Difference between revisions of "NIM services"
(nim:shp) |
|||
| Line 21: | Line 21: | ||
=nim:shp= | =nim:shp= | ||
This is "nn::nim::detail::IShopServiceManager". | This is "nn::nim::detail::IShopServiceManager". | ||
| + | |||
| + | {| class="wikitable" border="1" | ||
| + | |- | ||
| + | ! Cmd || Name | ||
| + | |- | ||
| + | | 0 || RequestDeviceAuthenticationToken | ||
| + | |- | ||
| + | | 1 || RequestCachedDeviceAuthenticationToken | ||
| + | |- | ||
| + | | 400 || GetAccountByVirtualAccount | ||
| + | |- | ||
| + | | 300 || RequestUnlinkDevice | ||
| + | |- | ||
| + | | 301 || RequestUnlinkDeviceIntegrated | ||
| + | |- | ||
| + | | 302 || RequestLinkDevice | ||
| + | |- | ||
| + | | 303 || HasDeviceLink | ||
| + | |- | ||
| + | | 304 || RequestUnlinkDeviceAll | ||
| + | |- | ||
| + | | 305 || RequestCreateVirtualAccount | ||
| + | |- | ||
| + | | 306 || RequestDeviceLinkStatus | ||
| + | |- | ||
| + | | 200 || RequestRegisterNotificationToken | ||
| + | |- | ||
| + | | 100 || RequestRegisterDeviceAccount | ||
| + | |- | ||
| + | | 101 || RequestUnregisterDeviceAccount | ||
| + | |- | ||
| + | | 102 || RequestDeviceAccountStatus | ||
| + | |- | ||
| + | | 103 || GetDeviceAccountInfo | ||
| + | |- | ||
| + | | 104 || RequestDeviceRegistrationInfo | ||
| + | |- | ||
| + | | 105 || RequestTransferDeviceAccount | ||
| + | |- | ||
| + | | 106 || RequestSyncRegistration | ||
| + | |- | ||
| + | | 107 || IsOwnDeviceId | ||
| + | |- | ||
| + | | 500 || RequestSyncTicket | ||
| + | |- | ||
| + | | 501 || RequestDownloadTicket | ||
| + | |- | ||
| + | | 502 || RequestDownloadTicketForPrepurchasedContents | ||
| + | |- | ||
| + | |} | ||
| + | |||
=ntc= | =ntc= | ||
Revision as of 22:50, 14 March 2018
nim
This is "nn::nim::detail::INetworkInstallManager".
| Cmd | Name |
|---|---|
| 1 | |
| 2 |
Cmd1
Takes a 0x10-byte input struct, from the output of cmd2.
Cmd2
Takes a type-0x6 output buffer, for an array of 0x10-byte entries. Returns an u32 for total output entries.
Doesn't return anything on a v2.1 system where sysupdate domains are blocked.
nim:shp
This is "nn::nim::detail::IShopServiceManager".
| Cmd | Name |
|---|---|
| 0 | RequestDeviceAuthenticationToken |
| 1 | RequestCachedDeviceAuthenticationToken |
| 400 | GetAccountByVirtualAccount |
| 300 | RequestUnlinkDevice |
| 301 | RequestUnlinkDeviceIntegrated |
| 302 | RequestLinkDevice |
| 303 | HasDeviceLink |
| 304 | RequestUnlinkDeviceAll |
| 305 | RequestCreateVirtualAccount |
| 306 | RequestDeviceLinkStatus |
| 200 | RequestRegisterNotificationToken |
| 100 | RequestRegisterDeviceAccount |
| 101 | RequestUnregisterDeviceAccount |
| 102 | RequestDeviceAccountStatus |
| 103 | GetDeviceAccountInfo |
| 104 | RequestDeviceRegistrationInfo |
| 105 | RequestTransferDeviceAccount |
| 106 | RequestSyncRegistration |
| 107 | IsOwnDeviceId |
| 500 | RequestSyncTicket |
| 501 | RequestDownloadTicket |
| 502 | RequestDownloadTicketForPrepurchasedContents |
ntc
This is "nn::ntc::detail::service::IStaticService".
Presumably Network Time Sync?
Network-time-sync uses the "<...>/time" HTTPS URL listed in the below Network section. This just returns an UTC Unix time string.
Network
- https://sun.hac.%%.d4c.nintendo.net/v1/system_update_meta?device_id=%016llx
- https://aqua.hac.%%.d4c.nintendo.net/required_system_update_meta?device_id=%016llx
- https://%s.hac.%%.d4c.nintendo.net/t/%c/%016llx/%u?device_id=%016llx Returns content like the below URL. This is the content for NCA-type0. See below for %c. %016llx is titleID, %u is title-version.
