webauthn attestation on Apple macbook M1

102 views
Skip to first unread message

Cyril Labbe

unread,
Jul 6, 2021, 11:03:39 AMJul 6
to FIDO Dev (fido-dev)
Hello,
I've been checking the webauthn capability on Apple's macbooks, and I'm confused about the Apple Macbook M1.

The website https://webauthn.io cannot handle apple's attestations (when requiring a direct attestation), but the javascript part of the attestation ceremony does complete (up to the ajax call "make credential" which then fails) with a macbook from 2019 (MacOS BigSur 11.2.3, but not a M1)

On a Macbook M1 (MACOS BigSur 11.2.3 M1), after allowing the use of touchid for this website and pressing the touchid key, I directly get a "Impossible d'achever l'opération" popup, and therefor the ajax call is not performed at all.

It seems that the macbook M1 cannot get to build the attestation (when asking for direct on indirect).
Is it some bug, or a hardware limitation, or something else?

Best regads,
Cyril Labbe.

Cyril Labbe

unread,
Jul 19, 2021, 5:02:47 AMJul 19
to FIDO Dev (fido-dev), Cyril Labbe
I just checked on the website https://webauthn.me/debugger
when enabling only:
- authenticatorSelection/authenticatorAttachment => platform
- attestation => direct (same result with indirect)

I click on register, I allow the domain Webauthn.me to use touchid, I perform a valid touchid

on a MacBook M1, I get an error popup as below and a:
NotAllowedError: This request has been cancelled by the user.

Capture d’écran 2021-07-19 à 10.41.29.png
Capture d’écran 2021-07-19 à 10.49.25.png

on a MacbookPro, not M1, with the same macOS version, it works fine

on both devices, the api isUserVerifyingPlatformAuthenticator() returns true

As a relying party, I cannot detect/foresee that the devices will have this issue

Does anyone reproduce this issue?
Is there any workaround or fix incoming?

Best regards.

Cyril Labbe

unread,
Jul 20, 2021, 10:35:22 AMJul 20
to FIDO Dev (fido-dev)
Bug already reported on https://bugs.webkit.org/show_bug.cgi?id=224042 (since april)
Reply all
Reply to author
Forward
0 new messages