diff --git a/core/tools/codegen/fido/att_cert.der b/core/tools/codegen/fido/att_cert.der
new file mode 100644
index 000000000..e5e626928
Binary files /dev/null and b/core/tools/codegen/fido/att_cert.der differ
diff --git a/core/tools/codegen/fido/att_priv_key.pem b/core/tools/codegen/fido/att_priv_key.pem
new file mode 100644
index 000000000..85a723b56
--- /dev/null
+++ b/core/tools/codegen/fido/att_priv_key.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgcSasK/ZE3GGGrYPvH83xKle1z6IA
+C4rQJ+lW6FTFCouhRANCAATZGL36ilSskukNqR/KeqJkVMDRczYxTd6DpUuGtd9O8FJlmh1v/LdG
+fxrN24ozCAte7ZGJE/RDpSYbx3toYG/B
+-----END PRIVATE KEY-----
diff --git a/core/tools/codegen/fido/ca_cert.pem b/core/tools/codegen/fido/ca_cert.pem
new file mode 100644
index 000000000..db0dd61f5
--- /dev/null
+++ b/core/tools/codegen/fido/ca_cert.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBojCCAUmgAwIBAgIEBQQMPDAKBggqhkjOPQQDAjAuMSwwKgYDVQQDDCNUcmV6
+b3IgRklETyBSb290IENBIFNlcmlhbCA4NDE1MTM1NjAgFw0yMDA0MDYwOTU1MTZa
+GA8yMDcwMDQwNjA5NTUxNlowLjEsMCoGA1UEAwwjVHJlem9yIEZJRE8gUm9vdCBD
+QSBTZXJpYWwgODQxNTEzNTYwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQqgKwF
+9GKBxKtiKSf+nb8cnsRE24RnfqwnFReGORKlJ7Ms44eqs4MjCwwnnNonRQMVQvl5
+0ml/JKATBdBZf7fxo1MwUTAdBgNVHQ4EFgQUeuRSY/knj14w6orFYFeXEeKPVSEw
+HwYDVR0jBBgwFoAUeuRSY/knj14w6orFYFeXEeKPVSEwDwYDVR0TAQH/BAUwAwEB
+/zAKBggqhkjOPQQDAgNHADBEAiBO6zcgpZxA4uK5son5zWzQSOdlwPoZNZYynHbd
+q2qZ4gIgSdYR7RCOKEQY7vCVB9HeN/Pa/4pHodSBzo+3+WsM1Vk=
+-----END CERTIFICATE-----
diff --git a/core/tools/codegen/fido/ca_priv_key.pem b/core/tools/codegen/fido/ca_priv_key.pem
new file mode 100644
index 000000000..d4c7a2505
--- /dev/null
+++ b/core/tools/codegen/fido/ca_priv_key.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgd755DC6Q0TT+DqUTD/ks7M0Rcl5s
+IcLTp+DKtvLKvvChRANCAAQqgKwF9GKBxKtiKSf+nb8cnsRE24RnfqwnFReGORKlJ7Ms44eqs4Mj
+CwwnnNonRQMVQvl50ml/JKATBdBZf7fx
+-----END PRIVATE KEY-----
diff --git a/core/tools/codegen/fido/gen_att_cert.sh b/core/tools/codegen/fido/gen_att_cert.sh
new file mode 100755
index 000000000..401d5a25a
--- /dev/null
+++ b/core/tools/codegen/fido/gen_att_cert.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+openssl req -new -key att_priv_key.pem -config openssl.cnf |
+openssl x509 -req -CA ca_cert.pem -CAkey ca_priv_key.pem -out att_cert.der --outform DER -set_serial 54878404 -days 10957 -extfile openssl.cnf -extensions v3_req
diff --git a/core/tools/codegen/fido/openssl.cnf b/core/tools/codegen/fido/openssl.cnf
new file mode 100644
index 000000000..0dcb188af
--- /dev/null
+++ b/core/tools/codegen/fido/openssl.cnf
@@ -0,0 +1,13 @@
+[req]
+distinguished_name = req_distinguished_name
+prompt = no
+
+[req_distinguished_name]
+C = CZ
+O = SatoshiLabs, s.r.o.
+OU = Authenticator Attestation
+CN = Trezor FIDO EE Serial 54878404
+
+[v3_req]
+1.3.6.1.4.1.45724.1.1.4=ASN1:FORMAT:HEX,OCTETSTRING:d6d0bdc362eec4dbde8d7a656e4a4487
+basicConstraints=critical,CA:FALSE