"Attestation verification failed" error while registering new account using resident credential.

I am trying to register a new account using resident credential and getting the following error. I am running 2.4.1 version of java-webauthn-server. Any ideas what is going wrong here?

Error

{
  "messages": [
    "Attestation verification failed; further error message(s) were unfortunately lost to an internal server error."
  ]
}

Authenticator Response:

{
  "type": "public-key",
  "id": "Y4Rd9uA4ZG6-z-ZfMjNgVdRm3ls6gk305L0QKvNvAmCUfePvRmJZN4fXDx3W00Xc",
  "rawId": "Y4Rd9uA4ZG6-z-ZfMjNgVdRm3ls6gk305L0QKvNvAmCUfePvRmJZN4fXDx3W00Xc",
  "response": {
    "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoib0JUTlBFNHRtRE1wLUpTdlV1ZEF3SXA5eW40a0pfSWRGY05KTWxVUjJvbyIsIm9yaWdpbiI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMiLCJjcm9zc09yaWdpbiI6ZmFsc2V9",
    "attestationObject": "o2NmbXRmcGFja2VkZ2F0dFN0bXSjY2FsZyZjc2lnWEcwRQIhAL6crN1XCkC9HXNlRYl9fSbR2RW83DFq9i-UHmCTU1SwAiAYLJTChhRTNadBpdXXHZsUVrfZkIqj4WxSNzGx3-0mOmN4NWOBWQLdMIIC2TCCAcGgAwIBAgIJAN-S2cTi7WYKMA0GCSqGSIb3DQEBCwUAMC4xLDAqBgNVBAMTI1l1YmljbyBVMkYgUm9vdCBDQSBTZXJpYWwgNDU3MjAwNjMxMCAXDTE0MDgwMTAwMDAwMFoYDzIwNTAwOTA0MDAwMDAwWjBvMQswCQYDVQQGEwJTRTESMBAGA1UECgwJWXViaWNvIEFCMSIwIAYDVQQLDBlBdXRoZW50aWNhdG9yIEF0dGVzdGF0aW9uMSgwJgYDVQQDDB9ZdWJpY28gVTJGIEVFIFNlcmlhbCAxMTU1MTA5NTk5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEChhsbk0KalKKRJCaeiQjaHAo1MV-zLcXuhKAuFwvweTgYWaMPCCu8zNQ0ZZFI4osOQv13_o0_yVQL0cPPUC4iKOBgTB_MBMGCisGAQQBgsQKDQEEBQQDBQQDMCIGCSsGAQQBgsQKAgQVMS4zLjYuMS40LjEuNDE0ODIuMS43MBMGCysGAQQBguUcAgEBBAQDAgQwMCEGCysGAQQBguUcAQEEBBIEEC_AV5-BE0fqsRa7Wo25ICowDAYDVR0TAQH_BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAgqyvETCpm9FDJ9L4-bBBoqBKZoUnJCLlexSwuPg7bxVFZku_VWgerwFYciq_ztLkrGM87AlZVkUksPLlF92XEJi5iRUX7NDFU6Lkc5-d4T2v0NXXuKxKN_TyzDDvJcsAZS0Z22nX2le9Gpwdjth9RtgNKzvf0dnvnStoMtStW810IUzmphQdFrLpOsssiPYKPrbV9hRxl1kJNzvGd5AjJFcaVz9g8Hu-0XuSyLWfooIQv6jGASKTABs57-V7-cseOsqKQTD4Ovhmj3Pe8nEbINyZ6KgE7qP3QnGXtrRRs3NcI7ybG-J0wm07-RlvjEpLcV9LlcTbe5fnWU60ZWSMHGhhdXRoRGF0YVjCSZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2PFAAAAAy_AV5-BE0fqsRa7Wo25ICoAMGOEXfbgOGRuvs_mXzIzYFXUZt5bOoJN9OS9ECrzbwJglH3j70ZiWTeH1w8d1tNF3KUBAgMmIAEhWCBjhF324Dhkbr7P5l8ywF5-2NuGjLOqSKLXp26QGlgTOCJYIOL6yBhxTpfPH4BG0iIm3kpz-zKlFLEgvB_ENVnR6SnooWtjcmVkUHJvdGVjdAM",
    "transports": [
      "nfc",
      "usb"
    ]
  },
  "clientExtensionResults": {
    "credProps": {
      "rk": true
    }
  },
  "_clientDataJson": {
    "type": "webauthn.create",
    "challenge": "oBTNPE4tmDMp-JSvUudAwIp9yn4kJ_IdFcNJMlUR2oo",
    "origin": "https://localhost:8443",
    "crossOrigin": false
  }
}

