async def auth_digital(self, title_id, title_version, device_token,
ticket):
self.verify_ticket(ticket, title_id)
plain_key = get_random_bytes(16)
aes = AES.new(plain_key, AES.MODE_CBC, iv=bytes(16))
encrypted_ticket = aes.encrypt(pad(ticket, 16))
rsa_key = RSA.construct((RSA_MODULUS, RSA_EXPONENT))
rsa = PKCS1_OAEP.new(rsa_key, SHA256)
encrypted_key = rsa.encrypt(plain_key)
req = http.HTTPRequest.post("/v3/application_auth_token")
req.form = {
"application_id": "%016x" % title_id,
"application_version": "%08x" % title_version,
"device_auth_token": device_token,
"media_type": "DIGITAL",
"cert": switch.b64encode(encrypted_ticket),
"cert_key": switch.b64encode(encrypted_key)
}
response = await self.request(req, True)
return response.json
def calculate_mac(self, form, data):
kek_source = self.keyset.get("aes_kek_generation_source")
master_key = self.get_master_key()
key = self.decrypt_key(kek_source, master_key)
key = self.decrypt_key(DAUTH_SOURCE, key)
key = self.decrypt_key(data, key)
mac = CMAC.new(key, ciphermod=AES)
mac.update(form.encode())
return b64encode(mac.digest())
def test_b64encode():
assert switch.b64encode(b"\xFE\xFF\xFE\xFF") == "_v_-_w"
