The process where the device obtains FIDO Device Onboard (FDO) credentials from the FDO Manufacturer is known as Device Initialization (DI).
Open a terminal and start the FDO PRI Manufacturer. After this step, an ownership voucher is generated so that the new owner can initiate the TO0 protocol.
Detailed steps and configuration needed to start FDO PRI Manufacturer are in README document.
During this time, the device does not have FDO Device Credentials and therefore will obtain the same from the FDO PRI Manufacturer.
NOTE: If you are not running the default FDO Client SDK binaries and have your own EC keys and certs, do the following:
- Place the ECDSA private key in the
data/directory and name itecdsaXXXprivkey.dat(ecdsa256privkey.datfor curve typeP-256andecdsa384privkey.datfor curve typeP-384). For the Privacy-Enhanced Mail (PEM)-formatted private key, useecdsaXXXprivkey.pemin a similar way (ecdsa256privkey.pemorecdsa384privkey.pem).