Terminal Logs:

> Task :webauthn-server-demo:run
20:07:04.926-0600 [main] DEBUG demo.webauthn.Config - YUBICO_WEBAUTHN_ALLOWED_ORIGINS: null
20:07:04.928-0600 [main] INFO  demo.webauthn.Config - Origins: [https://localhost:8443]
20:07:04.928-0600 [main] DEBUG demo.webauthn.Config - RP name: null
20:07:04.928-0600 [main] DEBUG demo.webauthn.Config - RP ID: null
20:07:04.928-0600 [main] DEBUG demo.webauthn.Config - RP name not given - using default.
20:07:04.928-0600 [main] DEBUG demo.webauthn.Config - RP ID not given - using default.
20:07:04.929-0600 [main] INFO  demo.webauthn.Config - RP identity: RelyingPartyIdentity(name=Yubico WebAuthn demo, id=localhost)
20:07:05.122-0600 [main] INFO  org.eclipse.jetty.util.log - Logging initialized @386ms to org.eclipse.jetty.util.log.Slf4jLog
20:07:05.159-0600 [main] INFO  org.eclipse.jetty.server.Server - jetty-9.4.9.v20180320; built: 2018-03-20T06:21:10-06:00; git: 1f8159b1e4a42d3f79997021ea1609f2fbac6de5; jvm 17.0.7+0
Jul 06, 2023 8:07:05 PM org.glassfish.jersey.message.internal.MessagingBinders$EnabledProvidersBinder bindToBinder
WARNING: A class javax.activation.DataSource for a default provider MessageBodyWriter<javax.activation.DataSource> was not found. The provider is not available.
Jul 06, 2023 8:07:05 PM org.glassfish.jersey.server.wadl.WadlFeature configure
WARNING: JAX-B API not found . WADL feature is disabled.
Jul 06, 2023 8:07:05 PM org.glassfish.jersey.internal.inject.Providers checkProviderRuntime
WARNING: A provider demo.webauthn.WebAuthnRestResource registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider demo.webauthn.WebAuthnRestResource will be ignored. 
20:07:05.355-0600 [main] INFO  o.e.j.server.handler.ContextHandler - Started o.e.j.s.ServletContextHandler@5f14a673{/,file:///Users/tarun.yadav/Desktop/pqc-fido2-impl/java-webauthn-server/webauthn-server-demo/src/main/webapp/,AVAILABLE}
20:07:05.368-0600 [main] INFO  o.e.jetty.util.ssl.SslContextFactory - x509=X509@4784013e(serverkey,h=[],w=[]) for SslContextFactory@6f952d6c[provider=null,keyStore=file:///Users/tarun.yadav/Desktop/pqc-fido2-impl/java-webauthn-server/webauthn-server-demo/keystore.jks,trustStore=null]
20:07:05.419-0600 [main] INFO  o.e.jetty.server.AbstractConnector - Started ServerConnector@545e57d7{SSL,[ssl, http/1.1]}{127.0.0.1:8443}
20:07:05.419-0600 [main] INFO  org.eclipse.jetty.server.Server - Started @684ms
20:07:19.024-0600 [qtp2065718717-27] DEBUG demo.webauthn.WebAuthnRestResource - startRegistration JSON response: {"success":true,"request":{"username":"testUser","credentialNickname":"","requestId":"hmKeBTM-CGDnn-Zwjy6QMVrwAtrGFqddeFN19p3xRTU","publicKeyCredentialCreationOptions":{"rp":{"name":"Yubico WebAuthn demo","id":"localhost"},"user":{"name":"testUser","displayName":"testUser","id":"aOmMFCBHYfEdE_YMtyQB28Qt0kPUXFq9-CU7T9Lc2ZM"},"challenge":"oBTNPE4tmDMp-JSvUudAwIp9yn4kJ_IdFcNJMlUR2oo","pubKeyCredParams":[{"alg":-7,"type":"public-key"},{"alg":-8,"type":"public-key"},{"alg":-35,"type":"public-key"},{"alg":-36,"type":"public-key"},{"alg":-257,"type":"public-key"},{"alg":-258,"type":"public-key"},{"alg":-259,"type":"public-key"}],"excludeCredentials":[],"authenticatorSelection":{"requireResidentKey":true,"residentKey":"required"},"attestation":"direct","extensions":{"credProps":true}},"sessionToken":"uO5sxeEmqHs1fOPf9SBeXQamYoQjZxAppRWaTnuP554"},"actions":{"finish":"https://localhost:8443/api/v1/register/finish"}}
