literl hash algo

Signed-off-by: Ramon Petgrave <ramon.petgrave64@gmail.com>

cli/slsa-verifier/verify/verify_vsa.go

@@ -81,7 +81,7 @@ func (c *VerifyVSACommand) Exec(ctx context.Context) (*utils.TrustedAttesterID,
 	VerificationOpts := &options.VerificationOpts{
 		PublicKey:         &pubKey,
 		PublicKeyID:       c.PublicKeyID,
-		PublicKeyHashAlgo: &hashHalgo,
+		PublicKeyHashAlgo: hashHalgo,
 	}
 	attestations, err := os.ReadFile(*c.AttestationsPath)
 	if err != nil {

options/options.go

@@ -63,5 +63,5 @@ type VerificationOpts struct {
 	PublicKeyID *string
 
 	// PublicKeyHashAlgo is the hash algorithm used to hash the signature
-	PublicKeyHashAlgo *crypto.Hash
+	PublicKeyHashAlgo crypto.Hash
 }

verifiers/internal/vsa/verifier.go

@@ -72,7 +72,7 @@ func VerifyVSA(ctx context.Context,
 
 // verifyEnvelopeSignature verifies the signature of the envelope.
 func verifyEnvelopeSignature(ctx context.Context, sigstoreEnvelope *sigstoreBundle.Envelope, verificationOpts *options.VerificationOpts) error {
-	signatureVerifier, err := sigstoreSignature.LoadVerifier(*verificationOpts.PublicKey, *verificationOpts.PublicKeyHashAlgo)
+	signatureVerifier, err := sigstoreSignature.LoadVerifier(*verificationOpts.PublicKey, verificationOpts.PublicKeyHashAlgo)
 	if err != nil {
 		return fmt.Errorf("%w: loading sigstore DSSE envolope verifier %w", serrors.ErrorInvalidPublicKey, err)
 	}