7 files changed, 21 insertions, 51 deletions

diff --git a/packages/server/src/authentication/verifyAuthenticationResponse.ts b/packages/server/src/authentication/verifyAuthenticationResponse.ts
index 710419e..c99013e 100644
--- a/packages/server/src/authentication/verifyAuthenticationResponse.ts
+++ b/packages/server/src/authentication/verifyAuthenticationResponse.ts
@@ -206,7 +206,7 @@ export async function verifyAuthenticationResponse(
     verified: await verifySignature({
       signature,
       data: signatureBase,
-      publicKey: authenticator.credentialPublicKey,
+      credentialPublicKey: authenticator.credentialPublicKey,
     }),
     authenticationInfo: {
       newCounter: counter,
diff --git a/packages/server/src/helpers/verifySignature.ts b/packages/server/src/helpers/verifySignature.ts
index 4bc38e2..19cbac1 100644
--- a/packages/server/src/helpers/verifySignature.ts
+++ b/packages/server/src/helpers/verifySignature.ts
@@ -9,35 +9,23 @@ import { COSEALG, COSECRV, COSEKEYS, COSEKTY, COSEPublicKey, COSEPublicKeyEC2, C
 import { isoCrypto } from './iso';
 import { decodeCredentialPublicKey } from './decodeCredentialPublicKey';
 
-type VerifySignatureOptsBase = {
+/**
+ * Verify an authenticator's signature
+ */
+export async function verifySignature(opts: {
   signature: Uint8Array;
   data: Uint8Array;
+  credentialPublicKey?: Uint8Array;
+  leafCertificate?: Uint8Array;
   rsaHashAlgorithm?: string;
-}
+}): Promise<boolean> {
+  const { signature, data, credentialPublicKey, leafCertificate, rsaHashAlgorithm } = opts;
 
-type VerifySignatureOptsLeafCert = VerifySignatureOptsBase & {
-  leafCert: Uint8Array;
-};
-
-type VerifySignatureOptsCredentialPublicKey = VerifySignatureOptsBase & {
-  publicKey: Uint8Array;
-};
-
-/**
- * Verify an authenticator's signature
- */
-export async function verifySignature(
-  opts: VerifySignatureOptsLeafCert | VerifySignatureOptsCredentialPublicKey,
-): Promise<boolean> {
-  const { signature, data, rsaHashAlgorithm } = opts;
-  const _isLeafcertOpts = isLeafCertOpts(opts);
-  const _isCredPubKeyOpts = isCredPubKeyOpts(opts);
-
-  if (!_isLeafcertOpts && !_isCredPubKeyOpts) {
+  if (!leafCertificate && !credentialPublicKey) {
     throw new Error('Must declare either "leafCert" or "credentialPublicKey"');
   }
 
-  if (_isLeafcertOpts && _isCredPubKeyOpts) {
+  if (leafCertificate && credentialPublicKey) {
     throw new Error('Must not declare both "leafCert" and "credentialPublicKey"');
   }
 
@@ -45,10 +33,8 @@ export async function verifySignature(
   let kty: COSEKTY;
   let alg: COSEALG;
 
-  if (_isCredPubKeyOpts) {
-    const { publicKey } = opts;
-
-    const cosePublicKey = decodeCredentialPublicKey(publicKey);
+  if (credentialPublicKey) {
+    const cosePublicKey = decodeCredentialPublicKey(credentialPublicKey);
 
     const _kty = cosePublicKey.get(COSEKEYS.kty);
     const _alg = cosePublicKey.get(COSEKEYS.alg);
@@ -80,13 +66,11 @@ export async function verifySignature(
     subtlePublicKey = await isoCrypto.importKey(cosePublicKey as COSEPublicKeyEC2 | COSEPublicKeyRSA);
     kty = _kty as COSEKTY;
     alg = _alg;
-  } else if (_isLeafcertOpts) {
+  } else if (leafCertificate) {
     /**
      * Time to extract the public key from an X.509 leaf certificate
      */
-    const { leafCert } = opts;
-
-    const x509 = AsnParser.parse(leafCert, Certificate);
+    const x509 = AsnParser.parse(leafCertificate, Certificate);
 