20:07:29.315-0600 [qtp2065718717-26] DEBUG com.yubico.webauthn.OriginMatcher - Exact match: https://localhost:8443 == https://localhost:8443
20:07:29.429-0600 [qtp2065718717-26] DEBUG demo.webauthn.WebAuthnServer - Adding registration: user: UserIdentity(name=testUser, displayName=testUser, id=ByteArray(68e98c14204761f11d13f60cb72401dbc42dd243d45c5abdf8253b4fd2dcd993)), nickname: Optional[], credential: RegisteredCredential(credentialId=ByteArray(63845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dc), userHandle=ByteArray(68e98c14204761f11d13f60cb72401dbc42dd243d45c5abdf8253b4fd2dcd993), publicKeyCose=ByteArray(a501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8), signatureCount=3, backupEligible=null, backupState=null)
20:07:29.471-0600 [qtp2065718717-26] ERROR demo.webauthn.WebAuthnRestResource - Failed to encode response as JSON: WebAuthnServer.SuccessfulRegistrationResult(success=true, request=RegistrationRequest(username=testUser, credentialNickname=Optional[], requestId=ByteArray(86629e05333e0860e79fe6708f2e90315af002dac616a75d785375f69df14535), publicKeyCredentialCreationOptions=PublicKeyCredentialCreationOptions(rp=RelyingPartyIdentity(name=Yubico WebAuthn demo, id=localhost), user=UserIdentity(name=testUser, displayName=testUser, id=ByteArray(68e98c14204761f11d13f60cb72401dbc42dd243d45c5abdf8253b4fd2dcd993)), challenge=ByteArray(a014cd3c4e2d983329f894af52e740c08a7dca7e2427f21d15c349325511da8a), pubKeyCredParams=[PublicKeyCredentialParameters(alg=ES256, type=PUBLIC_KEY), PublicKeyCredentialParameters(alg=EdDSA, type=PUBLIC_KEY), PublicKeyCredentialParameters(alg=ES384, type=PUBLIC_KEY), PublicKeyCredentialParameters(alg=ES512, type=PUBLIC_KEY), PublicKeyCredentialParameters(alg=RS256, type=PUBLIC_KEY), PublicKeyCredentialParameters(alg=RS384, type=PUBLIC_KEY), PublicKeyCredentialParameters(alg=RS512, type=PUBLIC_KEY)], timeout=Optional.empty, excludeCredentials=Optional[[]], authenticatorSelection=Optional[AuthenticatorSelectionCriteria(authenticatorAttachment=Optional.empty, residentKey=Optional[REQUIRED], userVerification=Optional.empty)], attestation=DIRECT, extensions=RegistrationExtensionInputs(appidExclude=Optional.empty, credProps=true, largeBlob=Optional.empty, uvm=false)), sessionToken=Optional[ByteArray(b8ee6cc5e126a87b357ce3dff5205e5d06a6628423671029a5159a4e7b8fe79e)]), response=RegistrationResponse(requestId=ByteArray(86629e05333e0860e79fe6708f2e90315af002dac616a75d785375f69df14535), credential=PublicKeyCredential(id=ByteArray(63845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dc), response=AuthenticatorAttestationResponse(attestationObject=ByteArray(a363666d74667061636b65646761747453746d74a363616c67266373696758473045022100be9cacdd570a40bd1d736545897d7d26d1d915bcdc316af62f941e60935354b00220182c94c286145335a741a5d5d71d9b1456b7d9908aa3e16c523731b1dfed263a63783563815902dd308202d9308201c1a003020102020900df92d9c4e2ed660a300d06092a864886f70d01010b0500302e312c302a0603550403132359756269636f2055324620526f