From 661e9002d0f2f8af3812b8f86d86a5e9d885c56a Mon Sep 17 00:00:00 2001
From: Angel Lopez <angel.lopez@suse.com>
Date: Tue, 23 May 2023 23:19:49 -0400
Subject: [PATCH] NVSHAS-6217: add sct public key behavior

---
 main.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index 797b2154..cdcd2089 100644
--- a/main.go
+++ b/main.go
@@ -197,7 +197,11 @@ func setRootOfTrustCosignOptions(cosignOptions *cosign.CheckOpts, rootOfTrust Ro
 	}
 	// sct pub keys
 	if rootOfTrust.SCTPublicKey != "" {
-		return errors.New("providing an SCTPublicKey in the root of trust configuration has not yet been implemented")
+		sctPubKeyCollection := cosign.NewTrustedTransparencyLogPubKeys()
+		if err := sctPubKeyCollection.AddTransparencyLogPubKey([]byte(rootOfTrust.SCTPublicKey), tuf.Active); err != nil {
+			return fmt.Errorf("could not add custom sct public key to collection: %w", err)
+		}
+		cosignOptions.CTLogPubKeys = &sctPubKeyCollection
 	} else {
 		cosignOptions.CTLogPubKeys, err = cosign.GetCTLogPubs(ctx)
 		if err != nil {