Invalid Hash?

[BigOnYa]

So I have a question of why NSZ files show invalid hash in NXviewer, and why I also have issues installing them correctly with awoo. I can convert these NSZ to NSP, using SAK and then they show valid hash in NXviewer and install with no problems using awoo, after converting them. I don't mind having to do this, I was just wondering if I'm missing something. Thanks for any info!

 

[grimson]

Well, bumping this question because I was wandering the same thing. What does it mean when the signature is valid but the hash isn't. I think DBI regards Signature Invalid, Hash Valid a converted XCI to NSP when installing but trying to determine the status of Signature Valid, Hash Invalid like the screenshots.

 

[impeeza]

Well, bumping this question because I was wandering the same thing. What does it mean when the signature is valid but the hash isn't. I think DBI regards Signature Invalid, Hash Valid a converted XCI to NSP when installing but trying to determine the status of Signature Valid, Hash Invalid like the screenshots.

Signature is the certificate which validate the executable file hash is the checksum for the whole package

So you can have a valid certificate for the executable inside a moded package so is the package was modded the hash will be invalid

A good installer takes care of the package modification and ignores hashes

 

[grimson]

Signature is the certificate which validate the executable file hash is the checksum for the whole package

So you can have a valid certificate for the executable inside a moded package so is the package was modded the hash will be invalid

A good installer takes care of the package modification and ignores hashes

Thanks! .. I settled on DBI and occasionally I see invalid signatures passing by mostly the likes a 'SIGNATURE: XCI➡NSP' so there's a comfort knowing it was a converted XCI to NSP.
Just like to weed out my collection to dedup and keep the 'best' dump possible.

 

[RedColoredStars]

As stated, it usually means it was converted from xci to nsp but there's a chance it could have also been tampered with in other ways. Personally just use nsps that pass both checks. Plenty of places have good/clean nsps that pass both. I always say why risk it when I can easily get a file that passes both.

 

[Nynrah]

For base games I can see this happening when files get converted. For update files whenever I saw this valid - invalid combination it usually turned out I failed to see that the file was actually crompressed: an NSZ file instead of an NSP file.

What I don't completely get yet is why many DLC files got invalid signatures, though. Many DLC NSP files out there don't pass the signature check. The hash checks are fine, but many DLC files got wrong signatures. What's up with that?

 

[thesjaakspoiler]

As far as I know, the signature comes along with the game files and indicates who is the rightful owner.
If you would download something form the eShop, then a signature/certificate is added with which Nintendo can check that you are the owner of this particular file.
Each cart also its own certificate so when Nintendo sees 700 people playing with the same game cart certificate, they can conclude there are pirates out there.
CFW does not care about signatures, so people dumping the games black out the signatures to prevent Nintendo Ninjas from finding out where their house lives.
I think that is why you will see a lot of invalid signatures.

The hash is just a check for the individual files in the nsp.
Those must be valid else you have data corruption in the game files.

 

[Nynrah]

As far as I know, the signature comes along with the game files and indicates who is the rightful owner.
If you would download something form the eShop, then a signature/certificate is added with which Nintendo can check that you are the owner of this particular file.
Each cart also its own certificate so when Nintendo sees 700 people playing with the same game cart certificate, they can conclude there are pirates out there.
CFW does not care about signatures, so people dumping the games black out the signatures to prevent Nintendo Ninjas from finding out where their house lives.
I think that is why you will see a lot of invalid signatures.

The hash is just a check for the individual files in the nsp.
Those must be valid else you have data corruption in the game files.

Just wondering, but is it true that the has validity is conclued based on the info inside the signature? If so, would that not mean an invalid signature and valid hash can be a false positive?

 

[Earthshine]

What I don't completely get yet is why many DLC files got invalid signatures, though. Many DLC NSP files out there don't pass the signature check. The hash checks are fine, but many DLC files got wrong signatures. What's up with that?

That's because some scene groups modify them to include shit like their group name.

 

[Nynrah]

That's because some scene groups modify them to include shit like their group name.

View attachment 517598

Personally I have zero respect when uploaders and scene groups pull this kind of shit. They're literally crapping on the file's trustworthyness by putting their name in there. As if there's any point in doing so, or anyone caring about it.

In the picture you showed it's easy to see the group name, but I also looked at some of my NSP files that are flagged as modified (invalid signature, valid hash) where I don't see an obvious change like an inserted group name.

But back to the original point, can a combination of invalid signature & valid hash ever mean the actual game/update/dlc itself can be tampered with? I have read somewhere that a faulty signature could contain modified hashes against which the content gets checked. That's what I am currently concerned about as I'm learning more about how to curate my game library.

 

[jayofmaya]

Personally I have zero respect when uploaders and scene groups pull this kind of shit. They're literally crapping on the file's trustworthyness by putting their name in there. As if there's any point in doing so, or anyone caring about it.

In the picture you showed it's easy to see the group name, but I also looked at some of my NSP files that are flagged as modified (invalid signature, valid hash) where I don't see an obvious change like an inserted group name.

But back to the original point, can a combination of invalid signature & valid hash ever mean the actual game/update/dlc itself can be tampered with? I have read somewhere that a faulty signature could contain modified hashes against which the content gets checked. That's what I am currently concerned about as I'm learning more about how to curate my game library.

Did you ever find out an answer to your question at the foot of the post? Reading though the replies on this post, I thought it looked as if failed sig checks aren't a thing to worried about (I've actually been deleting anything that came up as "Modded" or "Corrupted" on NxFileViewer before now), but you say it's possible that modified hashes can come up clean through modified sig checks?

 

[hippy dave]

Protip: if you read "invalid" the wrong way (stress on first syllable instead of second), then "invalid hash" sounds like medical marijuana.

 

[mathew77]

Protip: if you read "invalid" the wrong way (stress on first syllable instead of second), then "invalid hash" sounds like medical marijuana.

Like your way of thinking very much.