6f742043412053657269616c203435373230303633313020170d3134303830313030303030305a180f32303530303930343030303030305a306f310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3128302606035504030c1f59756269636f205532462045452053657269616c20313135353130393539393059301306072a8648ce3d020106082a8648ce3d030107034200040a186c6e4d0a6a528a44909a7a2423687028d4c57eccb717ba1280b85c2fc1e4e061668c3c20aef33350d19645238a2c390bf5dffa34ff25502f470f3d40b888a38181307f3013060a2b0601040182c40a0d0104050403050403302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e373013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c010104041204102fc0579f811347eab116bb5a8db9202a300c0603551d130101ff04023000300d06092a864886f70d01010b0500038201010082acaf1130a99bd14327d2f8f9b041a2a04a6685272422e57b14b0b8f83b6f1545664bbf55681eaf0158722abfced2e4ac633cec0959564524b0f2e517dd971098b9891517ecd0c553a2e4739f9de13dafd0d5d7b8ac4a37f4f2cc30ef25cb00652d19db69d7da57bd1a9c1d8ed87d46d80d2b3bdfd1d9ef9d2b6832d4ad5bcd74214ce6a6141d16b2e93acb2c88f60a3eb6d5f61471975909373bc677902324571a573f60f07bbed17b92c8b59fa28210bfa8c6012293001b39efe57bf9cb1e3aca8a4130f83af8668f73def2711b20dc99e8a804eea3f7427197b6b451b3735c23bc9b1be274c26d3bf9196f8c4a4b715f4b95c4db7b97e7594eb465648c1c68617574684461746158c249960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763c5000000032fc0579f811347eab116bb5a8db9202a003063845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dca501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8a16b6372656450726f7465637403), clientDataJSON=ByteArray(7b2274797065223a22776562617574686e2e637265617465222c226368616c6c656e6765223a226f42544e504534746d444d702d4a53765575644177497039796e346b4a5f496446634e4a4d6c5552326f6f222c226f726967696e223a2268747470733a2f2f6c6f63616c686f73743a38343433222c2263726f73734f726967696e223a66616c73657d), transports=[AuthenticatorTransport(id=nfc), AuthenticatorTransport(id=usb)], attestation=AttestationObject(bytes=ByteArray(a363666d74667061636b65646761747453746d74a363616c67266373696758473045022100be9cacdd570a40bd1d736545897d7d26d1d915bcdc316af62f941e60935354b00220182c94c286145335a741a5d5d71d9b1456b7d9908aa3e16c523731b1dfed263a63783563815902dd308202d9308201c1a003020102020900df92d9c4e2ed660a300d06092a864886f70d01010b0500302e312c302a0603550403132359756269636f2055324620526f6f742043412053657269616c203435373230303633313020170d3134303830313030303030305a180f32303530303930343030303030305a306f310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3128302606035504030c1f59756269636f205532462045452053657269616c20313135353130393539393059301306072a8648ce3d020106082a8648ce3d030107034200040a186c6e4d0a6a528a44909a7a2423687028d4c57eccb717ba1280b85c2fc1e4e061668c3c20aef33350d19645238a2c390bf5dffa34ff25502f470f3d40b888a38181307f3013060a2b0601040182c40a0d0104050403050403302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e373013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c010104041204102fc0579f811347eab116bb5a8db9202a300c0603551d130101ff04023000300d06092a864886f70d01010b0500038201010082acaf1130a99bd14327d2f8f9b041a2a04a6685272422e57b14b0b8f83b6f1545664bbf55681eaf0158722abfced2e4ac633cec0959564524b0f2e517dd971098b9891517ecd0c553a2e4739f9de13dafd0d5d7b8ac4a37f4f2cc30ef25cb00652d