Bug 214266

Summary: YubiKey 5Ci gesture is not recognized by Safari
Product: WebKit Reporter: navindra
Component: WebKit Misc.Assignee: Nobody <webkit-unassigned>
Severity: Normal CC: dwaite, jiewen_tan, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: iPhone / iPad   
OS: Other   
Bug Depends on:    
Bug Blocks: 181943    

Description navindra 2020-07-13 12:10:37 PDT
While testing FIDO2 on iOS 14.0 18A5319i with a YubiKey 5Ci, the key LED blinks but Safari does not recognize the activation gesture. The key prompt dialog can only be cancelled.

This same key works on the Brave browser on the same phone/OS. I was also able to get Face ID to work for FIDO2 (awesome!) on Safari on the same phone/OS.

Please let me know what information I can provide to help debug this.
Comment 1 Jiewen Tan 2020-07-28 01:24:39 PDT
My 5Ci works for me on webauthn.io. Are you using a Yubico internal test device or a production one?
Comment 2 Radar WebKit Bug Importer 2020-07-28 01:24:52 PDT
Comment 3 navindra 2020-07-28 02:13:34 PDT
It was a shrink-wrapped production device.
Comment 4 David Waite 2020-07-28 03:04:50 PDT
This may be an issue with the Yubikey being used by the system as an OTP device (fake keyboard) rather than a FIDO2 device. The easiest way to tell if the device is in an active FIDO mode is if the LED is flashing.

If you want to experiment with disabling OTP functionality, you can enable and disable functions of the key using the command-line tool at https://www.yubico.com/products/services-software/download/yubikey-manager/ with a desktop or laptop computer.
Comment 5 navindra 2020-08-24 14:09:23 PDT
Thank you for the suggestion!

I disabled all interfaces (including OTP) except for FIDO2 but I still have this issue. Why would it work for Brave but not Safari? Brave doesn't have any trouble detecting that I've activated the key.
Comment 6 Jiewen Tan 2020-09-13 23:36:06 PDT

*** This bug has been marked as a duplicate of bug 215836 ***