Daniele Lacamera

Nice, thank you. Let us know about your findings. > Is there a way that you know of to verify the hash/signature without trying to boot the firmware? There is...

Hi @peardox, The certificate is only used as proof of origin (i.e. manufacturer), and does not contain any secret. The only secret on the device is the 'master key' that's...

Yes, the cert could be supplied in the source, but I thought it would be nice to customize/recreate since it's just a simple procedure. >In terms of user safety then...

> IMHO having a default which would be overriden by mkcert would be an improvement Feel free to submit a PR in that sense > There are numerous alternative bootloaders...

Please see issues #1 and #2 ... There is an unknown issue with windows OS + edge. Any details you can share about how to fix are welcome. I'm not...

it would help if you could just share a .pcap obtained via usbmon for the device, to see if windows is attempting to send any command that's not supported or...

Awesome! Thanks for looking into this. I don't think the failure is arch-dependent, rather how the OS handles the device or specific protocol implementation details. I only tested this on...

@peardox thank you for all the time you spent on this. So as I expected, it's a windows-only issue. Your capture will definitely help, I'll have a look this weekend....

I checked your capture, we might be missing one (mandatory) U2F HID command reply. This should be easily fixed by replying to `U2FHID_PING` as per specs. I'll be AFK today,...

Yes, CBOR is definitely 2.0. That's something we'll implement too. Fidelio is 1.2 only and does not work with services like google, requiring fido 2.0, but I did not expect...