control digital signing


Here is the use case:

  1. Router vendor to support 3rd party app hosting on their Routers with apps digitally signed by Router vendor only.
  2. Router to support skipping signature verification for App developers/vendors during Dev phase.
  3. Router to enforce signature verification in production mode.
  4. Router vendor to build this solution on a production router image so that they don’t need to provide separate Dev/Test router image to app vendors during Dev phase.

What is the secure way to support this on embedded systems like Routers without having to create 2 separate sets of images for Dev and Production from the router vendor?