9 files changed, 21 insertions, 21 deletions

diff --git a/packages/server/src/attestation/verifications/tpm/verifyTPM.ts b/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
index 50eb0b0..b859fb5 100644
--- a/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
+++ b/packages/server/src/attestation/verifications/tpm/verifyTPM.ts
@@ -12,7 +12,7 @@ import type { AttestationStatement } from '../../../helpers/decodeAttestationObj
 import decodeCredentialPublicKey from '../../../helpers/decodeCredentialPublicKey';
 import { COSEKEYS, COSEALGHASH } from '../../../helpers/convertCOSEtoPKCS';
 import toHash from '../../../helpers/toHash';
-import convertX509CertToPEM from '../../../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../../../helpers/convertCertBufferToPEM';
 import getCertificateInfo from '../../../helpers/getCertificateInfo';
 import verifySignature from '../../../helpers/verifySignature';
 import MetadataService from '../../../services/metadataService';
@@ -274,7 +274,7 @@ export default async function verifyTPM(options: Options): Promise<boolean> {
 
   // Verify signature over certInfo with the public key extracted from AIK certificate.
   // In the wise words of Yuriy Ackermann: "Get Martini friend, you are done!"
-  const leafCertPEM = convertX509CertToPEM(x5c[0]);
+  const leafCertPEM = convertCertBufferToPEM(x5c[0]);
   return verifySignature(sig, certInfo, leafCertPEM, hashAlg);
 }
 
diff --git a/packages/server/src/attestation/verifications/verifyAndroidKey.ts b/packages/server/src/attestation/verifications/verifyAndroidKey.ts
index e137125..f3a47ee 100644
--- a/packages/server/src/attestation/verifications/verifyAndroidKey.ts
+++ b/packages/server/src/attestation/verifications/verifyAndroidKey.ts
@@ -3,7 +3,7 @@ import { Certificate } from '@peculiar/asn1-x509';
 import { KeyDescription, id_ce_keyDescription } from '@peculiar/asn1-android';
 
 import type { AttestationStatement } from '../../helpers/decodeAttestationObject';
-import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../../helpers/convertCertBufferToPEM';
 import verifySignature from '../../helpers/verifySignature';
 import convertCOSEtoPKCS, { COSEALGHASH } from '../../helpers/convertCOSEtoPKCS';
 import MetadataService from '../../services/metadataService';
@@ -76,7 +76,7 @@ export default async function verifyAttestationAndroidKey(options: Options): Pro
   }
 
   // TODO: Confirm that the root certificate is an expected certificate
-  // const rootCertPEM = convertX509CertToPEM(x5c[x5c.length - 1]);
+  // const rootCertPEM = convertBufferToPEM(x5c[x5c.length - 1]);
   // console.log(rootCertPEM);
 
   // if (rootCertPEM !== expectedRootCert) {
@@ -93,7 +93,7 @@ export default async function verifyAttestationAndroidKey(options: Options): Pro
   }
 
   const signatureBase = Buffer.concat([authData, clientDataHash]);
-  const leafCertPEM = convertX509CertToPEM(x5c[0]);
+  const leafCertPEM = convertCertBufferToPEM(x5c[0]);
   const hashAlg = COSEALGHASH[alg as number];
 
   return verifySignature(sig, signatureBase, leafCertPEM, hashAlg);
diff --git a/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts b/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts
index 11dec6b..8d8cc4a 100644
--- a/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts
+++ b/packages/server/src/attestation/verifications/verifyAndroidSafetyNet.ts
@@ -6,7 +6,7 @@ import toHash from '../../helpers/toHash';
 import verifySignature from '../../helpers/verifySignature';
 import getCertificateInfo from '../../helpers/getCertificateInfo';
 import validateCertificatePath from '../../helpers/validateCertificatePath';
-import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../../helpers/convertCertBufferToPEM';
 import MetadataService from '../../services/metadataService';
 import verifyAttestationWithMetadata from '../../metadata/verifyAttestationWithMetadata';
 