19db69d7da57bd1a9c1d8ed87d46d80d2b3bdfd1d9ef9d2b6832d4ad5bcd74214ce6a6141d16b2e93acb2c88f60a3eb6d5f61471975909373bc677902324571a573f60f07bbed17b92c8b59fa28210bfa8c6012293001b39efe57bf9cb1e3aca8a4130f83af8668f73def2711b20dc99e8a804eea3f7427197b6b451b3735c23bc9b1be274c26d3bf9196f8c4a4b715f4b95c4db7b97e7594eb465648c1c68617574684461746158c249960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763c5000000032fc0579f811347eab116bb5a8db9202a003063845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dca501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8a16b6372656450726f7465637403), authenticatorData=AuthenticatorData(bytes=ByteArray(49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763c5000000032fc0579f811347eab116bb5a8db9202a003063845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dca501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8a16b6372656450726f7465637403), flags=AuthenticatorDataFlags(value=-59, UP=true, UV=true, BE=false, BS=false, AT=true, ED=true), attestedCredentialData=Optional[AttestedCredentialData(aaguid=ByteArray(2fc0579f811347eab116bb5a8db9202a), credentialId=ByteArray(63845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dc), credentialPublicKey=ByteArray(a501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8))], extensions=Optional[{"credProtect": 3}]), format=packed, attestationStatement={"alg":-7,"sig":"MEUCIQC+nKzdVwpAvR1zZUWJfX0m0dkVvNwxavYvlB5gk1NUsAIgGCyUwoYUUzWnQaXV1x2bFFa32ZCKo+FsUjcxsd/tJjo=","x5c":["MIIC2TCCAcGgAwIBAgIJAN+S2cTi7WYKMA0GCSqGSIb3DQEBCwUAMC4xLDAqBgNVBAMTI1l1YmljbyBVMkYgUm9vdCBDQSBTZXJpYWwgNDU3MjAwNjMxMCAXDTE0MDgwMTAwMDAwMFoYDzIwNTAwOTA0MDAwMDAwWjBvMQswCQYDVQQGEwJTRTESMBAGA1UECgwJWXViaWNvIEFCMSIwIAYDVQQLDBlBdXRoZW50aWNhdG9yIEF0dGVzdGF0aW9uMSgwJgYDVQQDDB9ZdWJpY28gVTJGIEVFIFNlcmlhbCAxMTU1MTA5NTk5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEChhsbk0KalKKRJCaeiQjaHAo1MV+zLcXuhKAuFwvweTgYWaMPCCu8zNQ0ZZFI4osOQv13/o0/yVQL0cPPUC4iKOBgTB/MBMGCisGAQQBgsQKDQEEBQQDBQQDMCIGCSsGAQQBgsQKAgQVMS4zLjYuMS40LjEuNDE0ODIuMS43MBMGCysGAQQBguUcAgEBBAQDAgQwMCEGCysGAQQBguUcAQEEBBIEEC/AV5+BE0fqsRa7Wo25ICowDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAgqyvETCpm9FDJ9L4+bBBoqBKZoUnJCLlexSwuPg7bxVFZku/VWgerwFYciq/ztLkrGM87AlZVkUksPLlF92XEJi5iRUX7NDFU6Lkc5+d4T2v0NXXuKxKN/TyzDDvJcsAZS0Z22nX2le9Gpwdjth9RtgNKzvf0dnvnStoMtStW810IUzmphQdFrLpOsssiPYKPrbV9hRxl1kJNzvGd5AjJFcaVz9g8Hu+0XuSyLWfooIQv6jGASKTABs57+V7+cseOsqKQTD4Ovhmj3Pe8nEbINyZ6KgE7qP3QnGXtrRRs3NcI7ybG+J0wm07+RlvjEpLcV9LlcTbe5fnWU60ZWSMHA=="]}), clientData=CollectedClientData(clientDataJson=ByteArray(7b2274797065223a22776562617574686e2e637265617465222c226368616c6c656e6765223a226f42544e504534746d444d702d4a53765575644177497039796e346b4a5f496446634e4a4d6c5552326f6f222c226f726967696e223a2268747470733a2f2f6c6f63616c686f73743a38343433222c2263726f73734f726967696e223a66616c73657d), clientData={"type":"webauthn.create","challenge":"oBTNPE4tmDMp-JSvUudAwIp9yn4kJ_IdFcNJMlUR2oo","origin":"https://localhost:8443","crossOrigin":false}, challenge=ByteArray(a014cd3c4e2d983329f894af52e740c08a7dca7e2427f21d15c349325511da8a), origin=https://localhost:8443, type=webauthn.create)), authenticatorAttachment=Optional.empty, clientExtensionResults=ClientRegistrationExtensionOutputs(appidExclude=Optional.empty, credProps=Optional[Extensions.CredentialProperties.CredentialPropertiesOutput(rk=Optional[true])], largeBlob=Optional.empty), type=PUBLIC_KEY), sessionToken=Optional[ByteArray(b8ee6cc5e126a87b357ce3dff5205e5d06a6628423671029a5159a4e7b8fe79e)]), registration=CredentialRegistration(userIdentity=UserIdentity(name=testUser, displayName=testUser, id=ByteArray(68e98c14204761f11d13f60cb72401dbc42dd243d45c5abdf8253b4fd2dcd993)), credentialNickname=Optional[], transports=[AuthenticatorTransport(id=nfc), AuthenticatorTransport(id=usb)], registrationTime=2023-07-07T02:07:29.429034Z, credential=RegisteredCredential(credentialId=ByteArray(63845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dc), userHandle=ByteArray(68e98c14204761f11d13f60cb72401dbc42dd243d45c5abdf8253b4fd2dcd993), publicKeyCose=ByteArray(a501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8), signatureCount=3, backupEligible=null, backupState=null), attestationMetadata=Optional[Attestation(metadataIdentifier=Optional[2fb54029-7613-4f1d-94f1-fb876c14a6fe], vendorProperties=Optional[{url=https://yubico.com, imageUrl=https://developers.yubico.com/U2F/Images/yubico.png, name=Yubico}], deviceProperties=Optional[{deviceId=1.3.6.1.4.1.41482.1.7, displayName=YubiKey 5/5C NFC, deviceUrl=https://support.yubico.com/support/solutions/articles/15000014174--yubikey-5-nfc, imageUrl=https://developers.yubico.com/U2F/Images/YK5NFC-CNFC.png}])]), attestationTrusted=true, attestationCert=Optional[WebAuthnServer.AttestationCertInfo(der=ByteArray(308202d9308201c1a003020102020900df92d9c4e2ed660a300d06092a864886f70d01010b0500302e312c302a0603550403132359756269636f2055324620526f6f742043412053657269616c203435373230303633313020170d3134303830313030303030305a180f32303530303930343030303030305a306f310b300906035504061302534531123010060355040a0c0959756269636f20414231223020060355040b0c1941757468656e74696361746f72204174746573746174696f6e3128302606035504030c1f59756269636f205532462045452053657269616c20313135353130393539393059301306072a8648ce3d020106082a8648ce3d030107034200040a186c6e4d0a6a528a44909a7a2423687028d4c57eccb717ba1280b85c2fc1e4e061668c3c20aef33350d19645238a2c390bf5dffa34ff25502f470f3d40b888a38181307f3013060a2b0601040182c40a0d0104050403050403302206092b0601040182c40a020415312e332e362e312e342e312e34313438322e312e373013060b2b0601040182e51c0201010404030204303021060b2b0601040182e51c010104041204102fc0579f811347eab116bb5a8db9202a300c0603551d130101ff04023000300d06092a864886f70d01010b0500038201010082acaf1130a99bd14327d2f8f9b041a2a04a6685272422e57b14b0b8f83b6f1545664bbf55681eaf0158722abfced2e4ac633cec0959564524b0f2e517dd971098b9891517ecd0c553a2e4739f9de13dafd0d5d7b8ac4a37f4f2cc30ef25cb00652d19db69d7da57bd1a9c1d8ed87d46d80d2b3bdfd1d9ef9d2b6832d4ad5bcd74214ce6a6141d16b2e93acb2c88f60a3eb6d5f61471975909373bc677902324571a573f60f07bbed17b92c8b59fa28210bfa8c6012293001b39efe57bf9cb1e3aca8a4130f83af8668f73def2711b20dc99e8a804eea3f7427197b6b451b3735c23bc9b1be274c26d3bf9196f8c4a4b715f4b95c4db7b97e7594eb465648c1c), text=[
[
  Version: V3
  Subject: CN=Yubico U2F EE Serial 1155109599, OU=Authenticator Attestation, O=Yubico AB, C=SE
  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11

