From e5112b61a7702fb4286342df343659e480615160 Mon Sep 17 00:00:00 2001
From: Riccardo Schirone <riccardo.schirone@trailofbits.com>
Date: Tue, 16 Jan 2024 14:15:55 +0100
Subject: [PATCH] Added support for Ed25519ph in HashedRekord entries

- Made X509 Signatures configurable with LoadOptions
- Removed existing check that limited the use of Ed25519 keys in
  HashedRekord entries
- Used Ed25519ph Signer/Verifier for HashedRekord entries

Signed-off-by: Riccardo Schirone <riccardo.schirone@trailofbits.com>
---
 pkg/pki/x509/x509.go                   | 12 +++++++++---
 pkg/types/hashedrekord/v0.0.1/entry.go |  9 ++-------
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/pkg/pki/x509/x509.go b/pkg/pki/x509/x509.go
index b8d0148ee..104beedd5 100644
--- a/pkg/pki/x509/x509.go
+++ b/pkg/pki/x509/x509.go
@@ -38,17 +38,23 @@ import (
 var EmailAddressOID asn1.ObjectIdentifier = []int{1, 2, 840, 113549, 1, 9, 1}
 
 type Signature struct {
-	signature []byte
+	signature        []byte
+	verifierLoadOpts []sigsig.LoadOption
 }
 
 // NewSignature creates and validates an x509 signature object
 func NewSignature(r io.Reader) (*Signature, error) {
+	return NewSignatureWithOpts(r)
+}
+
+func NewSignatureWithOpts(r io.Reader, opts ...sigsig.LoadOption) (*Signature, error) {
 	b, err := io.ReadAll(r)
 	if err != nil {
 		return nil, err
 	}
 	return &Signature{
-		signature: b,
+		signature:        b,
+		verifierLoadOpts: opts,
 	}, nil
 }
 
@@ -84,7 +90,7 @@ func (s Signature) Verify(r io.Reader, k interface{}, opts ...sigsig.VerifyOptio
 		}
 	}
 
-	verifier, err := sigsig.LoadVerifier(p, crypto.SHA256)
+	verifier, err := sigsig.LoadVerifierWithOpts(p, s.verifierLoadOpts...)
 	if err != nil {
 		return err
 	}
diff --git a/pkg/types/hashedrekord/v0.0.1/entry.go b/pkg/types/hashedrekord/v0.0.1/entry.go
index 4fa6ebac0..771797f90 100644
--- a/pkg/types/hashedrekord/v0.0.1/entry.go
+++ b/pkg/types/hashedrekord/v0.0.1/entry.go
@@ -19,7 +19,6 @@ import (
 	"bytes"
 	"context"
 	"crypto"
-	"crypto/ed25519"
 	"crypto/sha256"
 	"encoding/hex"
 	"encoding/json"
@@ -40,6 +39,7 @@ import (
 	"github.com/sigstore/rekor/pkg/types"
 	hashedrekord "github.com/sigstore/rekor/pkg/types/hashedrekord"
 	"github.com/sigstore/rekor/pkg/util"
+	"github.com/sigstore/sigstore/pkg/signature"
 	"github.com/sigstore/sigstore/pkg/signature/options"
 )
 
@@ -148,7 +148,7 @@ func (v *V001Entry) validate() (pki.Signature, pki.PublicKey, error) {
 		return nil, nil, types.ValidationError(errors.New("missing signature"))
 	}
 	// Hashed rekord type only works for x509 signature types
-	sigObj, err := x509.NewSignature(bytes.NewReader(sig.Content))
+	sigObj, err := x509.NewSignatureWithOpts(bytes.NewReader(sig.Content), signature.WithED25519ph())
 	if err != nil {
 		return nil, nil, types.ValidationError(err)
 	}
@@ -162,11 +162,6 @@ func (v *V001Entry) validate() (pki.Signature, pki.PublicKey, error) {
 		return nil, nil, types.ValidationError(err)
 	}
 
-	_, isEd25519 := keyObj.CryptoPubKey().(ed25519.PublicKey)
-	if isEd25519 {
-		return nil, nil, types.ValidationError(errors.New("ed25519 unsupported for hashedrekord"))
-	}
-
 	data := v.HashedRekordObj.Data
 	if data == nil {
 		return nil, nil, types.ValidationError(errors.New("missing data"))