Rename method for converting X.509 certs to PEM

9 files changed, 21 insertions, 21 deletions

diff --git a/packages/server/src/assertion/verifyAssertionResponse.ts b/packages/server/src/assertion/verifyAssertionResponse.ts
index 6d4e8ab..c954af7 100644
--- a/packages/server/src/assertion/verifyAssertionResponse.ts
+++ b/packages/server/src/assertion/verifyAssertionResponse.ts
@@ -3,7 +3,7 @@ import { AssertionCredentialJSON, AuthenticatorDevice } from '@simplewebauthn/ty
 
 import decodeClientDataJSON from '../helpers/decodeClientDataJSON';
 import toHash from '../helpers/toHash';
-import convertASN1toPEM from '../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../helpers/convertX509CertToPEM';
 import verifySignature from '../helpers/verifySignature';
 import parseAuthenticatorData from '../helpers/parseAuthenticatorData';
 import isBase64URLString from '../helpers/isBase64URLString';
@@ -139,7 +139,7 @@ export default function verifyAssertionResponse(options: Options): VerifiedAsser
   const clientDataHash = toHash(base64url.toBuffer(response.clientDataJSON));
   const signatureBase = Buffer.concat([authDataBuffer, clientDataHash]);
 
-  const publicKey = convertASN1toPEM(base64url.toBuffer(authenticator.publicKey));
+  const publicKey = convertX509CertToPEM(base64url.toBuffer(authenticator.publicKey));
   const signature = base64url.toBuffer(response.signature);
 
   if ((counter > 0 || authenticator.counter > 0) && counter <= authenticator.counter) {
diff --git a/packages/server/src/attestation/verifications/tpm/verifyTPM.ts b/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
index 70366aa..c731af0 100644
--- a/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
+++ b/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
@@ -12,7 +12,7 @@ import type { AttestationStatement } from '../../../helpers/decodeAttestationObj
 import decodeCredentialPublicKey from '../../../helpers/decodeCredentialPublicKey';
 import { COSEKEYS, COSEALGHASH } from '../../../helpers/convertCOSEtoPKCS';
 import toHash from '../../../helpers/toHash';
-import convertASN1toPEM from '../../../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../../../helpers/convertX509CertToPEM';
 import getCertificateInfo from '../../../helpers/getCertificateInfo';
 import verifySignature from '../../../helpers/verifySignature';
 import MetadataService from '../../../metadata/metadataService';
@@ -177,7 +177,7 @@ export default async function verifyTPM(options: Options): Promise<boolean> {
   }
 
   // Pick a leaf AIK certificate of the x5c array and parse it.
-  const leafCertPEM = convertASN1toPEM(x5c[0]);
+  const leafCertPEM = convertX509CertToPEM(x5c[0]);
   const leafCertInfo = getCertificateInfo(leafCertPEM);
   const { basicConstraintsCA, version, subject, notAfter, notBefore } = leafCertInfo;
 
diff --git a/packages/server/src/attestation/verifications/verifyAndroidKey.ts b/packages/server/src/attestation/verifications/verifyAndroidKey.ts
index 989c210..dbe6f96 100644
--- a/packages/server/src/attestation/verifications/verifyAndroidKey.ts
+++ b/packages/server/src/attestation/verifications/verifyAndroidKey.ts
@@ -3,7 +3,7 @@ import { Certificate } from '@peculiar/asn1-x509';
 import { KeyDescription, id_ce_keyDescription } from '@peculiar/asn1-android';
 
 import type { AttestationStatement } from '../../helpers/decodeAttestationObject';
-import convertASN1toPEM from '../../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
 import verifySignature from '../../helpers/verifySignature';
 import convertCOSEtoPKCS, { COSEALGHASH } from '../../helpers/convertCOSEtoPKCS';
 import MetadataService from '../../metadata/metadataService';
@@ -76,7 +76,7 @@ export default async function verifyAttestationAndroidKey(options: Options): Pro
   }
 
   // TODO: Confirm that the root certificate is an expected certificate
-  // const rootCertPEM = convertASN1toPEM(x5c[x5c.length - 1]);
+  // const rootCertPEM = convertX509CertToPEM(x5c[x5c.length - 1]);
   // console.log(rootCertPEM);
 
