-
Notifications
You must be signed in to change notification settings - Fork 0
Authentication
Before connecting to Hatena the DSi sends a POST request to https://nas.nintendowifi.net/ac. This request body contains a urlencoded form. The NAS server is Nintendo WiFi Connection's Authentication Server; designed to normally connect for tokens to use the servers.
| header | content | Usage |
|---|---|---|
User-Agent |
Nintendo WiFi SDK/5.1 |
Nintendo WFC User-agent |
HTTP_X_GAMECD |
KGUV |
ID4 of game |
The form values are encoded in base64, with = replaced by * characters:
| key | value |
|---|---|
action |
login |
gsbrcd |
Always blank |
sdkver |
005001 (v 5.1) |
userid |
User-specific ID |
passwd |
User-specific authentication password |
bssid |
User's network SSID |
apinfo |
Access point slot index |
gamecd |
KGUV (game ID4 code) |
makercd |
01 (Publisher; 01 is Nintendo) |
unitcd |
0 |
macadr |
Console MAC address, lowercase HEX |
lang |
01 (English) |
birth |
User birthday, format: MMDD
|
devtime |
Console time, format: YYMMDDhhmmss
|
devname |
Username, UTF-16LE |
NAS responds with a plaintext urlencoded form. Again, the values are encoded in base64, with = replaced by * characters:
| key | value |
|---|---|
challenge |
challenge string |
locator |
gamespy.com |
retry |
0 |
returncd |
001 (see notes) |
token |
format: NDS/0/{challenge string}/no-gsbrcd/{user IP address}|{tokendata}/{tokendata}
|
datetime |
server time (seems to be GMT), format: YYYYMMDDhhmmss
|
There is a second POST to https://nas.nintendowifi.net/pr; this is Nintendo's NameCheck function.
| header | content |
|---|---|
User-Agent |
Nintendo WiFi SDK/5.1 |
HTTP_X_GAMECD |
KGUV |
The request body is a urlencoded form in the same format as before. It contains all of the same values as the request to /ac except from action and gsbrcd, in addition to:
| key | value |
|---|---|
wregion |
Seen as A
|
wenc |
Encoding UTF-16LE
|
wtype |
Always blank |
words |
String to be checked (username, in this case) |
NAS responds with a plaintext urlencoded form in the same format as before:
| key | value |
|---|---|
prwords |
1 if profanity, 0 if not |
returncd |
000 (similar use to a status code, see notes) |
datetime |
server time (GMT), format: YYYYMMDDhhmmss
|
The DSi now sends a GET request to Hatena auth. The URL varies by region:
| region | URL |
|---|---|
| Japan | https://ugomemo.hatena.ne.jp/ds/v2-jp/auth |
| America | https://flipnote.hatena.com/ds/v2-us/auth |
| Europe | https://flipnote.hatena.com/ds/v2-eu/auth |
No headers aside from Host are sent with the first request.
The sever assigns the console with a unique session ID, which will persist until they disconnect. An auth challenge is also sent to the console to verify that it is a genuine system.
| header | content |
|---|---|
X-DSi-Auth-Challenge |
8 character string, (only ascii characters?) |
X-DSi-SID |
Unique session ID generated by the server - this one is set and used (the POST response's is ignored by the app) |
X-DSi-New-Notices |
1 will make the "NEW" mail icon flash on index.ugo
|
X-DSi-Unread-Notices |
1 will make the "NEW" mail icon flash on index.ugo
|
The clients now sends a POST request with to the same location. The body of this request contains the user's "Flipnote Friends", which are users that have transferred Flipnotes to each other over local wireless. The form is comprised of entries in the following format: friend_dsi_id={fsid}, with each entry containing an individual friend's FSID. If the user has no friends, the body is empty.
| header | content |
|---|---|
X-DSi-MAC |
Console MAC address as uppercase HEX |
X-DSi-ID |
User's Flipnote Studio ID (uppercase HEX) |
X-DSi-Auth-Response |
8-byte lowercase HEX string, based on auth challenge value |
X-DSi-SID |
Session ID issued by the server (GET response) |
X-Ugomemo-Version |
Flipnote Studio version (0, 1, or 2) |
X-DSi-User-Name |
Username, see below |
X-DSi-Region |
Console region ID (see notes) |
X-DSi-Lang |
2-letter language code (lowercase) |
X-DSi-Country |
2-letter country code (uppercase) |
X-Birthday |
User's birthday, format is YYYYMMDD
|
X-DSi-DateTime |
Console date and time, format is YYYY-MM-DD_hh:mm:ss
|
X-DSi-Color |
User's favorite color, lowercase HEX string, rgb555 format |
Usernames are UTF-16LE encoded with null right padding up to the 10 character limit (20 bytes), then encoded with normal base64 (= padding).
| header | content |
|---|---|
X-DSi-SID |
Session ID issued by the server (ignored by the app) |
X-DSi-New-Notices |
0 or 1, 1 will make the "NEW" mail icon flash on index.ugo
|
X-DSi-Unread-Notices |
0 or 1, 1 will make the "NEW" mail icon flash on index.ugo
|
An error message can be issued with this response, by setting the X-DSi-Dialog-Type header to 1, and sending a utf-16le encoded message in the response body.
After this, all resources are fetched over HTTP using the X-DSi-SID header to identify the user.
If HTTP status code !=200, then the system returns error "23XXX" on NAS login.
returncd codes are similar to HTTP status codes (if >=100 then return error 2XXXX).
| value | use |
|---|---|
000 to 099
|
OK |
100 to 1999
|
Return Error code |
2000 and up |
Push back to DSi Menu |
returncd 102 is 20102, known as ban (in other games using Nintendo WFC, they used this format to inform of ban aswell)
| number | region |
|---|---|
0 |
Japan |
1 |
America |
2 |
Europe |
This Documentation was useful for understanding how NAS works. More documentation for Nintendo WFC itself can be found here.