Support PKCS1 encoded and non-ECDSA CT log public keys

[haydentherapper]

This came up while testing out staging, which uses a PKCS1 encoded
public key. We should be flexible on the supported key format.

This also relaxes the requirement that CT log keys from TUF are ECDSA keys.

Signed-off-by: Hayden Blauzvern hblauzvern@google.com

Summary

Ticket Link

Fixes

Release Note

Added support for non-ECDSA and PKCS1-encoded CT log public keys from TUF

[haydentherapper]

cc @dlorenc - If 1.8 hasn't gone out yet, getting this in too would be nice!

[haydentherapper]

@dlorenc - pushed another commit that removes the requirement that the key is an ECDSA key - I don't see any reason this should be enforced.

[codecov-commenter]

Codecov Report

Merging #1806 (b9280fb) into main (db323cd) will increase coverage by 0.01%.
The diff coverage is 50.00%.

@@            Coverage Diff             @@
##             main    #1806      +/-   ##
==========================================
+ Coverage   32.73%   32.75%   +0.01%     
==========================================
  Files         147      147              
  Lines        9313     9327      +14     
==========================================
+ Hits         3049     3055       +6     
- Misses       5907     5915       +8     
  Partials      357      357              

Impacted Files	Coverage Δ
cmd/cosign/cli/fulcio/fulcioverifier/ctl/verify.go	49.26% <50.00%> (+1.40%)	⬆️
pkg/cosign/tuf/client.go	61.68% <0.00%> (-0.82%)	⬇️
cmd/cosign/cli/verify/verify.go	0.00% <0.00%> (ø)
cmd/cosign/cli/verify/verify_attestation.go	0.00% <0.00%> (ø)
cmd/cosign/cli/fulcio/fulcioroots/fulcioroots.go	36.36% <0.00%> (+0.42%)	⬆️
pkg/cosign/verify.go	29.95% <0.00%> (+0.47%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update db323cd...b9280fb. Read the comment docs.