diff --git a/fido2/u2f.c b/fido2/u2f.c
index edc4451..1eb7e60 100644
--- a/fido2/u2f.c
+++ b/fido2/u2f.c
@@ -233,8 +233,8 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
         }
     }
     if (
-            control != U2F_AUTHENTICATE_SIGN ||
-            req->khl != U2F_KEY_HANDLE_SIZE  ||
+            (control != U2F_AUTHENTICATE_SIGN && control != U2F_AUTHENTICATE_SIGN_NO_USER) ||
+            req->khl != U2F_KEY_HANDLE_SIZE ||
             u2f_appid_eq(&req->kh, req->app) != 0 ||     // Order of checks is important
             u2f_load_key(&req->kh, req->app) != 0
 
@@ -243,9 +243,11 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
         return U2F_SW_WRONG_PAYLOAD;
     }
 
+	// dont-enforce-user-presence-and-sign
+	if (control == U2F_AUTHENTICATE_SIGN_NO_USER)
+		up = 0;
 
-
-	if(!fromNFC)
+	if(!fromNFC && up)
 	{
 		if (ctap_user_presence_test() == 0)
 		{
@@ -254,21 +256,26 @@ static int16_t u2f_authenticate(struct u2f_authenticate_request * req, uint8_t c
 	}
 
     count = ctap_atomic_count(0);
+	uint8_t vcount[4];
+	vcount[3] = (count) & 0xff;
+	vcount[2] = (count >> 8) & 0xff;
+	vcount[1] = (count >> 16) & 0xff;
+	vcount[0] = (count >> 24) & 0xff;
 
     crypto_sha256_init();
 
-    crypto_sha256_update(req->app,32);
-    crypto_sha256_update(&up,1);
-    crypto_sha256_update((uint8_t *)&count,4);
-    crypto_sha256_update(req->chal,32);
+    crypto_sha256_update(req->app, 32);
+    crypto_sha256_update(&up, 1);
+    crypto_sha256_update(vcount, 4);
+    crypto_sha256_update(req->chal, 32);
 
     crypto_sha256_final(hash);
 
-    printf1(TAG_U2F, "sha256: "); dump_hex1(TAG_U2F,hash,32);
+    printf1(TAG_U2F, "sha256: "); dump_hex1(TAG_U2F, hash, 32);
     crypto_ecc256_sign(hash, 32, sig);
 
-    u2f_response_writeback(&up,1);
-    u2f_response_writeback((uint8_t *)&count,4);
+    u2f_response_writeback(&up, 1);
+    u2f_response_writeback(vcount, 4);
     dump_signature_der(sig);
 
     return U2F_SW_NO_ERROR;
diff --git a/fido2/u2f.h b/fido2/u2f.h
index 3f4f689..88975a1 100644
--- a/fido2/u2f.h
+++ b/fido2/u2f.h
@@ -53,6 +53,7 @@
 // U2F Authenticate
 #define U2F_AUTHENTICATE_CHECK              0x7
 #define U2F_AUTHENTICATE_SIGN               0x3
+#define U2F_AUTHENTICATE_SIGN_NO_USER       0x8
 
 
 // Command status responses