def __init__(self):
self.url = "account.nintendo.net"
ca = tls.TLSCertificate.load(CA, tls.TYPE_DER)
cert = tls.TLSCertificate.load(CERT, tls.TYPE_DER)
key = tls.TLSPrivateKey.load(KEY, tls.TYPE_DER)
self.context = tls.TLSContext()
self.context.set_authority(ca)
self.context.set_certificate(cert, key)
self.client_id = "a2efa818a34fa16b8afbc8a74eba3eda"
self.client_secret = "c91cdb5658bd4954ade78533a339cf9a"
self.platform_id = 1
self.device_type = 2
self.device_id = None
self.serial_number = None
self.system_version = 0x260
self.device_cert = None
self.region = 4
self.country = "NL"
self.language = "en"
self.fpd_version = 0
self.environment = "L1"
self.title_id = None
self.title_version = None
async def connect(url, context=None, *, protocols=None):
logger.debug("Connecting WS client to %s", url)
scheme, host, port, path = util.parse_url(url)
if scheme == "ws":
context = None
elif scheme == "wss":
if context is None:
context = tls.TLSContext()
elif scheme is not None:
raise ValueError("Invalid WS url scheme: %s" % scheme)
if path is None:
path = "/"
server = util.make_url(None, host, port, None)
async with http.connect(server, context) as client:
async with util.create_task_group() as group:
async with WebSocketClient(client, group) as client:
await client.start_client(host, path, protocols)
yield client
await client.close()
logger.debug("WS client is closed")
async def main():
s = settings.load("switch")
s.configure("0a69c592", 40600, 0)
chain = tls.load_certificate_chain("resources/fullchain.pem")
key = tls.TLSPrivateKey.load("resources/privkey.pem", tls.TYPE_PEM)
context = tls.TLSContext()
context.set_certificate_chain(chain, key)
async with eagle.serve("", 20001, context) as eagle_mgr:
clients = ClientMgr()
matchmaker = MatchMaker(clients, eagle_mgr)
async with dashboard.serve("", 20002, context, clients, matchmaker):
servers1 = [AuthenticationServer(s)]
servers2 = [
SecureConnectionServer(clients),
MessageDeliveryServer(clients, matchmaker),
MatchmakeRefereeServer(clients, matchmaker),
MatchmakeExtensionServer(matchmaker),
MatchMakingServerExt(matchmaker),
MatchMakingServer(matchmaker),
Ranking2Server(),
UtilityServer()
]
async with prudp.serve_transport(s, "", 20000,
context) as transport:
async with rmc.serve_prudp(s, servers1, transport, 1):
async with rmc.serve_prudp(s,
servers2,
transport,
2,
key=SERVER_KEY):
print("Server is running!")
await anyio.sleep(math.inf)
def __init__(self):
self.url = "aauth-lp1.ndas.srv.nintendo.net"
self.user_agent = USER_AGENT[LATEST_VERSION]
self.power_state = "FA"
ca = tls.TLSCertificate.load(CA, tls.TYPE_DER)
self.context = tls.TLSContext()
self.context.set_authority(ca)
async def test_tls():
async def handler(client):
assert await client.recv() == b"hi"
await client.send(b"hello")
# Create a self signed certificate
pkey = tls.TLSPrivateKey.generate()
cert = tls.TLSCertificate.generate(pkey)
cert.subject["CN"] = NAME
cert.issuer["CN"] = NAME
cert.sign(pkey)
context = tls.TLSContext()
context.set_certificate(cert, pkey)
async with tls.serve(handler, IP, 12345, context):
context = tls.TLSContext()
context.set_authority(cert)
async with tls.connect(NAME, 12345, context) as client:
assert client.remote_address() == (IP, 12345)
await client.send(b"hi")
assert await client.recv() == b"hello"
async def test_certificate(self):
# Create a self signed server certificate
serverkey = tls.TLSPrivateKey.generate()
servercert = tls.TLSCertificate.generate(serverkey)
servercert.subject["CN"] = "localhost"
servercert.issuer["CN"] = "localhost"
servercert.sign(serverkey)
# Create a certificate authority for the client certificate
authoritykey = tls.TLSPrivateKey.generate()
authoritycert = tls.TLSCertificate.generate(authoritykey)
authoritycert.subject["CN"] = "authority"
authoritycert.issuer["CN"] = "authority"
authoritycert.sign(authoritykey)
# Create a client certificate and sign it
clientkey = tls.TLSPrivateKey.generate()
clientcert = tls.TLSCertificate.generate(clientkey)
clientcert.subject["CN"] = "testclient"
clientcert.issuer["CN"] = "authority"
clientcert.sign(authoritykey)
# Create TLS context for the server
servercontext = tls.TLSContext()
servercontext.set_certificate(servercert, serverkey)
servercontext.set_authority(authoritycert)
clientcontext = tls.TLSContext()
clientcontext.set_certificate(clientcert, clientkey)
clientcontext.set_authority(servercert)
async def handler(client, request):
cert = client.remote_certificate()
assert cert.subject["CN"] == "testclient"
return http.HTTPResponse(200)
async with http.serve(handler, "localhost", 12345, servercontext):
response = await http.get("localhost:12345", context=clientcontext)
assert response.success()
async def test_handshake_failure():