   // if (rootCertPEM !== expectedRootCert) {
@@ -93,7 +93,7 @@ export default async function verifyAttestationAndroidKey(options: Options): Pro
   }
 
   const signatureBase = Buffer.concat([authData, clientDataHash]);
-  const leafCertPEM = convertASN1toPEM(x5c[0]);
+  const leafCertPEM = convertX509CertToPEM(x5c[0]);
   const hashAlg = COSEALGHASH[alg as number];
 
   return verifySignature(sig, signatureBase, leafCertPEM, hashAlg);
diff --git a/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts b/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts
index 5b09724..4ce7f36 100644
--- a/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts
+++ b/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts
@@ -6,7 +6,7 @@ import toHash from '../../helpers/toHash';
 import verifySignature from '../../helpers/verifySignature';
 import getCertificateInfo from '../../helpers/getCertificateInfo';
 import validateCertificatePath from '../../helpers/validateCertificatePath';
-import convertASN1toPEM from '../../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
 import MetadataService from '../../metadata/metadataService';
 import verifyAttestationWithMetadata from '../../metadata/verifyAttestationWithMetadata';
 
@@ -81,7 +81,7 @@ export default async function verifyAttestationAndroidSafetyNet(
   /**
    * START Verify Header
    */
-  const leafCert = convertASN1toPEM(HEADER.x5c[0]);
+  const leafCert = convertX509CertToPEM(HEADER.x5c[0]);
   const leafCertInfo = getCertificateInfo(leafCert);
 
   const { subject } = leafCertInfo;
@@ -103,7 +103,7 @@ export default async function verifyAttestationAndroidSafetyNet(
     }
   } else {
     // Validate certificate path using a fixed global root cert
-    const path = HEADER.x5c.concat([GlobalSignRootCAR2]).map(convertASN1toPEM);
+    const path = HEADER.x5c.concat([GlobalSignRootCAR2]).map(convertX509CertToPEM);
 
     try {
       await validateCertificatePath(path);
diff --git a/packages/server/src/attestation/verifications/verifyFIDOU2F.ts b/packages/server/src/attestation/verifications/verifyFIDOU2F.ts
index dbfffa2..47f4db0 100644
--- a/packages/server/src/attestation/verifications/verifyFIDOU2F.ts
+++ b/packages/server/src/attestation/verifications/verifyFIDOU2F.ts
@@ -1,7 +1,7 @@
 import type { AttestationStatement } from '../../helpers/decodeAttestationObject';
 
 import convertCOSEtoPKCS from '../../helpers/convertCOSEtoPKCS';
-import convertASN1toPEM from '../../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
 import verifySignature from '../../helpers/verifySignature';
 
 type Options = {
@@ -53,7 +53,7 @@ export default function verifyAttestationFIDOU2F(options: Options): boolean {
     throw new Error(`AAGUID "${aaguidToHex}" was not expected value`);
   }
 
-  const publicKeyCertPEM = convertASN1toPEM(x5c[0]);
+  const publicKeyCertPEM = convertX509CertToPEM(x5c[0]);
 
   return verifySignature(sig, signatureBase, publicKeyCertPEM);
 }
diff --git a/packages/server/src/attestation/verifications/verifyPacked.ts b/packages/server/src/attestation/verifications/verifyPacked.ts
index 8daec8e..f16aa50 100644
--- a/packages/server/src/attestation/verifications/verifyPacked.ts
+++ b/packages/server/src/attestation/verifications/verifyPacked.ts
@@ -11,7 +11,7 @@ import convertCOSEtoPKCS, {
 } from '../../helpers/convertCOSEtoPKCS';
 import { FIDO_METADATA_ATTESTATION_TYPES } from '../../helpers/constants';
 import toHash from '../../helpers/toHash';
-import convertASN1toPEM from '../../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
 import getCertificateInfo from '../../helpers/getCertificateInfo';
 import verifySignature from '../../helpers/verifySignature';
 import decodeCredentialPublicKey from '../../helpers/decodeCredentialPublicKey';
@@ -48,7 +48,7 @@ export default async function verifyAttestationPacked(options: Options): Promise
   const pkcsPublicKey = convertCOSEtoPKCS(credentialPublicKey);
 
