Added a new ecdsa key that uses the new type ecdsa.

[kommendorkapten]

In the TUF spec v1.0.32 (released 2023-03-02) the key type was updated for ecdsa keys from ecdsa-sha2-nistp256.
This PR introduces the new type and keeps support for the older key type.

Issue #, if available: #754

Description of changes:

In the TUF spec v1.0.32 (released 2023-03-02) the key type was updated for ecdsa keys from ecdsa-sha2-nistp256.
This PR introduces the new type and keeps support for the older key type.

I first tried with #[serde(alias = "ecdsa-sha2-nistp256")] as proposed by @jku but I never got it to work.

[haydentherapper]

From the Sigstore community, thanks so much for this PR. We use awslabs/tough in our Rust client, so getting this merged in will help unblock Sigstore users.

[jku]

I first tried with #[serde(alias = "ecdsa-sha2-nistp256")] as proposed by @jku but I never got it to work.

👍

I think the code uses the Key struct when canonicalizing the signed content: my suggestion would then be wrong (as you must have the original keytype in the canonicalized content).

I'm sure there is a way to store the original keytype and use that when serialising even if using a single struct but I'm not sure it would be simpler than your suggestion

[kommendorkapten]

Some local testing with the soon to be deployed TUF root for sigstore

kommendorkapten@m1m14:~/git/tough % ./target/debug/tuftool download out --root ~/git/root-signing/repository/repository/5.root.json -t http://localhost:8081/targets -m http://localhost:8081
Downloading targets to "out"
	-> fulcio_v1.crt.pem
	-> trusted_root.json
	-> fulcio_intermediate_v1.crt.pem
	-> artifact.pub
	-> rekor.pub
	-> ctfe.pub
	-> ctfe_2022.pub
	-> fulcio.crt.pem
kommendorkapten@m1m14:~/git/tough % git status
On branch new-ecdsa-key-type

Switching to default branch:

kommendorkapten@m1m14:~/git/tough % ./target/debug/tuftool download out --root ~/git/root-signing/repository/repository/5.root.json -t http://localhost:8081/targets -m http://localhost:8081
Failed to load repository: Failed to parse root metadata: unknown variant `ecdsa`, expected one of `rsa`, `ed25519`, `ecdsa-sha2-nistp256` at line 9 column 22
kommendorkapten@m1m14:~/git/tough % git status
On branch develop

[haydentherapper]

@webern Would you be able to take a look at this? Thanks!

[webern]

I don't quite understand. Is the issue that "ecdsa" is now a valid "keytype" when it used to require the "keytype" to be "ecdsa-sha2-nistp256"?

Serde does have alias for cases like this, but in that case we would not know which way to serialize so maybe this is the best approach. Can you confirm my understanding of the issue?

Thanks.

[jku]

I don't quite understand. Is the issue that "ecdsa" is now a valid "keytype" when it used to require the "keytype" to be "ecdsa-sha2-nistp256"?

Yes. client should should accept both for backwards compat but "ecdsa" is considered correct.

Serde does have alias for cases like this, but in that case we would not know which way to serialize so maybe this is the best approach. Can you confirm my understanding of the issue?

Agreed: alias would work except if the serialized form is used for anything (because the canonicalized form would then be different and so signatures wouldn't match).

[astoycos]

Another data point here we're hitting this in the https://github.com/bpfman/bpfman via sigstore/sigstore-rs#338 and it's currently a build blocker for us at :main

[haydentherapper]

Thanks all!