IMPORTANT: the following method is obsolete. A new Pico Patcher tool has been released, which does not require extra tools and is universal.
USB Vendor and Product ID (VID and PID) are 4 bytes to uniquely identify USB products. These are assigned by the USB Forum and they cannot be reutilized by other parties without consent. Therefore, we are not allowed to distribute binaries with embedded unauthorized VID/PID without getting in troubles.
Precompiled firmwares come with a dummy VID/PID combination (FEFF:FCFD) that can be easily replaced without recompilation. In the case of Pico HSM and Pico OpenPGP, both are loaded if VID/PID are belong to a specific list. If the VID/PID do not belong to this list, the device is not loaded and thus, it is not detected by apps. This means, that neither Pico HSM nor Pico OpenPGP work out of the box. Firmwares must be patched previously to embed a valid VID/PID.
In both packages, a patcher can be executed to modify and embed a valid VID/PID. After the patch, the firmware can be loaded to the Pico device and detected by apps.
To patch the firmware, first select a valid VID/PID (i.e., 234b:0000 from FISJ). These VID/PID are in the list and it device will be discoverable by apps. To do it:
./patch_vidpid.sh VID:PID input_hsm_file.uf2 output_hsm_file.uf2
Note that you (neither me) are authorized to distribute binaries with VID/PID that you do not own.