Make VerificationResult an interface

[codysoyland]

Description

There have been a lot of discussions about the future of verification results:

• Extend VerificationResult with all verified data #328
• Include skipped signatures in VerificationResult #48
• Add Result message to communicate the result of a verification protobuf-specs#520

What if we make the verification result type an interface, so that we have more flexibility to make changes in the future without breaking callers.

Currently we have:

type VerificationResult struct {
	MediaType           string                        `json:"mediaType"`
	Statement          *in_toto.Statement            `json:"statement,omitempty"`
	Signature          *SignatureVerificationResult  `json:"signature,omitempty"`
	VerifiedTimestamps []TimestampVerificationResult `json:"verifiedTimestamps"`
	VerifiedIdentity   *CertificateIdentity          `json:"verifiedIdentity,omitempty"`

We could instead return a type like:

type VerificationResult interface {
	Statement() *in_toto.Statement
	Signature() *SignatureVerificationResult
	VerifiedTimestamps() []TimestampVerificationResult
	VerifiedIdentity() *CertificateIdentity
	MarshalJSON() ([]byte, error)
}

[codysoyland]

I spent some time looking into how feasible this is, and I changed my opinion on it.

• The result is expected to marshal/unmarshal JSON, so we can't easily unexport the field names (would require custom marshal/unmarshal)
• The interface names would conflict with the field names.
• This will be disruptive now, and it "may" prevent disruption in the future.
• We can add methods to the result struct later and deprecate fields if we would like to.