@@ -103,7 +103,7 @@ export default async function verifyAttestationAndroidSafetyNet(
     }
   } else {
     // Validate certificate path using a fixed global root cert
-    const path = HEADER.x5c.concat([GlobalSignRootCAR2]).map(convertX509CertToPEM);
+    const path = HEADER.x5c.concat([GlobalSignRootCAR2]).map(convertCertBufferToPEM);
 
     try {
       await validateCertificatePath(path);
@@ -121,7 +121,7 @@ export default async function verifyAttestationAndroidSafetyNet(
   const signatureBaseBuffer = Buffer.from(`${jwtParts[0]}.${jwtParts[1]}`);
   const signatureBuffer = base64url.toBuffer(SIGNATURE);
 
-  const leafCertPEM = convertX509CertToPEM(leafCertBuffer);
+  const leafCertPEM = convertCertBufferToPEM(leafCertBuffer);
   const verified = verifySignature(signatureBuffer, signatureBaseBuffer, leafCertPEM);
   /**
    * END Verify Signature
diff --git a/packages/server/src/attestation/verifications/verifyApple.ts b/packages/server/src/attestation/verifications/verifyApple.ts
index 419db74..952a753 100644
--- a/packages/server/src/attestation/verifications/verifyApple.ts
+++ b/packages/server/src/attestation/verifications/verifyApple.ts
@@ -3,7 +3,7 @@ import { Certificate } from '@peculiar/asn1-x509';
 
 import type { AttestationStatement } from '../../helpers/decodeAttestationObject';
 import validateCertificatePath from '../../helpers/validateCertificatePath';
-import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../../helpers/convertCertBufferToPEM';
 import toHash from '../../helpers/toHash';
 import convertCOSEtoPKCS from '../../helpers/convertCOSEtoPKCS';
 
@@ -25,7 +25,7 @@ export default async function verifyApple(options: Options): Promise<boolean> {
   /**
    * Verify certificate path
    */
-  const certPath = x5c.map(convertX509CertToPEM);
+  const certPath = x5c.map(convertCertBufferToPEM);
   certPath.push(AppleWebAuthnRootCertificate);
 
   try {
diff --git a/packages/server/src/attestation/verifications/verifyFIDOU2F.ts b/packages/server/src/attestation/verifications/verifyFIDOU2F.ts
index 40367d6..310cb83 100644
--- a/packages/server/src/attestation/verifications/verifyFIDOU2F.ts
+++ b/packages/server/src/attestation/verifications/verifyFIDOU2F.ts
@@ -1,7 +1,7 @@
 import type { AttestationStatement } from '../../helpers/decodeAttestationObject';
 
 import convertCOSEtoPKCS from '../../helpers/convertCOSEtoPKCS';
-import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../../helpers/convertCertBufferToPEM';
 import verifySignature from '../../helpers/verifySignature';
 
 type Options = {
@@ -53,7 +53,7 @@ export default function verifyAttestationFIDOU2F(options: Options): boolean {
     throw new Error(`AAGUID "${aaguidToHex}" was not expected value`);
   }
 
-  const leafCertPEM = convertX509CertToPEM(x5c[0]);
+  const leafCertPEM = convertCertBufferToPEM(x5c[0]);
 
   return verifySignature(sig, signatureBase, leafCertPEM);
 }
diff --git a/packages/server/src/attestation/verifications/verifyPacked.ts b/packages/server/src/attestation/verifications/verifyPacked.ts
index 077e54d..854ef1a 100644
--- a/packages/server/src/attestation/verifications/verifyPacked.ts
+++ b/packages/server/src/attestation/verifications/verifyPacked.ts
@@ -11,7 +11,7 @@ import convertCOSEtoPKCS, {
 } from '../../helpers/convertCOSEtoPKCS';
 import { FIDO_METADATA_ATTESTATION_TYPES } from '../../helpers/constants';
 import toHash from '../../helpers/toHash';
-import convertX509CertToPEM from '../../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../../helpers/convertCertBufferToPEM';
 import getCertificateInfo from '../../helpers/getCertificateInfo';
 import verifySignature from '../../helpers/verifySignature';
 import decodeCredentialPublicKey from '../../helpers/decodeCredentialPublicKey';
@@ -48,7 +48,7 @@ export default async function verifyAttestationPacked(options: Options): Promise
   const pkcsPublicKey = convertCOSEtoPKCS(credentialPublicKey);
 
