Bumping this because it's much better than my other release, and I want to remove the focus on that dramatised topic...
Which version of python are you using?i obtain keys for .py but on lauch have "NameError: name 'key_x_gak' is not defined" ,any help?
Which version of python are you using?
My copy+paste muscles were aching after this but got there in the end lol.
Cheers
Edit: meant to post that in the other thread but they're related so it still counts.
Edit2: just a heads up, to get asn1 you gotta do a "pip3 install future" before you do "pip3 install asn1"
Want your cert to access Nintendo's CDN, but you're not on 3.0.0 anymore so you can't run the PegaSwitch script?
Don't worry, I've got you covered!
Included in the pack is everything you need to generate a pfx certificate file from a NAND dump!
Usage:
How 2 get dem keyz???
- First, make sure Python3 and both the asn1 and pycrypto modules are installed.
- Next, copy your PRODINFO.bin partition into the folder
- Now, add the required keydata into "00_generate_ssl_kek.py", then run it; this will output the ssl_kek.
- Add the generated ssl_kek into "01_decrypt_privk_extract_cert.py", then run it, that will decrypt your private key and extract your cert.
- Then, run "02_convert_to_der.py", which will convert the extracted files into DER.
- Lastly, run "03_save_as_pfx.bat" to save it as an installable PFX certificate!
- Voila! You can now find your generated certificate in the new folder named "Out"!
Massive thanks to @SocraticBliss for helping me out with the python stuff and @SciresM for the RSA calcs required in script 02.
- The first key is generated by XORing the AES_KEK (kek_mask 0) with the CryptoUsecase_RsaPrivate seed (kek_seed 1).
- The second key is the original master key, you can extract it from your keyblobs using hactool.
- The third and fourth keys are plaintext in the ssl sysmodule NSO.
- Or alternatively, you can skip this entire step by finding the ssl_kek online, not giving links for obvious reasons... (Trust me, it's out there!)
Error when running 02, Cannot enter a non-constructed tag. Line 59. Any ideas? Thanks.
Same error herepython 3 on windows ,im look .py and obtain on first "B011100660D1...................." put on convert to der and have "Failed to read Client Cert from clcert.der!"
Yes, you need to fill in the keydata yourself.rsa_private_kek_generation_source = uhx('EF2C........................')
binascii.Error: Non-hexadecimal digit found
Traceback (most recent call last):
File "C:\Users\Iman\Documents\Nintendo\Switch\Hacks\Shop\CertNXtractionPack\00_generate_ssl_kek.py", line 3, in <module>
from Crypto.Cipher import AES
ModuleNotFoundError: No module named 'Crypto'