HCC2 Application Signing

To be able to deploy an application to a QRATE HCC2 it must be signed with a private key which has an associated public key present on the device. This signing approach adds a layer of protection for end users to block the installation of malicious or tampered software.

When initially developing an application for the HCC2, one should apply a developer license to their unit used for testing. Once an app is ready for wider release, an OEM developer key is required. To obtain a free developer license, email Sensia at licensing@sensiaglobal.com and provide your device serial number and specify the licensing PN in the email body. The available Development Mode Licenses are:

Developer Mode License

Within the HCC2 is a service which contains the developer mode public key. When the developer (or development) mode license is applied to the HCC2 via the Unity Edge license management page, the developer mode public key is added to the list of accepted keys in the device. At this point, any application signed with the associated developer mode private key will be allowed to run. This is similar to enabling side-loading in a mobile device.

The development mode license is bound to the serial number of a specific HCC2 device. It cannot be used on any other HCC2 other than the one for which it was issued. This license includes:

• The HCC2 'Development Mode License'

• A copy of the 'Development mode private key'

  This key will be used to sign applications written by developers during the application signing and packaging process. They can then be loaded onto any HCC2 device with developer mode enabled, via the EPM

The application developer will write their application(s) and sign them with the 'development mode private key'; by passing them through the signing process.

Removal of Developer Mode License

Great care must be taken if attempting to return a device from developer mode to a normal state. The 'Development Mode' license will be perpetual but may be removed via the Unity license manager by applying a 'Developer mode removal license'. The removal license must be requested from Sensia. Following the removal of the developer license, apps installed using the 'Development Mode' license will persist. In order to mitigate the risk that HCC2 contains unwanted or unstable software, files, or configuration changes, it is strongly recommended that the HCC2 be reset to it's FACTORY SETTINGS prior to being returned into a production environment.

HCC2 OEM Signing Keys

An OEM public key permits an application developer (or organization) to sign applications that can be deployed in HCC2 devices that are used in production environments.

Once the developer has their 'OEM public key' file, they can distribute it to users of their applications who can then install it on their devices to permit OEM apps from the developer to run. This mechanism gives asset owners control over their devices while allowing 3rd party apps.

The vendor procedure to register with Sensia as an HCC2 OEM application developer is as follows:

1. The vendor generates a Public / Private key pair. This can be done using the hccdevtools/gen_local_key.sh script, (installed as part of their development environment), although generating and managing the keys within a secure vault environment is recommended. Refer to the contents of the gen_local_key script for details of the key format.

2. The Public Key is passed to Sensia, who will process it, and return a mender file, the 'OEM public key' file.
   This file can then be loaded into any HCC2 via the Edge Package Manager (EPM)'

   This file can be deployed on multiple HCC2 devices.

3. The Private Key will remain with the Vendor, and is their responsibility to ensure its security. This key will be used to sign OEM applications developed and deployed by the vendor.