Fulcio API incorrectly specifies support for RSA-PSS

[haydentherapper]

Fulcio's API specifies that RSA-PSS is a supported algorithm. However, the algorithm field in the API is not used when parsing the public key. The key content is read without the algorithm, parsed, then used to verify a proof of possession signature. Without specifying PSS options for verification, verification fails. Certificate signing will also fail to detect the correct key type without explicitly specifying the signature algorithm on signing.

In the underlying sigstore/sigstore library, there is support for configuring signers and verifiers with RSA-PSS. I propose we:

a) Add a field for RSA-PKCS1v1.5, and use that as the default RSA scheme to align with all Sigstore client implementations
b) When RSA-PSS is set, enable RSA-PSS for signature verification and explicitly set the SignatureAlgorithm. RSA-PSS is not widely supported by Sigstore clients, so I would expect only API users to set this for now.

[loosebazooka]

Sigstore java sets it cause I didn't know what was going on before. (https://github.com/sigstore/sigstore-java/blob/main/sigstore-java/src/main/java/dev/sigstore/fulcio/client/CertificateRequest.java#L27)

[haydentherapper]

To avoid breaking any clients, then we'll need to continue to assume that RSA-PSS is actually PKCS1v1.5. We can add new fields for RSA-PSS and PKCS1v1.5 and deprecate the current "RSA-PSS" field. I'd suggest we use a subset of enums from https://github.com/sigstore/protobuf-specs/blob/main/protos/sigstore_common.proto#L62.

[Horiodino]

/assign @haydentherapper is this open ? let me know any thing else 👍

[haydentherapper]

Hey, we'll actually fix this in a future Fulcio major version, but for now, we can just add a comment to the algorithm enum that says this is actually RSA PKCS#1-v1.5, and add a comment to algorithm that this field is currently ignored.