Previous thread was closed by the mod, so let's start with this warning:
Do not download and run random stuff from the internet. Like never. There are fake EdgeAuther versions floating around that steal your cert.
There are no working CDNSP copy in public access yet.
Now quick recap of what previous thread was about:
Thread was deleted but that wasn't end of the story. Someone sent me the copy of
EdgeAuther source code grabbed right before github repository was made private. So now I am 100% sure of the following things:
- CDNSP is still working. You can download everything from Nintendo CDN like it was prior to 6.0 FW.
- Changes to make CDNSP work again are trivial. My estimate is ~50 lines of code depending of your language of choice.
- Some people are desperately trying to hide this information from public. Apparently to make CDN their exclusive piracy source.
EdgeAuther code is licensed under MIT allowing me to post it here. But since author (simonmkwii) wants to keep it private I only tell what needs to be done to make CDNSP work again to those interested:
0. You have to went online after 6.0 FW update at least once. Then Nintendo will add your certificate to white list. If you never went online with 6.0+ FW and try to get token for CDN access your certificate will be banned. Take this step with grain of salt because there is no way to properly verify it. But it sounds plausible. Nintendo wants to be sure you made legit FW update.
1. To access CDN you need
edge token, that's the only difference between 6.0 FW and previous versions. To request it you need to authenticate your device first (not possible if your certificate is banned). Device authentication process is described
here. Edge token request is single extra HTTP call. Token is valid for 24 hours. This step is done by
EdgeAuther utility.
2. Now you can use this token to run CDNSP, just add X-Nintendo-DenebEdgeToken header like
this.
The way EdgeAuther requests edge token is pretty straightforward. Two HTTP calls and your are golden. The only thing I don't understand is how AES key is derived to CMAC request body. There are also some hardcoded constants (Client ID, User-Agent, endpoint URL) that I suspect may be different for every FW revision. My copy is for 6.0 FW. If anyone is interested to implement working utility or patch CDNSP.py I can try to write pseudo-code for the authentication process.