W3C home > Mailing lists > Public > public-webauthn@w3.org > September 2020

Re: [webauthn] Provide the public key in `AuthenticatorAttestationResponse` (#1363)

From: CrazyChris75 via GitHub <sysbot+gh@w3.org>
Date: Sat, 26 Sep 2020 10:33:07 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-699476730-1601116385-sysbot+gh@w3.org>
@agl thanks for your reply!

I should have mentioned that YES, I encode all JS ArrayBuffers to base64url before sending data to the Java server and the byte[] `clientDataJSON` from the code above actually contains a vaild JSON String (with type, origin, androidPackageName)

I assume the problem is somewhere in Java and my attempt to verify the signature using SHA-256, "EC" KeyFactory, X509 Encoded Key and SHA256withECDSA Signature - since I am not sure if that is at all correct. But there are so many points of failure in this that I could be totally wrong of course.

GitHub Notification of comment by CrazyChris75
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1363#issuecomment-699476730 using your GitHub account

Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Saturday, 26 September 2020 10:33:09 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:41 UTC