Previous thread was closed by the mod, so let's start with this warning:
Do not download and run random stuff from the internet. Like never. There are fake EdgeAuther versions floating around that steal your cert. There are no working CDNSP copy in public access yet.
Now quick recap of what previous thread was about:
0. You have to went online after 6.0 FW update at least once. Then Nintendo will add your certificate to white list. If you never went online with 6.0+ FW and try to get token for CDN access your certificate will be banned. Take this step with grain of salt because there is no way to properly verify it. But it sounds plausible. Nintendo wants to be sure you made legit FW update.
1. To access CDN you need edge token, that's the only difference between 6.0 FW and previous versions. To request it you need to authenticate your device first (not possible if your certificate is banned). Device authentication process is described here. Edge token request is single extra HTTP call. Token is valid for 24 hours. This step is done by EdgeAuther utility.
2. Now you can use this token to run CDNSP, just add X-Nintendo-DenebEdgeToken header like this.
The way EdgeAuther requests edge token is pretty straightforward. Two HTTP calls and your are golden. The only thing I don't understand is how AES key is derived to CMAC request body. There are also some hardcoded constants (Client ID, User-Agent, endpoint URL) that I suspect may be different for every FW revision. My copy is for 6.0 FW. If anyone is interested to implement working utility or patch CDNSP.py I can try to write pseudo-code for the authentication process.
UPDATE
-snip-
Don't build code without proper audit, don't run precompiled binaries from this repo ever!
Also I'm still worried that this version is for 6.0.0 firmware, some constants (Client_ID, UserAgent, SysDigest, BaseURL) may be outdated. Make sure you understand what are you doing before risking your cert.
Do not download and run random stuff from the internet. Like never. There are fake EdgeAuther versions floating around that steal your cert. There are no working CDNSP copy in public access yet.
Now quick recap of what previous thread was about:
Thread was deleted but that wasn't end of the story. Someone sent me the copy of EdgeAuther source code grabbed right before github repository was made private. So now I am 100% sure of the following things:We all know the sad story they tell us: Nintendo killed CDNSP with 6.0 FW, welcome back to dark ages of torrents and file-sharing shitholes. But is it really true?
<some proofs and guesses>
- CDNSP is still working. You can download everything from Nintendo CDN like it was prior to 6.0 FW.
- Changes to make CDNSP work again are trivial. My estimate is ~50 lines of code depending of your language of choice.
- Some people are desperately trying to hide this information from public. Apparently to make CDN their exclusive piracy source.
0. You have to went online after 6.0 FW update at least once. Then Nintendo will add your certificate to white list. If you never went online with 6.0+ FW and try to get token for CDN access your certificate will be banned. Take this step with grain of salt because there is no way to properly verify it. But it sounds plausible. Nintendo wants to be sure you made legit FW update.
1. To access CDN you need edge token, that's the only difference between 6.0 FW and previous versions. To request it you need to authenticate your device first (not possible if your certificate is banned). Device authentication process is described here. Edge token request is single extra HTTP call. Token is valid for 24 hours. This step is done by EdgeAuther utility.
2. Now you can use this token to run CDNSP, just add X-Nintendo-DenebEdgeToken header like this.
The way EdgeAuther requests edge token is pretty straightforward. Two HTTP calls and your are golden. The only thing I don't understand is how AES key is derived to CMAC request body. There are also some hardcoded constants (Client ID, User-Agent, endpoint URL) that I suspect may be different for every FW revision. My copy is for 6.0 FW. If anyone is interested to implement working utility or patch CDNSP.py I can try to write pseudo-code for the authentication process.
UPDATE
-snip-
Don't build code without proper audit, don't run precompiled binaries from this repo ever!
Also I'm still worried that this version is for 6.0.0 firmware, some constants (Client_ID, UserAgent, SysDigest, BaseURL) may be outdated. Make sure you understand what are you doing before risking your cert.
Last edited by Quantumcat,
, Reason: Don't link piracy tools unless they're clean