- https://%s.hac.%%.d4c.nintendo.net/c/%c/%s Used for downloading content. First %s is atumn or atum. %c is one of: 'c', 'a', or 's'. %s is just the hex-string NcaId. The server also returns two HTTP headers: "X-Nintendo-Content-Hash: {entire lowercase hex-string of the content SHA256 hash}" and "X-Nintendo-Content-ID: {lowercase hex-string for NcaId}"
- https://superfly.hac.%%.d4c.nintendo.net/v1/t/%016llx/dv %016llx is titleID, only for eShop titles it appears. Returns .json title-info.
- https://superfly.hac.%%.d4c.nintendo.net/v1/a/%016llx/dv %016llx is titleID, only for eShop titles it appears. Output is similar to above URL.
- https://aauth-%.ndas.srv.nintendo.net/v1/time
- https://beach.hac.%.eshop.nintendo.net/v1/rom_cards?application_id=%016llx&rom_card_cert=%s
- https://beach.hac.%.eshop.nintendo.net/v1/rom_cards/register?application_id=%016llx&rom_card_cert=%s&expected_gold_point=%d
- https://beach.hac.%.eshop.nintendo.net/v1/my/devices/hac/link?lang=en
- https://beach.hac.%.eshop.nintendo.net/v1/my/virtual_account?lang=en
- https://tagaya.hac.%.eshop.nintendo.net/tagaya/hac_versionlist
- ...
- "https://dauth-%.ndas.srv.nintendo.net/v1/device_auth_token" CURLOPT_POSTFIELDS is set to the output from: snprintf(..., "system_version=%08x&client_id=%s", <byte-swapped first 3 bytes from System_Version_Title loaded via settings cmd>, "<hard-coded hex string>");
- https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/AccountGetETickets
- https://ecs-%.hac.shop.nintendo.net/ecs/services/rest/GetAccountStatus
- https://ias-%.hac.shop.nintendo.net/ias/services/rest/Register
- https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetChallenge
- https://ias-%.hac.shop.nintendo.net/ias/services/rest/Unregister
- https://ias-%.hac.shop.nintendo.net/ias/services/rest/GetRegistrationInfo
- https://ias-%.hac.shop.nintendo.net/ias/services/rest/CompleteETicketSync
- https://ias-%.hac.shop.nintendo.net/ias/services/rest/AccountTransfer
- https://ias-%.hac.shop.nintendo.net/ias/services/rest/SyncRegistration
- [5.0.0]+ https://pearljam.hac.%.eshop.nintendo.net/sugar
- [5.0.0]+ https://pearljam.hac.%.eshop.nintendo.net/civil
These are not accessible without the required TLS client cert+privk, minus the time URL which can be accessed without any client cert+privk at all.
The returned content data from CDN, for both system-titles and eShop-titles, is identical to the data readable by Content_Manager_services#ReadEntryRaw.
While atumn seems to be for system-titles, and atum for eShop titles, the latter titles are accessible fine with atumn(with "/t/" for NCA-type0 at least).
'a' is used when an input u8 is not 0x3, otherwise 's' is used. This is title-type? A seperate function using the ".../c/" URL is hard-coded to use 'c'. This appears to match 's' usage attempts: the only URL that returned actual data with 's' was with titleID 0100000000000816.
As of June 30, 2017, accessing old content via the atumn "/c/" and "/t/" URLs works fine.
Going by strings in NIM, it appears SOAP isn't used anymore. ecs appears to use REST API?
User-Agent
NIM generates two User-Agent strings:
snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; did:%016llx; eid:%s)", <string at sysver+0x68>, {u32 from sysver+4}, "NX", DeviceId, {NSD cmd11 output}); snprintf(..., "User-Agent: NintendoSDK Firmware/%s-%u (platform:%s; eid:%s)", <string at sysver+0x68>, {u32 from sysver+4}, "NX", DeviceId, {NSD cmd11 output});
Where the 64bit DeviceId is parsed from the 0x10-bytes at outbuf+0xC6 from set:cal GetDeviceCert(DeviceCert_certname+2, aka where the hex string for the DeviceId is).
sun
NIM sends a HTTP GET with the sun URL listed above to get the title-listing of the latest system-titles, as .json. The deviceid in the URL is the same one in the above User-Agent section. HTTP header "Accept:application/json" is sent in the request.
The response is json with a "system_update_metas" block, containing "title_id" and "title_version" entries. The actual server response only contains 1 title.
Example, from 2.0 system:
{"timestamp":REDACTED-TIMESTSAMP,"system_update_metas":[{"title_id":"0100000000000816","title_version":201327002}]}
aqua
The following response is json from accessing the above aqua URL:
{
"contents_delivery_required_title_id": "0100000000000816",
"contents_delivery_required_title_version": 0
}
A while after 3.0.0 release, the above title-version was changed to the one for v3.0("Last-Modified: Thu, 29 Jun 2017 00:00:04 GMT").