120 lines
4.7 KiB
Markdown
120 lines
4.7 KiB
Markdown
template: post
|
|
title: nds-constrain't
|
|
author: flewkey
|
|
timestamp: 1594525504
|
|
license: CC-BY
|
|
|
|
Once upon a time, shutterbug2000 discovered nds-constrain't: a bug in Nintendo's
|
|
NTR SSL library that allowed it's connections to be easily intercepted. This
|
|
made it possible to connect to alternative online services without ROM patching.
|
|
|
|
The bug itself is simple: the NDS SSL library does not care whether or not a
|
|
certificate is authorized to act as a certificate authority. This means that
|
|
— with any valid certificate — we can sign whatever we want,
|
|
including a certificate under a false hostname.
|
|
|
|
A guide to using this bug for fun and profit is now available on the
|
|
[official page](https://github.com/KaeruTeam/nds-constraint), which is much
|
|
better written than mine. However, you are free to keep reading this one.
|
|
|
|
**Update (2020-12-31):** I have corrected some mistakes in this post. There is
|
|
also information at the bottom of this post regarding OpenSSL which is important
|
|
to setting up nds-constrain't properly.
|
|
|
|
---
|
|
|
|
### Getting the Wii client certificate
|
|
|
|
As explained in the [official page](https://github.com/KaeruTeam/nds-constraint)
|
|
for nds-constrain't, the Wii client certificate is signed by Nintendo and
|
|
considered valid. Therefore, we can use it's key to sign whatever we want. You
|
|
_could_ grab it from a Wii, but it is much easier to download it from
|
|
[Larsenv's page](https://larsenv.github.io/NintendoCerts/index.html). Choose the
|
|
"Wii NWC Prod 1" key pair.
|
|
|
|
### Converting it to a useable format
|
|
|
|
The file is a PKCS12, and we can't do anything useful with it until we extract
|
|
the certificate and the private key. Thankfully, this is pretty simple.
|
|
|
|
openssl pkcs12 -in WII_NWC_1_CERT.p12 -passin pass:alpine -passout pass:alpine -out keys.txt
|
|
|
|
That command will export the X.509 certificate and private key from the archive,
|
|
and store the output in keys.txt. They can then be copied into their appropriate
|
|
files, which I will name NWC.crt and NWC.key.
|
|
|
|
### Signing your certificate
|
|
|
|
Instructions for this are listed on the [official guide](https://github.com/KaeruTeam/nds-constraint).
|
|
I have copied them for reference.
|
|
|
|
openssl genrsa -out server.key 1024
|
|
openssl req -new -key server.key -out server.csr
|
|
openssl x509 -req -in server.csr -CA NWC.crt -CAkey NWC.key -CAcreateserial -out server.crt -days 3650 -sha1
|
|
|
|
NGINX users need to create a file for the certificate chain as well.
|
|
|
|
cat server.crt NWC.crt > server-chain.crt
|
|
|
|
We are now ready to rock and roll!
|
|
|
|
### Using your phony certificate
|
|
|
|
Once the SSL certificate is installed, you may run into issues connecting with
|
|
your DS. This because your NDS only knows how to use SSLv3, with either the
|
|
RC4-SHA or RC4-MD5 cipher set. To enable DS compatibility for NGINX, add the
|
|
following lines to your NGINX configuration.
|
|
|
|
ssl_protocols SSLv3;
|
|
ssl_ciphers RC4-SHA:RC4-MD5:@SECLEVEL=0;
|
|
|
|
The config settings are nearly identical in Apache.
|
|
|
|
SSLProtocol SSLv3
|
|
SSLCipherSuite RC4-SHA:RC4-MD5:@SECLEVEL=0
|
|
|
|
Most services for Nintendo consoles make liberal use of headers. Unfortunately,
|
|
some headers (e.g. `http_x_gamecd`) contain underscores, which
|
|
[shouldn't be in the header field](https://tools.ietf.org/html/rfc7230#section-3.2.6).
|
|
Allowing this in NGINX is simple.
|
|
|
|
underscores_in_headers on;
|
|
proxy_pass_request_headers on;
|
|
|
|
Working around this in Apache is a bit more difficult. For information about
|
|
working around invalid headers in Apache, see
|
|
[this example](http://httpd.apache.org/docs/trunk/env.html#fixheader). If you
|
|
continue having issues with NDS connectivity, please contact me.
|
|
|
|
### Having fun
|
|
|
|
The possibilities are infinite. Want to run services through a debugging proxy?
|
|
Implement WFC protocols? Make a Flipnote Studio server? All of this is possible
|
|
without ROM patches!
|
|
|
|
---
|
|
|
|
### Update
|
|
|
|
Modern versions of OpenSSL have SSLv3 and the RC4 ciphers disabled by default,
|
|
which means that you will need to compile OpenSSL yourself. For information on
|
|
doing this, see the
|
|
[INSTALL.md](https://github.com/openssl/openssl/blob/master/INSTALL.md)
|
|
from the OpenSSL repository, or the
|
|
[Compilation and Installation](https://wiki.openssl.org/index.php/Compilation_and_Installation)
|
|
page from their wiki.
|
|
|
|
When configuring OpenSSL, be sure to specify the "enable-ssl3",
|
|
"enable-ssl3-method" and "enable-weak-ciphers" flags like so:
|
|
|
|
./config enable-ssl3 enable-ssl3-method enable-weak-ciphers
|
|
|
|
It will install in /usr/local and /usr/local/ssl by default, so it shouldn't
|
|
interfere with the version currently installed on your system.
|
|
|
|
Gentoo users can add the "sslv3" and "weak-ciphers" USE flags to OpenSSL
|
|
and rebuild it. Since there is no weak-ciphers USE flag at the time of writing,
|
|
you might want to add my
|
|
[flewkey-overlay](https://git.sdf.org/flewkey/flewkey-overlay) and unmask
|
|
`dev-libs/openssl::flewkey-overlay`.
|