Support more key formats

[makew0rld]

Description

Currently the only way to provide an elliptic key manually is to have a PEM-encoded public key written to the disk, and then pass that to use_elliptic_key_verifier. It would be helpful if once could also pass the 33-byte compressed version of the public key, just as bytes.

[makew0rld]

Same goes for the signature file (sigstore/in-toto JSON) needing to be on the disk.

[mihaimaruseac]

If I understand you correctly, you want an additional method to the library that would support setting the key param from memory rather than passing it from disk?

So, have an ec_key.Signer that takes the key directly rather than reading from a file and then have an use_elliptic_key_signer that passes the key bytes directly. Same for verifier, of course.

I'm not sure if this could also work for CLI though.

[makew0rld]

That's correct. And supporting a raw compressed key format (33 bytes) rather than only PEM.

I wasn't considering the CLI, only the library. I think it's fair for this option to not be available there.

[mihaimaruseac]

That sounds good! Would you be willing to send a PR?

[spencerschrock]

My Go dev's brain jumps to io.Reader so the caller can pass in any format regardless of bytes / file. If there's a direct equivalent in Python that could work nicely.

[makew0rld]

That sounds good! Would you be willing to send a PR?

Possibly in the future, although it's not a top priority right now.