  Key:  Sun EC public key, 256 bits
  public x coord: 4566281177700262948520218617292068700525588853977832139286014067734028992996
  public y coord: 101490170006787262984575762206992195265762409321851795943806949924516980111496
  parameters: secp256r1 [NIST P-256,X9.62 prime256v1] (1.2.840.10045.3.1.7)
  Validity: [From: Thu Jul 31 18:00:00 MDT 2014,
               To: Sat Sep 03 18:00:00 MDT 2050]
  Issuer: CN=Yubico U2F Root CA Serial 457200631
  SerialNumber: [    df92d9c4 e2ed660a]

Certificate Extensions: 5
[1]: ObjectId: 1.3.6.1.4.1.41482.13.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 05 04 03 05 04 03                               .......

[2]: ObjectId: 1.3.6.1.4.1.41482.2 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 15 31 2E 33 2E 36 2E   31 2E 34 2E 31 2E 34 31  ..1.3.6.1.4.1.41
0010: 34 38 32 2E 31 2E 37                               482.1.7

[3]: ObjectId: 1.3.6.1.4.1.45724.1.1.4 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 12 04 10 2F C0 57 9F   81 13 47 EA B1 16 BB 5A  ..../.W...G....Z
0010: 8D B9 20 2A                                        .. *

[4]: ObjectId: 1.3.6.1.4.1.45724.2.1.1 Criticality=false
Extension unknown: DER encoded OCTET string =
0000: 04 04 03 02 04 30                                  .....0

[5]: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
  CA:false
  PathLen: undefined
]

]
  Algorithm: [SHA256withRSA]
  Signature:
0000: 82 AC AF 11 30 A9 9B D1   43 27 D2 F8 F9 B0 41 A2  ....0...C'....A.
0010: A0 4A 66 85 27 24 22 E5   7B 14 B0 B8 F8 3B 6F 15  .Jf.'$"......;o.
0020: 45 66 4B BF 55 68 1E AF   01 58 72 2A BF CE D2 E4  EfK.Uh...Xr*....
0030: AC 63 3C EC 09 59 56 45   24 B0 F2 E5 17 DD 97 10  .c<..YVE$.......
0040: 98 B9 89 15 17 EC D0 C5   53 A2 E4 73 9F 9D E1 3D  ........S..s...=
0050: AF D0 D5 D7 B8 AC 4A 37   F4 F2 CC 30 EF 25 CB 00  ......J7...0.%..
0060: 65 2D 19 DB 69 D7 DA 57   BD 1A 9C 1D 8E D8 7D 46  e-..i..W.......F
0070: D8 0D 2B 3B DF D1 D9 EF   9D 2B 68 32 D4 AD 5B CD  ..+;.....+h2..[.
0080: 74 21 4C E6 A6 14 1D 16   B2 E9 3A CB 2C 88 F6 0A  t!L.......:.,...
0090: 3E B6 D5 F6 14 71 97 59   09 37 3B C6 77 90 23 24  >....q.Y.7;.w.#$
00A0: 57 1A 57 3F 60 F0 7B BE   D1 7B 92 C8 B5 9F A2 82  W.W?`...........
00B0: 10 BF A8 C6 01 22 93 00   1B 39 EF E5 7B F9 CB 1E  ....."...9......
00C0: 3A CA 8A 41 30 F8 3A F8   66 8F 73 DE F2 71 1B 20  :..A0.:.f.s..q. 
00D0: DC 99 E8 A8 04 EE A3 F7   42 71 97 B6 B4 51 B3 73  ........Bq...Q.s
00E0: 5C 23 BC 9B 1B E2 74 C2   6D 3B F9 19 6F 8C 4A 4B  \#....t.m;..o.JK
00F0: 71 5F 4B 95 C4 DB 7B 97   E7 59 4E B4 65 64 8C 1C  q_K......YN.ed..

