2.7a – Test Firmware Digital Signature Pinning

Requirement Description:

Verify that the firmware applications implement digital signature pinning, ensuring that connections are only established with trusted servers whose public keys or certificates are explicitly pinned.

DUT Confirmation Details:

(To be filled with vendor's confirmation on pinning implementation.)

DUT Software Details:

(Firmware version, release build, SDK details, etc.)

Hash Checksum Verification for DUT’s Software Image:

(Hash: SHA-256/SHA-1/MD5 of firmware image for integrity verification.)

DUT Configuration:

(Interface details, configuration of certificate pinning if present, related security parameters.)

Pre-Conditions:

The vendor shall provide the following:

Document listing use-cases when the device establishes server connections.
Technical documentation detailing the implementation of digital signature pinning (e.g., pinned public keys, certificates, hash algorithms, etc.).
Source code snippet or configuration proving pinning is enforced.

Test Plan:

Total number of test cases: 2

Test 1 – Signature Pinning Enforcement (Positive Scenario)
Test 2 – Signature Pinning Rejection (Negative Scenario)

Test-bed Diagram with Interfaces and IPs:

(To be appended with test environment layout, device IP, test server IP, protocol used – TLS/HTTPS, etc.)

PreviousTest 1 NextTest 1-2

Last updated 7 days ago

Was this helpful?