Add support for creating API tokens backed by KMS signer (WIP)

[hslatman]

This PR:

• Adds support for creating API tokens using mTLS with private keys backed by a KMS, such as a TPM.
  • The use of a KMS is transparently detected by parsing the filename of the key to contain a (supported) KMS scheme.
  • TSS2 PEM encoded private keys are automatically detected based on the PEM header.
• Adds support for supplying a password for the private key using the --password-file flag.
• Adds User-Agent and X-Request-Id HTTP request headers.

Using an ECDSA key:

$ step api token create <team-slug> ecdsa-chain.crt 'tpmkms:name=test-ecdsa;device=/path/to/tpmsimulator.sock'
✔ Token successfully created:
<token>

Using an RSA key:

$ step api token create <team-slug> rsa-chain.crt 'tpmkms:name=test-rsa;device=/path/to/tpmsimulator.sock'
✔ Token successfully created:
<token>

Using the TSS2 PEM encoded private key (exported using step tpm key get 'test-rsa' --device '/path/to/tpmsimulator.sock' --storage-directory /path/to/tpmstorage --tss2 > tpmrsa.tss2.pem), specified as a tpmkms URI:

$ step api token create <team-slug> rsa-chain.crt 'tpmkms:path=./tpmrsa.tss2.pem;device=/path/to/tpmsimulator.sock'
✔ Token successfully created:
<token>

Using the same TSS2 PEM encoded private key directly:

$ step api token create <team-slug> rsa-chain.crt tpmrsa.tss2.pem --tpm-device '/path/to/tpmsimulator.sock'
✔ Token successfully created:
<token>

Note that the device and tpm-device flags and URI parts can be omitted in case the default system TPM locations are to be used. The use of a TPM simulator is just for demonstration and testing purposes.