RFE: PKI: support requiring attestation of keys

[DemiMarie]

Is your feature request related to a problem? Please describe. The PKI secrets engine supports signing CSRs, but it does not currently allow enforcing that the private key of the CSR was generated on a secure hardware token.

Describe the solution you'd like Vault should support verifying an attestation signature that proves that the device itself generated the key pair. Such attestations are supported by Yubico products, for example.

Describe alternatives you've considered None.

Explain any additional use-cases None.

Additional context This would allow ensuring that the issued certificate was securely generated in hardware, as opposed to in software. This is required for EV code-signing certificates and is useful in other cases as well.

[cipherboy]

@DemiMarie Is there a standard format for this? I've seen a lot of one-off discussions on how to do this with vendor A or vendor B's products, but I've not really seen an independent standard on this. I think the CRMF protocol does proof of possession but we don't currently implement that and I don't think CRMF's PoP is sufficient for attestation of key generation. It looks like this repo has a bunch of details of the one-off protocols that people use.

[othouvou]

@cipherboy there isn't currently a published standard (PKIX is draft ATM) but Vault can still provide this functionality in a non-standardized approach, just like other HSM vendors are doing (e.g. https://cloud.google.com/kms/docs/attest-key), which is basically a series of checks on underlying manufacturer's HSM certificate and key attributes.

It would be good if your product offered this feature since it is required in the publicly trusted PKI world for code and document signing certificates.