   if (x5c) {
-    const leafCert = convertX509CertToPEM(x5c[0]);
+    const leafCert = convertCertBufferToPEM(x5c[0]);
     const { subject, basicConstraintsCA, version, notBefore, notAfter } = getCertificateInfo(
       x5c[0],
     );
diff --git a/packages/server/src/helpers/convertX509CertToPEM.ts b/packages/server/src/helpers/convertCertBufferToPEM.ts
index 74fa157..e02a4c3 100644
--- a/packages/server/src/helpers/convertX509CertToPEM.ts
+++ b/packages/server/src/helpers/convertCertBufferToPEM.ts
@@ -2,9 +2,9 @@ import base64url from 'base64url';
 import type { Base64URLString } from '@simplewebauthn/typescript-types';
 
 /**
- * Convert X.509 certificate to an OpenSSL-compatible PEM text format.
+ * Convert buffer to an OpenSSL-compatible PEM text format.
  */
-export default function convertX509CertToPEM(certBuffer: Buffer | Base64URLString): string {
+export default function convertCertBufferToPEM(certBuffer: Buffer | Base64URLString): string {
   let buffer: Buffer;
   if (typeof certBuffer === 'string') {
     buffer = base64url.toBuffer(certBuffer);
diff --git a/packages/server/src/metadata/verifyAttestationWithMetadata.ts b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
index 3ef04a9..e45eeeb 100644
--- a/packages/server/src/metadata/verifyAttestationWithMetadata.ts
+++ b/packages/server/src/metadata/verifyAttestationWithMetadata.ts
@@ -2,7 +2,7 @@ import { Base64URLString } from '@simplewebauthn/typescript-types';
 
 import { MetadataStatement } from '../services/metadataService';
 import { FIDO_METADATA_AUTH_ALG_TO_COSE } from '../helpers/constants';
-import convertX509CertToPEM from '../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../helpers/convertCertBufferToPEM';
 import validateCertificatePath from '../helpers/validateCertificatePath';
 
 export default async function verifyAttestationWithMetadata(
@@ -17,14 +17,14 @@ export default async function verifyAttestationWithMetadata(
   }
 
   // Make a copy of x5c so we don't modify the original
-  const path = [...x5c].map(convertX509CertToPEM);
+  const path = [...x5c].map(convertCertBufferToPEM);
 
   // Try to validate the chain with each metadata root cert until we find one that works
   let foundValidPath = false;
   for (const rootCert of statement.attestationRootCertificates) {
     try {
       // Push the root cert to the cert path and try to validate it
-      path.push(convertX509CertToPEM(rootCert));
+      path.push(convertCertBufferToPEM(rootCert));
       foundValidPath = await validateCertificatePath(path);
     } catch (err) {
       // Swallow the error for now
diff --git a/packages/server/src/services/metadataService.ts b/packages/server/src/services/metadataService.ts
index 3cec5e3..a9baf9e 100644
--- a/packages/server/src/services/metadataService.ts
+++ b/packages/server/src/services/metadataService.ts
@@ -6,7 +6,7 @@ import base64url from 'base64url';
 import { FIDO_AUTHENTICATOR_STATUS } from '../helpers/constants';
 import toHash from '../helpers/toHash';
 import validateCertificatePath from '../helpers/validateCertificatePath';
-import convertX509CertToPEM from '../helpers/convertX509CertToPEM';
+import convertCertBufferToPEM from '../helpers/convertCertBufferToPEM';
 import convertAAGUIDToString from '../helpers/convertAAGUIDToString';
 // TODO: Re-enable this once we figure out logging
 // import { log } from '../helpers/logging';
@@ -224,7 +224,7 @@ class MetadataService {
       throw new Error(`Latest TOC no. "${payload.no}" is not greater than previous ${no}`);
     }
 
-    let fullCertPath = header.x5c.map(convertX509CertToPEM);
+    let fullCertPath = header.x5c.map(convertCertBufferToPEM);
     if (rootCertURL.length > 0) {
       // Download FIDO the root certificate and append it to the TOC certs
       const respFIDORootCert = await fetch(rootCertURL);