2 files changed, 28 insertions, 5 deletions

diff --git a/src/attestation/verifications/verifyAndroidSafetyNet.ts b/src/attestation/verifications/verifyAndroidSafetyNet.ts
index f57b68e..8e0c6e4 100644
--- a/src/attestation/verifications/verifyAndroidSafetyNet.ts
+++ b/src/attestation/verifications/verifyAndroidSafetyNet.ts
@@ -1,6 +1,12 @@
 import base64url from 'base64url';
 
-import { AttestationObject, VerifiedAttestation } from "@types";
+import {
+  AttestationObject,
+  VerifiedAttestation,
+  SafetyNetJWTHeader,
+  SafetyNetJWTPayload,
+  SafetyNetJWTSignature,
+} from "@types";
 import toHash from "@helpers/toHash";
 import verifySignature from '@helpers/verifySignature';
 import convertCOSEtoPKCS from '@helpers/convertCOSEtoPKCS';
@@ -23,9 +29,9 @@ export default function verifyAttestationAndroidSafetyNet(
   const jwt = attStmt.response.toString('utf8');
   const jwtParts = jwt.split('.');
 
-  const HEADER = JSON.parse(base64url.decode(jwtParts[0]));
-  const PAYLOAD = JSON.parse(base64url.decode(jwtParts[1]));
-  const SIGNATURE = jwtParts[2];
+  const HEADER: SafetyNetJWTHeader = JSON.parse(base64url.decode(jwtParts[0]));
+  const PAYLOAD: SafetyNetJWTPayload = JSON.parse(base64url.decode(jwtParts[1]));
+  const SIGNATURE: SafetyNetJWTSignature = jwtParts[2];
 
   console.debug('HEADER:', HEADER);
   console.debug('PAYLOAD:', PAYLOAD);
@@ -64,7 +70,7 @@ export default function verifyAttestationAndroidSafetyNet(
    * START Verify Header
    */
   // Generate an array of certs constituting a full certificate chain
-  const fullpathCert = HEADER.x5c.concat([GlobalSignRootCAR2]).map((cert: string) => {
+  const fullpathCert = HEADER.x5c.concat([GlobalSignRootCAR2]).map((cert) => {
     let pem = '';
     // Take a string of characters and chop them up into 64-char lines (just like a PEM cert)
     for (let i = 0; i < cert.length; i += 64) {
diff --git a/src/types.ts b/src/types.ts
index 3773a8b..59e70c1 100644
--- a/src/types.ts
+++ b/src/types.ts
@@ -85,3 +85,20 @@ export enum COSEKEYS {
 };
 
 export type COSEPublicKey = Map<COSEAlgorithmIdentifier, number | Buffer>;
+
+export type SafetyNetJWTHeader = {
+  alg: 'string',
+  x5c: string[],
+};
+
+export type SafetyNetJWTPayload = {
+  nonce: string,
+  timestampMs: number,
+  apkPackageName: string,
+  apkDigestSha256: string,
+  ctsProfileMatch: boolean,
+  apkCertificateDigestSha256: string[],
+  basicIntegrity: boolean,
+};
+
+export type SafetyNetJWTSignature = string;