])], authData=AuthenticatorData(bytes=ByteArray(49960de5880e8c687434170f6476605b8fe4aeb9a28632c7995cf3ba831d9763c5000000032fc0579f811347eab116bb5a8db9202a003063845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dca501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8a16b6372656450726f7465637403), flags=AuthenticatorDataFlags(value=-59, UP=true, UV=true, BE=false, BS=false, AT=true, ED=true), attestedCredentialData=Optional[AttestedCredentialData(aaguid=ByteArray(2fc0579f811347eab116bb5a8db9202a), credentialId=ByteArray(63845df6e038646ebecfe65f32336055d466de5b3a824df4e4bd102af36f0260947de3ef4662593787d70f1dd6d345dc), credentialPublicKey=ByteArray(a501020326200121582063845df6e038646ebecfe65f32c05e7ed8db868cb3aa48a2d7a76e901a581338225820e2fac818714e97cf1f8046d22226de4a73fb32a514b120bc1fc43559d1e929e8))], extensions=Optional[{"credProtect": 3}]), username=testUser, sessionToken=ByteArray(b8ee6cc5e126a87b357ce3dff5205e5d06a6628423671029a5159a4e7b8fe79e))
java.lang.IllegalStateException: Not a map
        at com.upokecenter.cbor.CBORObject.getEntries(CBORObject.java:504)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:688)
        at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
        ... 80 common frames omitted
Wrapped by: com.fasterxml.jackson.databind.JsonMappingException: Not a map (through reference chain: demo.webauthn.WebAuthnServer$SuccessfulRegistrationResult["authData"]->com.upokecenter.cbor.CBORObject["entries"]->java.util.Collections$UnmodifiableMap$UnmodifiableEntrySet[0]->java.util.Collections$UnmodifiableMap$UnmodifiableEntrySet$UnmodifiableEntry[""credProtect""]->com.upokecenter.cbor.CBORObject["entries"])
        at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:402)
        at com.fasterxml.jackson.databind.JsonMappingException.wrapWithPath(JsonMappingException.java:361)
        at com.fasterxml.jackson.databind.ser.std.StdSerializer.wrapAndThrow(StdSerializer.java:323)
        at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:780)
        at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
        at com.fasterxml.jackson.databind.ser.impl.MapEntrySerializer.serializeDynamic(MapEntrySerializer.java:407)
        at com.fasterxml.jackson.databind.ser.impl.MapEntrySerializer.serialize(MapEntrySerializer.java:341)
        at com.fasterxml.jackson.databind.ser.impl.MapEntrySerializer.serialize(MapEntrySerializer.java:24)
        at com.fasterxml.jackson.databind.ser.std.CollectionSerializer.serializeContents(CollectionSerializer.java:145)
        at com.fasterxml.jackson.databind.ser.std.CollectionSerializer.serialize(CollectionSerializer.java:107)
        at com.fasterxml.jackson.databind.ser.std.CollectionSerializer.serialize(CollectionSerializer.java:25)
        at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:732)
        at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
        at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
        at com.fasterxml.jackson.databind.ser.std.ReferenceTypeSerializer.serialize(ReferenceTypeSerializer.java:386)
        at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._serialize(DefaultSerializerProvider.java:479)
        at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider.serializeValue(DefaultSerializerProvider.java:318)
        at com.fasterxml.jackson.databind.ObjectMapper.writeValue(ObjectMapper.java:3303)
        at com.fasterxml.jackson.core.base.GeneratorBase.writeObject(GeneratorBase.java:389)
        at com.fasterxml.jackson.core.JsonGenerator.writeObjectField(JsonGenerator.java:2409)
        at demo.webauthn.WebAuthnServer$AuthDataSerializer.serialize(WebAuthnServer.java:628)
        at demo.webauthn.WebAuthnServer$AuthDataSerializer.serialize(WebAuthnServer.java:605)
        at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:732)
        at com.fasterxml.jackson.databind.ser.std.BeanSerializerBase.serializeFields(BeanSerializerBase.java:772)
        at com.fasterxml.jackson.databind.ser.BeanSerializer.serialize(BeanSerializer.java:178)
        at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider._serialize(DefaultSerializerProvider.java:479)
        at com.fasterxml.jackson.databind.ser.DefaultSerializerProvider.serializeValue(DefaultSerializerProvider.java:318)
        at com.fasterxml.jackson.databind.ObjectMapper._writeValueAndClose(ObjectMapper.java:4719)
        at com.fasterxml.jackson.databind.ObjectMapper.writeValueAsString(ObjectMapper.java:3964)
        at demo.webauthn.WebAuthnRestResource.writeJson(WebAuthnRestResource.java:384)
        at demo.webauthn.WebAuthnRestResource.finishResponse(WebAuthnRestResource.java:336)
        at demo.webauthn.WebAuthnRestResource.finishRegistration(WebAuthnRestResource.java:209)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory.lambda$static$0(ResourceMethodInvocationHandlerFactory.java:52)
        at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:134)
        at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:177)
        at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$ResponseOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:176)
        at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:81)
        at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:475)
        at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:397)
        at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:81)
        at org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:255)
        at org.glassfish.jersey.internal.Errors$1.call(Errors.java:248)
        at org.glassfish.jersey.internal.Errors$1.call(Errors.java:244)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
        at org.glassfish.jersey.internal.Errors.process(Errors.java:244)
        at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:265)
        at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:234)
        at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:684)
        at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:394)
        at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:346)
        at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:358)
        at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:311)
        at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:205)
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:864)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:535)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
        at org.eclipse.jetty.server.Server.handle(Server.java:531)
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
        at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:291)
        at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:151)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
        at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:319)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:175)
        at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:133)
        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:754)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:672)
        at java.base/java.lang.Thread.run(Thread.java:833)
20:07:29.484-0600 [qtp2065718717-26] DEBUG demo.webauthn.WebAuthnRestResource - Encoding messages as JSON: [Attestation verification failed; further error message(s) were unfortunately lost to an internal server error.]

Yubico / java-webauthn-server

"Attestation verification failed" error while registering new account using resident credential. #311