     const { tbsCertificate } = x509;
     const {
@@ -198,17 +182,3 @@ export async function verifySignature(
     data,
   });
 }
-
-function isLeafCertOpts(
-  opts: VerifySignatureOptsLeafCert | VerifySignatureOptsCredentialPublicKey,
-): opts is VerifySignatureOptsLeafCert {
-  return Object.keys(opts as VerifySignatureOptsLeafCert).indexOf('leafCert') >= 0;
-}
-
-function isCredPubKeyOpts(
-  opts: VerifySignatureOptsLeafCert | VerifySignatureOptsCredentialPublicKey,
-): opts is VerifySignatureOptsCredentialPublicKey {
-  return (
-    Object.keys(opts as VerifySignatureOptsCredentialPublicKey).indexOf('publicKey') >= 0
-  );
-}
diff --git a/packages/server/src/registration/verifications/tpm/verifyAttestationTPM.ts b/packages/server/src/registration/verifications/tpm/verifyAttestationTPM.ts
index 7a147e3..283e417 100644
--- a/packages/server/src/registration/verifications/tpm/verifyAttestationTPM.ts
+++ b/packages/server/src/registration/verifications/tpm/verifyAttestationTPM.ts
@@ -304,7 +304,7 @@ export async function verifyAttestationTPM(options: AttestationFormatVerifierOpt
   return verifySignature({
     signature: sig,
     data: certInfo,
-    leafCert: x5c[0],
+    leafCertificate: x5c[0],
     rsaHashAlgorithm: hashAlg
   });
 }
diff --git a/packages/server/src/registration/verifications/verifyAttestationAndroidKey.ts b/packages/server/src/registration/verifications/verifyAttestationAndroidKey.ts
index 1287ac0..57dd921 100644
--- a/packages/server/src/registration/verifications/verifyAttestationAndroidKey.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationAndroidKey.ts
@@ -111,7 +111,7 @@ export async function verifyAttestationAndroidKey(
   return verifySignature({
     signature: sig,
     data: signatureBase,
-    leafCert: x5c[0],
+    leafCertificate: x5c[0],
     rsaHashAlgorithm: hashAlg
   });
 }
diff --git a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts
index 5e977a5..d47dd70 100644
--- a/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationAndroidSafetyNet.ts
@@ -129,7 +129,7 @@ export async function verifyAttestationAndroidSafetyNet(
   const verified = await verifySignature({
     signature: signatureBuffer,
     data: signatureBaseBuffer,
-    leafCert: leafCertBuffer,
+    leafCertificate: leafCertBuffer,
   });
   /**
    * END Verify Signature
diff --git a/packages/server/src/registration/verifications/verifyAttestationFIDOU2F.ts b/packages/server/src/registration/verifications/verifyAttestationFIDOU2F.ts
index 629746d..f37dfea 100644
--- a/packages/server/src/registration/verifications/verifyAttestationFIDOU2F.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationFIDOU2F.ts
@@ -61,6 +61,6 @@ export async function verifyAttestationFIDOU2F(
   return verifySignature({
     signature: sig,
     data: signatureBase,
-    leafCert: x5c[0],
+    leafCertificate: x5c[0],
   });
 }
diff --git a/packages/server/src/registration/verifications/verifyAttestationPacked.ts b/packages/server/src/registration/verifications/verifyAttestationPacked.ts
index bf3fbc7..85c2e8c 100644
--- a/packages/server/src/registration/verifications/verifyAttestationPacked.ts
+++ b/packages/server/src/registration/verifications/verifyAttestationPacked.ts
@@ -115,7 +115,7 @@ export async function verifyAttestationPacked(
     verified = await verifySignature({
       signature: sig,
       data: signatureBase,
-      leafCert: x5c[0],
+      leafCertificate: x5c[0],
     });
   } else {
     const hashAlg: string = coseAlgSHAHashMap[alg];
@@ -123,7 +123,7 @@ export async function verifyAttestationPacked(
     verified = await verifySignature({
       signature: sig,
       data: signatureBase,
-      publicKey: credentialPublicKey,
+      credentialPublicKey,
       rsaHashAlgorithm: hashAlg
     });
   }