@agl thanks for your reply! I should have mentioned that YES, I encode all JS ArrayBuffers to base64url before sending data to the Java server and the byte[] `clientDataJSON` from the code above actually contains a vaild JSON String (with type, origin, androidPackageName) I assume the problem is somewhere in Java and my attempt to verify the signature using SHA-256, "EC" KeyFactory, X509 Encoded Key and SHA256withECDSA Signature - since I am not sure if that is at all correct. But there are so many points of failure in this that I could be totally wrong of course. -- GitHub Notification of comment by CrazyChris75 Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1363#issuecomment-699476730 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-configReceived on Saturday, 26 September 2020 10:33:09 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 26 September 2020 10:33:11 UTC