diff --git a/core/tests/test_apps.webauthn.credential.py b/core/tests/test_apps.webauthn.credential.py
new file mode 100644
index 000000000..272909995
--- /dev/null
+++ b/core/tests/test_apps.webauthn.credential.py
@@ -0,0 +1,64 @@
+from common import *
+from apps.common import mnemonic, storage
+from apps.webauthn.credential import Fido2Credential
+from trezor.crypto.curve import nist256p1
+from trezor.crypto.hashlib import sha256
+
+
+class TestCredential(unittest.TestCase):
+    def test_fido2_credential_decode(self):
+        mnemonic_secret = b"all all all all all all all all all all all all"
+        mnemonic.get = lambda: (mnemonic_secret, mnemonic.TYPE_BIP39)
+        storage.is_initialized = lambda: True
+
+        cred_id = (
+            b"f1d0020013e65c865634ad8abddf7a66df56ae7d8c3afd356f76426801508b2e"
+            b"579bcb3496fe6396a6002e3cd6d80f6359dfa9961e24c544bfc2f26acec1b8d8"
+            b"78ba56727e1f6a7b5176c607552aea63a5abe5d826d69fab3063edfa0201d9a5"
+            b"1013d69eddb2eff37acdd5963f"
+        )
+
+        rp_id = "example.com"
+        rp_id_hash = sha256(rp_id).digest()
+
+        user_id = (
+            b"3082019330820138a0030201023082019330820138a003020102308201933082"
+        )
+
+        user_name = "johnpsmith@example.com"
+
+        creation_time = 2
+
+        public_key = (
+            b"0451f0d4c307bc737c90ac605c6279f7d01e451798aa7b74df550fdb43a7760c"
+            b"7c02b5107fef42094d00f52a9b1e90afb90e1b9decbf15a6f13d4f882de857e2"
+            b"f4"
+        )
+
+        cred_random = (
+            b"36a9b5d71c13ed54594474b54073af1fb03ea91cd056588909dae43ae2f35dbf"
+        )
+
+        # Load credential.
+        cred = Fido2Credential.from_cred_id(unhexlify(cred_id), rp_id_hash)
+        self.assertIsNotNone(cred)
+
+        # Check credential data.
+        self.assertEqual(hexlify(cred.id), cred_id)
+        self.assertEqual(cred.rp_id, rp_id)
+        self.assertEqual(cred.rp_id_hash, rp_id_hash)
+        self.assertEqual(hexlify(cred.user_id), user_id)
+        self.assertEqual(cred.user_name, user_name)
+        self.assertEqual(cred._creation_time, 2)
+        self.assertTrue(cred.hmac_secret)
+        self.assertIsNone(cred.rp_name)
+        self.assertIsNone(cred.user_display_name)
+
+        # Check credential keys.
+        self.assertEqual(hexlify(cred.hmac_secret_key()), cred_random)
+
+        cred_public_key = nist256p1.publickey(cred.private_key(), False)
+        self.assertEqual(hexlify(cred_public_key), public_key)
+
+if __name__ == '__main__':
+    unittest.main()