true
-jsonwebtoken = { workspace = true, default-features = false }
+jsonwebtoken.workspace = true
 jwt-simple.workspace = true
 kbs-types.workspace = true
 kms = { workspace = true, default-features = false }

kbs/config/kbs-config-keylime-as.toml

@@ -0,0 +1,20 @@
+[http_server]
+insecure_http = true
+
+[attestation_token]
+insecure_key = true
+
+[attestation_service]
+type = "keylime-tee"
+base_url = "https://0.0.0.0:8881"
+api_version_major = 2
+api_version_minor = 4
+cv_ca_path = "/var/lib/keylime/cv_ca"
+
+[[plugins]]
+name = "resource"
+type = "LocalFs"
+dir_path = "/opt/confidential-containers/kbs/repository"
+
+[admin]
+insecure_api = true

kbs/src/attestation/backend.rs

@@ -50,6 +50,7 @@ lazy_static! {
 pub type TeeEvidence = serde_json::Value;
 
 /// IndependentEvidence is one set of evidence from one attester.
+#[derive(Debug)]
 pub struct IndependentEvidence {
     pub tee: Tee,
     pub tee_evidence: TeeEvidence,
@@ -167,6 +168,13 @@ impl AttestationService {
                     .map_err(|e| Error::AttestationServiceInitialization { source: e })?;
                 Arc::new(intel_ta) as _
             }
+            #[cfg(feature = "keylime-as")]
+            AttestationServiceConfig::Keylime(cfg) => {
+                let keylime = super::keylime::KeylimeTeeHandler::new(cfg)
+                    .await
+                    .map_err(|e| Error::AttestationServiceInitialization { source: e })?;
+                Arc::new(keylime) as _
+            }
         };
 
         let session_map = Arc::new(SessionMap::new());

kbs/src/attestation/config.rs

@@ -45,6 +45,10 @@ pub enum AttestationServiceConfig {
     #[cfg(feature = "intel-trust-authority-as")]
     #[serde(alias = "intel_ta")]
     IntelTA(super::intel_trust_authority::IntelTrustAuthorityConfig),
+
+    #[cfg(feature = "keylime-as")]
+    #[serde(alias = "keylime-tee")]
+    Keylime(super::keylime::KeylimeVerifierConfig),
 }
 
 impl Default for AttestationServiceConfig {
@@ -54,6 +58,8 @@ impl Default for AttestationServiceConfig {
                 AttestationServiceConfig::CoCoASBuiltIn(attestation_service::config::Config::default())
             } else if #[cfg(feature = "coco-as-grpc")] {
                 AttestationServiceConfig::CoCoASGrpc(super::coco::grpc::GrpcConfig::default())
+            } else if #[cfg(feature = "keylime-as")] {
+                AttestationServiceConfig::Keylime(super::keylime::KeylimeVerifierConfig::default())
             } else {
                 AttestationServiceConfig::IntelTA(super::intel_trust_authority::IntelTrustAuthorityConfig::default())
             }