This application has several component like BLE Bulb, Smart Lock, Smoke detector, are securely connected to the Qualcomm QCA4020, and has capabilities of controlling those devices via android application with AES128 bit encryption. Secure connection and communication done via BLE.
What is Secure boot?
In secure boot, OS boot images and code are authenticated against the hardware before they are used in the boot process. The hardware is set up beforehand in a way that it only authenticates code generated using security credentials you trust. In layman terms, secure boot ensures that the boot and firmware are intended manufacturer version and are not being tampered by malware or malicious third parties.
Follow the instructions from https://developer.qualcomm.com/download/enable-secure-boot-qca402x.pdf, for converting a QCA402x to a Secure boot board.
Secure boot enabled board will allow only the images with matching pk_hashkey (type of secure credentials). Building the application with pk_hash key is called signing image. The application with pk_hash key is called signed image.
The required keys and certificates for building signed image are created while building the secure boot environment.
Follow the instructions from https://developer.qualcomm.com/download/enable-secure-boot-qca402x.pdf, for creating a signed image( modifications are already made in the project ).
- The QCA402x SDK setup, which can be downloaded from the link below, https://developer.qualcomm.com/download/qca4020-qca4024/qca4020or11-qca-oem-sdkcdb.zip?referrer=node/35653
- Make the Tool chain setup using the guidelines mentioned in section 3.2 & 3.3 from https://developer.qualcomm.com/download/qca4020-qca4024/qca402x-cdb2x-programmers-guide.pdf
Build & Flash Application
- Build and flash the project using the guidelines mentioned in section 3.5 & 3.6 from https://developer.qualcomm.com/download/qca4020-qca4024/qca402x-cdb2x-programmers-guide.pdf
- Before flashing the replace the FIREHOSE image with secure boot FIREHOSE image.
- Replace the“prog_spinor_firehose_qca4020_lite_m4_threadx.mbn” in target/build/tools/flash/prog_spinor_firehose_qca4020_lite_m4_threadx.mbn with the one in QCLI_demo/build/gcc/4020/m4/prog_spinor_firehose_qca4020_lite_m4_threadx.mbn
- On visualizing flash status below, you confirm that secure image flash is successful.
qflash.pyInfo: Download device programmer... qflash.pyInfo: Device Programmer loaded successfully qflash.pyInfo: Skipping to program image qflash.pyInfo: Program flash. Please wait... qflash.pyInfo: Flash programming complete!
The over view of home-control-with-secure-communication can be seen from the below image, where the components connected to the QCA4020 board are controlled by Android Application using BLE.