   if (x5c) {
-    const leafCert = convertASN1toPEM(x5c[0]);
+    const leafCert = convertX509CertToPEM(x5c[0]);
     const { subject, basicConstraintsCA, version, notBefore, notAfter } = getCertificateInfo(
       leafCert,
     );
diff --git a/packages/server/src/helpers/convertASN1toPEM.ts b/packages/server/src/helpers/convertX509CertToPEM.ts
index b6dd814..3bbb0d9 100644
--- a/packages/server/src/helpers/convertASN1toPEM.ts
+++ b/packages/server/src/helpers/convertX509CertToPEM.ts
@@ -2,12 +2,12 @@ import base64url from 'base64url';
 import type { Base64URLString } from '@simplewebauthn/typescript-types';
 
 /**
- * Convert binary certificate or public key to an OpenSSL-compatible PEM text format.
+ * Convert X.509 certificate to an OpenSSL-compatible PEM text format.
  *
  * @param buffer - Cert or PubKey buffer
  * @return PEM
  */
-export default function convertASN1toPEM(pkBuffer: Buffer | Base64URLString): string {
+export default function convertX509CertToPEM(pkBuffer: Buffer | Base64URLString): string {
   let buffer: Buffer;
   if (typeof pkBuffer === 'string') {
     buffer = base64url.toBuffer(pkBuffer);
diff --git a/packages/server/src/metadata/metadataService.ts b/packages/server/src/metadata/metadataService.ts
index b4ae295..56163e8 100644
--- a/packages/server/src/metadata/metadataService.ts
+++ b/packages/server/src/metadata/metadataService.ts
@@ -6,7 +6,7 @@ import base64url from 'base64url';
 import { FIDO_AUTHENTICATOR_STATUS } from '../helpers/constants';
 import toHash from '../helpers/toHash';
 import validateCertificatePath from '../helpers/validateCertificatePath';
-import convertASN1toPEM from '../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../helpers/convertX509CertToPEM';
 import convertAAGUIDToString from '../helpers/convertAAGUIDToString';
 
 import parseJWT from './parseJWT';
@@ -212,7 +212,7 @@ class MetadataService {
       throw new Error(`Latest TOC no. "${payload.no}" is not greater than previous ${no}`);
     }
 
-    let fullCertPath = header.x5c.map(convertASN1toPEM);
+    let fullCertPath = header.x5c.map(convertX509CertToPEM);
     if (rootCertURL.length > 0) {
       // Download FIDO the root certificate and append it to the TOC certs
       const respFIDORootCert = await fetch(rootCertURL);
diff --git a/packages/server/src/metadata/verifyAttestationWithMetadata.ts b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
index 085144e..63ea1f6 100644
--- a/packages/server/src/metadata/verifyAttestationWithMetadata.ts
+++ b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
@@ -2,7 +2,7 @@ import { Base64URLString } from '@simplewebauthn/typescript-types';
 
 import { MetadataStatement } from './metadataService';
 import { FIDO_METADATA_AUTH_ALG_TO_COSE } from '../helpers/constants';
-import convertASN1toPEM from '../helpers/convertASN1toPEM';
+import convertX509CertToPEM from '../helpers/convertX509CertToPEM';
 import validateCertificatePath from '../helpers/validateCertificatePath';
 
 export default async function verifyAttestationWithMetadata(
@@ -17,14 +17,14 @@ export default async function verifyAttestationWithMetadata(
   }
 
   // Make a copy of x5c so we don't modify the original
-  const path = [...x5c].map(convertASN1toPEM);
+  const path = [...x5c].map(convertX509CertToPEM);
 
   // Try to validate the chain with each metadata root cert until we find one that works
   let foundValidPath = false;
   for (const rootCert of statement.attestationRootCertificates) {
     try {
       // Push the root cert to the cert path and try to validate it
-      path.push(convertASN1toPEM(rootCert));
+      path.push(convertX509CertToPEM(rootCert));
       foundValidPath = await validateCertificatePath(path);
     } catch (err) {
       // Swallow the error for now