1.2 Verify Unique Cryptographic Keys and Certificates

1.2 Verify Unique Cryptographic Keys and Certificates

Requirement Description

Verify that all cryptographic keys and certificates used in the DUT are unique to each individual device and not shared across multiple units, ensuring secure authentication, encryption, and integrity verification.

DUT Confirmation Details

  • OEM Statement: (Insert confirmation from OEM regarding per-device unique key and certificate provisioning.)

  • Observed State: (Insert findings after verification.)

DUT Software Details

  • Software Name/Version: ___________________

  • Build Date: ___________________

  • Build Number: ___________________

DUT Configuration

Provide any configuration commands or outputs used to verify the uniqueness of cryptographic keys and certificates. Example:

show crypto keys
show ssl certificate
openssl x509 -in cert.pem -noout -fingerprint

Pre-Conditions

The vendor shall provide the following:

  1. List of all cryptographic keys and certificates used in the device ecosystem.

  2. Key Management Life Cycle documentation, covering:

    • Purpose of each key/certificate

    • Generation process

    • Storage method

    • Destruction/zeroization process

    • Validity period

    • Key changeover/rotation process

Test Plan

Total Number of Test Cases: 3

Test Cases:

  1. Verification of per-device unique key generation during manufacturing/provisioning.

  2. Validation of storage method to ensure keys are securely stored and not retrievable in plaintext.

  3. Verification of key/certificate replacement process during rotation or expiration.

Test-bed Diagram with Interfaces and IPs

(Attach diagram showing DUT, secure storage module, test system, and network interfaces used for verification.)

PreviousTest_1-4NextTest 1-3

Last updated

Was this helpful?