Hey all,
In theory, the fast blinking orange error light after connecting to Wifi is the core telling us that a decryption error happened during the handshake with the cloud. Although I lost a lot of sleep worrying about this issue, it looks like a few cores (about half of 1% based on our logs) snuck through the manufacturing process. If you want, the process for fixing this is also the process for generating a new private key for your core. It’s a two part process that I’ll be posting friendlier tools and docs for, but if you wanted to get going in the meantime, hopefully this will help:
Instructions for generating and flashing a new private key
*Note! - It’s very important you only follow these steps if you’re seeing this issue, or if you want to change your core’s private key. Unless you send us your new public key, or restore to the previous key, your core will lose the ability to connect to the cloud after performing these steps. *
###Note! If your core has ever reached “breathing cyan” you probably don’t need to follow these steps since your keys were working.
##There is a tool to help you do this, but you still have to install a few things (including dfu-util, and openssl, sorry!), details here:
##How to refresh your keys manually
1.) Install dfu-util from here: http://dfu-util.gnumonks.org/
2.) Connect your core and put it into DFU mode
Hold down both buttons and release the 'reset' button. Hold down for 3+ seconds, the light should blink yellow.
3.) run the following and verify [1d50:607f] shows up somewhere
dfu-util -l
4.) Install Openssl, or the encryption suite of your choice
http://www.openssl.org/source/
For Windows: instructions on SSL https://www.tbs-certificates.co.uk/FAQ/en/openssl-windows.html
Windows binaries download: https://wiki.openssl.org/index.php/Binaries
5.) Generate new keys for your core:
openssl genrsa -out core.pem 1024
openssl rsa -in core.pem -pubout -out core_public.pem
openssl rsa -in core.pem -outform DER -out core_private.der
6.) backup your previous key (hey, just in case)
dfu-util -d 1d50:607f -a 1 -s 0x00002000:4096 -v -U old_core_private_key.der
7.) connect your core in DFU mode, and copy the private key to your core:
dfu-util -d 1d50:607f -a 1 -s 0x00002000 -v -D core_private.der
8.) (*optional) update the server public key:
grab this file https://s3.amazonaws.com/spark-website/cloud_public.der
dfu-util -d 1d50:607f -a 1 -s 0x00001000 -v -D cloud_public.der
9.) connect to your core over serial, and hit ‘i’ to get your core id
10.) Please send me your core’s public key to the cloud using the spark-cli ( https://github.com/spark/spark-cli ) with:
spark login
spark keys send your_core_id core_public.pem
If that doesn’t work send us your core id and public key to hello@spark.io
Footnote - Running on mac/linux? try sudo dfu-util, Running on Windows? try: dfu-util in an admin command prompt
*Another Footnote - If you see something like “Failed to write whole chunk: -7 of” There is a quirk that dfu only likes to write keys that are an even number of bytes. You can also pad an odd length key with a random byte at the end as well. *
Thanks!
David