Adding 'custom' target field

As seen in https://tuf-repo-cdn.sigstore.dev/targets.json the targets.json can contain a custom field for holding additional data about the target.

{
   "signed":{
      "_type":"targets",
      "spec_version":"1.0",
      "version":7,
      "expires":"2023-10-04T13:26:23Z",
      "targets":{
         "artifact.pub":{
            "length":177,
            "hashes":{
               "sha256":"59ebf97a9850aecec4bc39c1f5c1dc46e6490a6b5fd2a6cacdcac0c3a6fc4cbf",
               "sha512":"308fd1d1d95d7f80aa33b837795251cc3e886792982275e062409e13e4e236ffc34d676682aa96fdc751414de99c864bf132dde71581fa651c6343905e3bf988"
            },
            "custom":{
               "sigstore":{
                  "status":"Active",
                  "usage":"Unknown"
               }
            }
         },
         "ctfe.pub":{
            "length":177,
            "hashes":{
               "sha256":"7fcb94a5d0ed541260473b990b99a6c39864c1fb16f3f3e594a5a3cebbfe138a",
               "sha512":"4b20747d1afe2544238ad38cc0cc3010921b177d60ac743767e0ef675b915489bd01a36606c0ff83c06448622d7160f0d866c83d20f0c0f44653dcc3f9aa0bd4"
            },
            "custom":{
               "sigstore":{
                  "status":"Active",
                  "uri":"https://ctfe.sigstore.dev/test",
                  "usage":"CTFE"
               }
            }
         },
         ...

This is incredibly valuable for services like sigstore.

My current application requires these fields be present so right now the tuf cli is not generating an output I can use, so it would be incredibly valuable for tuf cli to support them.

Maybe implemented as an additional update command such as:

tuf update-target "my-target.pub" --custom '{"sigstore": {"status": "Active","uri": "https://rekor.sigstore.dev/","usage": "Rekor"}}'

theupdateframework / go-tuf

Adding 'custom' target field #526