diff --git a/pkg/bundle/bundle_test.go b/pkg/bundle/bundle_test.go
index 6895dac..6ef272d 100644
--- a/pkg/bundle/bundle_test.go
+++ b/pkg/bundle/bundle_test.go
@@ -818,8 +818,8 @@ func TestVerificationContent(t *testing.T) {
 				return
 			}
 			if tt.wantPublicKey {
-				_, hasPubKey := got.HasPublicKey()
-				require.True(t, hasPubKey)
+				k := got.PublicKey()
+				require.NotNil(t, k)
 				return
 			}
 		})
diff --git a/pkg/bundle/verification_content.go b/pkg/bundle/verification_content.go
index cd27b7b..edb65db 100644
--- a/pkg/bundle/verification_content.go
+++ b/pkg/bundle/verification_content.go
@@ -56,8 +56,8 @@ func (c *Certificate) Certificate() *x509.Certificate {
 	return c.certificate
 }
 
-func (c *Certificate) HasPublicKey() (verify.PublicKeyProvider, bool) {
-	return PublicKey{}, false
+func (c *Certificate) PublicKey() verify.PublicKeyProvider {
+	return nil
 }
 
 func (pk *PublicKey) CompareKey(key any, tm root.TrustedMaterial) bool {
@@ -87,6 +87,6 @@ func (pk *PublicKey) Certificate() *x509.Certificate {
 	return nil
 }
 
-func (pk *PublicKey) HasPublicKey() (verify.PublicKeyProvider, bool) {
-	return *pk, true
+func (pk *PublicKey) PublicKey() verify.PublicKeyProvider {
+	return pk
 }
diff --git a/pkg/verify/interface.go b/pkg/verify/interface.go
index 0b66cc2..2ff0803 100644
--- a/pkg/verify/interface.go
+++ b/pkg/verify/interface.go
@@ -64,7 +64,7 @@ type VerificationContent interface {
 	CompareKey(any, root.TrustedMaterial) bool
 	ValidAtTime(time.Time, root.TrustedMaterial) bool
 	Certificate() *x509.Certificate
-	HasPublicKey() (PublicKeyProvider, bool)
+	PublicKey() PublicKeyProvider
 }
 
 type SignatureContent interface {
diff --git a/pkg/verify/signature.go b/pkg/verify/signature.go
index 56f3309..c7056c4 100644
--- a/pkg/verify/signature.go
+++ b/pkg/verify/signature.go
@@ -97,7 +97,7 @@ func getSignatureVerifier(verificationContent VerificationContent, tm root.Trust
 	if leafCert := verificationContent.Certificate(); leafCert != nil {
 		// TODO: Inspect certificate's SignatureAlgorithm to determine hash function
 		return signature.LoadVerifier(leafCert.PublicKey, crypto.SHA256)
-	} else if pk, ok := verificationContent.HasPublicKey(); ok {
+	} else if pk := verificationContent.PublicKey(); pk != nil {
 		return tm.PublicKeyVerifier(pk.Hint())
 	}