You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
NSTool doesn't currently support personalised tickets, these are generated for paid content usually, and are locked to the device they were downloaded on.
Can support for this please be added to:
processing tickets directly
implicitly processing tickets to decrypt NCAs
Technical Details
Ticket Data
Only the Ticket Body is different, for reference included here:
When comparing personalised tickets with common tickets, these are the differences:
title_key_enc_type == 1
enc_title_key has an RSA2048-OAEP-SHA2256 encryption layer on top of the regular AES128-CBC, this RSA key is device specific, and is required
No label is used for the OAEP layer.
account_id should be non-zero
I believe this links it to the originating Nintendo Account
device_id should be non-zero
My understanding is each Nintendo Switch has it's own unique eTicket Personalisation RSA key
The device ID links the ticket to originating Nintendo Switch, and may be usable for selecting the correct Device RSA key if multiple are loaded at once into NSTool Key Manager.
How does the user get the RSA key?
Currently if the user generates prod.keys using LockPick_RCM, the RSA Key Pair is dumped with the name eticket_rsa_keypair.
It appears to be the raw decrypted structure from the Switch OS:
About
NSTool doesn't currently support personalised tickets, these are generated for paid content usually, and are locked to the device they were downloaded on.
Can support for this please be added to:
Technical Details
Ticket Data
Only the Ticket Body is different, for reference included here:
When comparing personalised tickets with common tickets, these are the differences:
title_key_enc_type
==1
enc_title_key
has anRSA2048-OAEP-SHA2256
encryption layer on top of the regularAES128-CBC
, this RSA key is device specific, and is requiredaccount_id
should be non-zerodevice_id
should be non-zeroHow does the user get the RSA key?
Currently if the user generates prod.keys using LockPick_RCM, the RSA Key Pair is dumped with the name
eticket_rsa_keypair
.It appears to be the raw decrypted structure from the Switch OS:
The text was updated successfully, but these errors were encountered: