From deda7a5336512f6d1bbd704acd0acc841399ab71 Mon Sep 17 00:00:00 2001
From: Ivan Wallis <iwallis@gmail.com>
Date: Tue, 8 Mar 2022 21:58:14 -0800
Subject: [PATCH] support RSA, ECDSA and EDDSA public key verification (#3362)

Signed-off-by: Ivan Wallis <iwallis@gmail.com>
---
 pkg/cosign/cosign.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/pkg/cosign/cosign.go b/pkg/cosign/cosign.go
index 68ecbc3f49..87d40b90d3 100644
--- a/pkg/cosign/cosign.go
+++ b/pkg/cosign/cosign.go
@@ -29,6 +29,7 @@ import (
 	"github.com/sigstore/cosign/pkg/cosign/attestation"
 	"github.com/sigstore/cosign/pkg/oci"
 	sigs "github.com/sigstore/cosign/pkg/signature"
+	"github.com/sigstore/sigstore/pkg/cryptoutils"
 	"github.com/sigstore/sigstore/pkg/signature"
 	"github.com/sigstore/sigstore/pkg/signature/payload"
 )
@@ -310,12 +311,12 @@ func stringToJSONMap(i interface{}) (map[string]interface{}, error) {
 
 func decodePEM(raw []byte) (signature.Verifier, error) {
 	// PEM encoded file.
-	ed, err := cosign.PemToECDSAKey(raw)
+	pubKey, err := cryptoutils.UnmarshalPEMToPublicKey(raw)
 	if err != nil {
-		return nil, errors.Wrap(err, "pem to ecdsa")
+		return nil, errors.Wrap(err, "pem to public key")
 	}
 
-	return signature.LoadECDSAVerifier(ed, crypto.SHA256)
+	return signature.LoadVerifier(pubKey, crypto.SHA256)
 }
 
 func extractPayload(verified []oci.Signature) ([]payload.SimpleContainerImage, error) {