account: Rework LoadIdTokenCache to auto generate a random JWT token (#2991)
This improve correctness of that call while possibly spoofing possible recognizable patterns.
This commit is contained in:
parent
e32a19520b
commit
275275f7ac
2 changed files with 55 additions and 6 deletions
|
@ -1,7 +1,11 @@
|
||||||
using Ryujinx.Common.Logging;
|
using Microsoft.IdentityModel.Tokens;
|
||||||
using Ryujinx.Cpu;
|
using Ryujinx.Common.Logging;
|
||||||
using Ryujinx.HLE.HOS.Kernel.Threading;
|
using Ryujinx.HLE.HOS.Kernel.Threading;
|
||||||
using Ryujinx.HLE.HOS.Services.Account.Acc.AsyncContext;
|
using Ryujinx.HLE.HOS.Services.Account.Acc.AsyncContext;
|
||||||
|
using System;
|
||||||
|
using System.IdentityModel.Tokens.Jwt;
|
||||||
|
using System.Security.Cryptography;
|
||||||
|
using System.Text;
|
||||||
using System.Threading;
|
using System.Threading;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
|
||||||
|
@ -19,6 +23,51 @@ namespace Ryujinx.HLE.HOS.Services.Account.Acc.AccountService
|
||||||
_userId = userId;
|
_userId = userId;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static string GenerateIdToken()
|
||||||
|
{
|
||||||
|
using RSA provider = RSA.Create(2048);
|
||||||
|
|
||||||
|
RSAParameters parameters = provider.ExportParameters(true);
|
||||||
|
|
||||||
|
RsaSecurityKey secKey = new RsaSecurityKey(parameters);
|
||||||
|
|
||||||
|
SigningCredentials credentials = new SigningCredentials(secKey, "RS256");
|
||||||
|
|
||||||
|
credentials.Key.KeyId = parameters.ToString();
|
||||||
|
|
||||||
|
var header = new JwtHeader(credentials)
|
||||||
|
{
|
||||||
|
{ "jku", "https://e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com/1.0.0/certificates" }
|
||||||
|
};
|
||||||
|
|
||||||
|
byte[] rawUserId = new byte[0x10];
|
||||||
|
RandomNumberGenerator.Fill(rawUserId);
|
||||||
|
|
||||||
|
byte[] deviceId = new byte[0x10];
|
||||||
|
RandomNumberGenerator.Fill(deviceId);
|
||||||
|
|
||||||
|
byte[] deviceAccountId = new byte[0x10];
|
||||||
|
RandomNumberGenerator.Fill(deviceId);
|
||||||
|
|
||||||
|
var payload = new JwtPayload
|
||||||
|
{
|
||||||
|
{ "sub", BitConverter.ToString(rawUserId).Replace("-", "").ToLower() },
|
||||||
|
{ "aud", "ed9e2f05d286f7b8" },
|
||||||
|
{ "di", BitConverter.ToString(deviceId).Replace("-", "").ToLower() },
|
||||||
|
{ "sn", "XAW10000000000" },
|
||||||
|
{ "bs:did", BitConverter.ToString(deviceAccountId).Replace("-", "").ToLower() },
|
||||||
|
{ "iss", "https://e0d67c509fb203858ebcb2fe3f88c2aa.baas.nintendo.com" },
|
||||||
|
{ "typ", "id_token" },
|
||||||
|
{ "iat", DateTimeOffset.UtcNow.ToUnixTimeSeconds() },
|
||||||
|
{ "jti", Guid.NewGuid().ToString() },
|
||||||
|
{ "exp", (DateTimeOffset.UtcNow + TimeSpan.FromHours(3)).ToUnixTimeSeconds() }
|
||||||
|
};
|
||||||
|
|
||||||
|
JwtSecurityToken securityToken = new JwtSecurityToken(header, payload);
|
||||||
|
|
||||||
|
return new JwtSecurityTokenHandler().WriteToken(securityToken);
|
||||||
|
}
|
||||||
|
|
||||||
public ResultCode CheckAvailability(ServiceCtx context)
|
public ResultCode CheckAvailability(ServiceCtx context)
|
||||||
{
|
{
|
||||||
// NOTE: This opens the file at "su/baas/USERID_IN_UUID_STRING.dat" where USERID_IN_UUID_STRING is formatted as "%08x-%04x-%04x-%02x%02x-%08x%04x".
|
// NOTE: This opens the file at "su/baas/USERID_IN_UUID_STRING.dat" where USERID_IN_UUID_STRING is formatted as "%08x-%04x-%04x-%02x%02x-%08x%04x".
|
||||||
|
@ -92,11 +141,10 @@ namespace Ryujinx.HLE.HOS.Services.Account.Acc.AccountService
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
int idTokenCacheSize = 0;
|
byte[] tokenData = Encoding.ASCII.GetBytes(GenerateIdToken());
|
||||||
|
|
||||||
MemoryHelper.FillWithZeros(context.Memory, bufferPosition, (int)bufferSize);
|
context.Memory.Write(bufferPosition, tokenData);
|
||||||
|
context.ResponseData.Write(tokenData.Length);
|
||||||
context.ResponseData.Write(idTokenCacheSize);
|
|
||||||
|
|
||||||
return ResultCode.Success;
|
return ResultCode.Success;
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,6 +23,7 @@
|
||||||
<PackageReference Include="MsgPack.Cli" Version="1.0.1" />
|
<PackageReference Include="MsgPack.Cli" Version="1.0.1" />
|
||||||
<PackageReference Include="SixLabors.ImageSharp" Version="1.0.4" />
|
<PackageReference Include="SixLabors.ImageSharp" Version="1.0.4" />
|
||||||
<PackageReference Include="SixLabors.ImageSharp.Drawing" Version="1.0.0-beta11" />
|
<PackageReference Include="SixLabors.ImageSharp.Drawing" Version="1.0.0-beta11" />
|
||||||
|
<PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.15.0" />
|
||||||
</ItemGroup>
|
</ItemGroup>
|
||||||
|
|
||||||
<!-- Due to Concentus. -->
|
<!-- Due to Concentus. -->
|
||||||
|
|
Reference in a new issue