The web-eid javascript library accepts the nonce as a base64 encoded string. However this base64 string is never decoded as base64 into bytes but rather treated as a regular string. This causes confusion when implementing backend validation of the signature.

Essentially instead of doing this to calculate the data to sign (python like pseudocode):

Hash(Hash(origin.encode('utf-8')) + Hash(base64decode(nonce)))

This is done instead:

Hash(Hash(origin.encode('utf-8')) + Hash(nonce.encode('utf-8')))

At-least to me (I am not a security expert) this seems to also reduce the entropy of the nonce as instead of all possible bytes one is limited to the base64 alphabet. I have not tried supplying non-base64 data as the nonce, but my guess is that web-eid library will complain when the data is not valid base64.

Is there any plans on changing the nonce to be parsed as base64 by the app before creating the hash? Or can the documentation be adjusted to clarify that the data does not need to be base64 if its not treated as base64.