HSM support for keys (#21)

[ximon18]

This PR implements support in Krill for creating signing key pairs in HSMs rather than using OpenSSL to create key files on disk.

It isn't strictly limited to Hardware Security Modules, it supports anything that implements either the PKCS#11 v2.20+ interface or the KMIP 1.2+ TTLV over TCP/TLS protocol, and that supports the necessary operations (primarily RSA key pair creation, deletion and signing with the created private key, but also surrounding operations such as modifying key attributes, locating keys, querying HSM metadata, etc). These can be hardware or software, servers or USB keys, etc.

When enabled the hsm feature causes Krill to start tracking the relationship between key identifiers (as used in certificates) and the signer which possesses the actual public and private key pair to which the key identifier refers. This tracking is done using an aggregate store backed by files on disk, just as the other core data in Krill is managed.

To use the new functionality one must add one or more [[signers]] blocks to krill.conf, see the comments in defaults/krill-hsm.conf for more information and remember to restart Krill after changing the configuration file.

Note that by default OpenSSL is still used for the generation of one-off keys and for generating random byte sequences. One-off key creation, signing and deletion can be assigned to an actual HSM if desired. Random generation is always handled by OpenSSL.

Testing

This PR (or earlier very similar versions of it) have been tested with the following cryptographic tokens: (in alphabetic order)

Cryptographic Token Name	Tested Protocols	Tested Token Form	Test Results
AWS CloudHSM	PKCS#11	Cloud Service	#556
Kryptus kNET HSM	PKCS#11 & KMIP	Cloud Service	#554, #565
PyKMIP	KMIP	Software	#564
SoftHSMv2	PKCS#11	Software	#553
Utimaco Security Server	PKCS#11	Software Simulator	#732
YubiHSM 2	PKCS#11	USB key	#555

Special thanks to for providing the YubiHSM 2 that I tested with.

The GitHub Actions CI workflow has been extended to run the Krill test suite both in its usual mode of operation using OpenSSL as the signer, and additionally with SoftHSMv2 as the signer via its PKCS#11 interface, and PyKMIP as the signer via its KMIP interface.

The end-to-end test has also been updated to use SoftHSMv2 as the backing signer rather than OpenSSL. See the test results.

Known limitations

This PR:

• Does not enable HSM support by default, instead one must build krill with --features hsm.
• Does not include any extensions to the UI, REST API or krillc commands or outputs (see Define krillc extensions for showing HSM key details #570, Extend Krill event history reporting #571, General signer metrics #578 and Count interesting KMIP TLS client metrics? #581).
• Does not include any new Prometheus metrics.
• Does not support importing or exporting of HSM keys, instead keys must be "rolled" into the HSM (and not all keys can be rolled with Krill/RPKI at the present time, see Keyroll support and testing #583)
• Does not extend Krill to delete keys that are no longer in use (see Clean up old keys #728).
• Does not modify the UI to handle slower response times from Krill when dealing with a slow, possibly remote, HSM (see Improve Lagosta UX handling of signer delays #579).
• Does not update the Krill manual (see Document the HSM feature in the Krill manual #644).
• Does not provide any means to verify an HSM configuration before using it (see Extend Krill to support HSM config sanity testing #572).
• Does not include any translations for new error codes/strings (see Translate any new error or feedback English texts shown by the Lagosta UX #577).
• Has not been tested with a key pad (s/w or h/w) for on-demand pin entry.
• Has not been extensively tested from within a Docker container (only as part of the Krill end-to-end test).