Implement SCT verification

[tetsuo-cpp]

This doesn't seem to exist in pyca/cryptography. We should check whether there's another library that includes this functionality. If not, we might need to hand-roll it ourselves.

[tetsuo-cpp]

I've had a look for some potential libraries that include functionality to verify signed certificate timestamps. Here are the two main candidates:

• google/certificate-transparency: This library looks good and there is SCT validation functionality here. Downsides are that it isn't available on PyPI so distribution is an issue and it uses its own custom types to represent certificates, timestamps, etc and does not integrate well with cryptography. cosign is actually using the Go version of this library to implement SCT verification.
• theno/ctutlz: This library looks good too. It is available on PyPI and appears to be using the cryptography types that we're using. The downsides are that it doesn't seem as battle tested or actively maintained (although that might be because the library is "done"). With that in mind, I'm cautious about bringing this in as a dependency.

At the moment, I'm leaning towards just hand-rolling the SCT verification ourselves. There doesn't seem to be an obvious choice and from what I can see, it shouldn't be all that difficult to implement ourselves.

Thoughts @di and @woodruffw?

[di]

It looks like google/certificate-transparency is not really maintained anymore. Additionally, it seems to be mostly implemented in C++, which might be a dealbreaker for us here.

There is also an example at https://github.com/pierky/sct-verify/blob/master/sct-verify.py that might be helpful for us here, which calls out to openssl for some things.

[tetsuo-cpp]

Ok, there seems to be some issues preventing us from using python-tuf to read the root key (described in sigstore/root-signing#103).

The way it should really work and how cosign does it is that we bundle a root.json in our repo. Using that, we should be able to download the public key to verify the SCT. We should let the user supply their own root.json in the case that the one we package with this tool expires and the user wishes to remain on the same version.

I think at this point I'm going to just check the public key into our repo and leave the TUF part for further down the track.

[di]

I think at this point I'm going to just check the public key into our repo and leave the TUF part for further down the track.

I think this is fine for now, but let's make sure we create an issue to capture getting the root via TUF for the future.

[di]

Here's a draft branch of the Java client's implementation of SCT verification, for reference: https://github.com/sigstore/sigstore-java/compare/add-sct-verification

[tetsuo-cpp]

I think this is fine for now, but let's make sure we create an issue to capture getting the root via TUF for the future.

Captured in #25.

[di]

Here's the finished implementation for the Java client: sigstore/sigstore-java#1