[Wip Release] ctrcdnfetch - Tool to download 3DS eshop content after 11.8

luigoalma Oct 3, 2018.

  1. luigoalma
    OP

    luigoalma Member

    Newcomer
    2
    Sep 9, 2015
    Portugal
    The full ticket must be sent, it must be signed and match the title id of content.
    Encrypt ticket with a random 128bit key and iv and AES CBC 128, then take the used key and iv concated respectively together, and encrypt them RSA CDN Modulus with PKCS#1 v1.5, Block type 1 to match 3ds's work (not Block type 2, modules seem to use this always, I've tried to make this tool in python originally but I didn't bother too much with RSA, didn't find seem to find one that let me set block type or I was blind, I've not tested server response to Block type 2 but, 3ds uses type 1, so sending with type 2 would indicate something's up if they perform checks).
    Take both encrypted results, and convert them to base64.
    The final result has to be sent every time access to the content or tmd is made as http headers.
    "X-Authentication-Key" shall contain the base64 encrypted key and iv used for ticket.
    "X-Authentication-Data" shall contain the base64 encrypted ticket.
    It's recommended to use a new randomized key and iv per new session, as NIM would get a random one as well per AM request of a wrapped ticket.
     
  2. botik

    botik Member

    Newcomer
    4
    Sep 22, 2017
    Russia
    Thank! By what algorithm to verify the correct signature of the ticket?
     
  3. luigoalma
    OP

    luigoalma Member

    Newcomer
    2
    Sep 9, 2015
    Portugal
    You might want to read about tickets if you haven't yet.
    Although the issuer is what says what key was used for signature, the common ticket RSA certificate used is XS0000000c (in retail). This can be verified, as the common issuer should be "Root-CA00000003-XS0000000c". AFAIK no other issuers are seen in retail.
    It's just RSA. You can load ticket, find the proper data offset (read what was linked). And check data against the attached signature and with proper certificate RSA modulus.
    Also forgot to mention earlier, the RSA exponent is 0x10001 in all cases here.
     
Quick Reply
Draft saved Draft deleted
Loading...