async def handler(client):
assert await client.recv() == b"hi"
await client.send(b"hello")
pkey = tls.TLSPrivateKey.generate()
cert = tls.TLSCertificate.generate(pkey)
cert.subject["CN"] = NAME
cert.issuer["CN"] = NAME
cert.sign(pkey)
context = tls.TLSContext()
context.set_certificate(cert, pkey)
async with tls.serve(handler, IP, 12345, context):
context = tls.TLSContext()
with pytest.raises(ssl.SSLCertVerificationError):
async with tls.connect(NAME, 12345, context) as client:
pass
context.set_authority(cert)
async with tls.connect(NAME, 12345, context) as client:
await client.send(b"hi")
assert await client.recv() == b"hello"
def __init__(self, keyset): self.keyset = keyset ca = tls.TLSCertificate.load(CA, tls.TYPE_DER) self.context = tls.TLSContext() self.context.set_authority(ca) self.region = 1 self.url = "dauth-lp1.ndas.srv.nintendo.net" self.user_agent = USER_AGENT[LATEST_VERSION] self.system_digest = SYSTEM_VERSION_DIGEST[LATEST_VERSION] self.key_generation = KEY_GENERATION[LATEST_VERSION] self.power_state = "FA"
async def login(self, username, password=None, auth_info=None, servers=[]):
if self.settings["nex.version"] < 40000:
result = await self.login_old(username, auth_info)
elif self.settings["nex.version"] < 40400:
result = await self.login_switch(username, auth_info)
else:
result = await self.login_with_param(username, auth_info)
secure_station = result.secure_station
kerberos_key = result.source_key
if not kerberos_key:
if password is None:
raise ValueError("A password is required for this account")
# Derive kerberos key from password
kerberos_key = self.key_derivation.derive_key(
password.encode(), result.pid)
# Decrypt ticket from login response
ticket = kerberos.ClientTicket.decrypt(result.ticket, kerberos_key,
self.settings)
if ticket.target != secure_station["PID"]:
# Request ticket for secure server
response = await self.auth_proto.request_ticket(
result.pid, secure_station["PID"])
# Check for errors and decrypt ticket
response.result.raise_if_error()
ticket = kerberos.ClientTicket.decrypt(response.ticket,
kerberos_key, self.settings)
creds = kerberos.Credentials(ticket, result.pid, secure_station["CID"])
# The secure server may reside at the same
# address as the authentication server
host = secure_station["address"]
port = secure_station["port"]
if host == "0.0.0.1":
host, port = self.auth_host, self.auth_port
# Connect to secure server
stream_id = secure_station["sid"]
context = tls.TLSContext()
async with rmc.connect(self.settings, host, port, stream_id, context,
creds, servers) as client:
yield client
def __init__(self, settings, game_server_id, nex_version, pid, password):
self.settings = settings
self.game_server_id = game_server_id
self.nex_version = nex_version
self.pid = pid
self.password = password
self.environment = "L1"
self.key_derivation = kerberos.KeyDerivationOld(65000, 1024)
self.call_id = 1
ca = tls.TLSCertificate.load(CA, tls.TYPE_DER)
self.context = tls.TLSContext()
self.context.set_authority(ca)
async def connect(url, context=None):
scheme, host, port, path = util.parse_url(url)
if scheme == "http":
context = None
elif scheme == "https":
if context is None:
context = tls.TLSContext()
elif scheme is not None:
raise ValueError("Invalid HTTP url scheme: %s" %scheme)
if path is not None:
raise ValueError("URL must not contain a path")
if port is None:
port = 443 if context else 80
logger.debug("Establishing HTTP connection with %s:%i", host, port)
async with tls.connect(host, port, context) as client:
yield HTTPClient(client)
def __init__(self): self.url = "nasc.nintendowifi.net" ca = tls.TLSCertificate.load(CA, tls.TYPE_DER) cert = tls.TLSCertificate.load(CERT, tls.TYPE_DER) key = tls.TLSPrivateKey.load(KEY, tls.TYPE_DER) self.context = tls.TLSContext() self.context.set_authority(ca) self.context.set_certificate(cert, key) self.sdk_version_major = 0 self.sdk_version_minor = 0 self.title_id = None self.title_version = None self.product_code = "----" self.maker_code = "00" self.media_type = MEDIA_TYPE_SYSTEM self.rom_id = None self.serial_number = None self.mac_address = None self.fcd_cert = None self.device_name = "" self.unit_code = "2" self.bss_id = secrets.token_hex(6) self.ap_info = "01:0000000000" self.region = 3 self.language = 2 self.pid = None self.pid_hmac = None self.password = None self.fpd_version = 15 self.environment = "L1"
async def connect(settings, host, port):
context = tls.TLSContext()
async with rmc.connect(settings, host, port, context=context) as client:
yield BackEndClient(settings, client, host, port)
def __init__(self): self.url = "e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com" self.user_agent = USER_AGENT[LATEST_VERSION] self.power_state = "FA" self.context = tls.TLSContext()
