Understanding the RSA signature
I have noticed lots of confusion about this lately, so I wanted to post this to help clarify things for those who don't understand how the RSA signature works. With that being said, let's get started
-First off, there are two different keys used on the RSA signature: Public and Private. The public key is responsible for decrypting the RSA signature to check it, while the Private key is responsible for generating the RSA signature.
-In the Black Ops fastfile, the RSA signature starts at 0x3C and ends at 0x13B (giving it a total length of 256 bytes). Essentially, the RSA signature is a hash of the encrypted data contained inside the file. The signature is generated by Treyarch when they create the fastfile using their private key. If you change anything inside a fastfile at all, the RSA signature will not match the file and the game will abort loading the fastfile resulting in a blackscreen.
-So how does the game know that the RSA signature doesn't match the fastfile?
Well, the EBOOT.BIN (t5mp_ps3f.self for multiplayer) contains everything the game uses to load, and it includes a check on the RSA signature. So, in order to run a modded fastfile you need to modify the EBOOT.BIN to skip the RSA signature check. Lucky for you, I have already done this for everyone and you can download an EBOOT for your region with RSA signature checks removed .
-So, why can't I just use a modded fastfile online?
If you have a modified fastfile you need a modified EBOOT, and as many of you probably know a modified EBOOT.BIN cannot be used on any firmware above 3.55. This is because Sony has changed the keys they use for encrypting executables after the whole custom firmware incident.
-Someone found the Public Key, so why can't they find the Private Key too?
The public key has it's name for a reason. Since the game cannot load an encrypted file, it has to decrypt it before runtime so the key has to be stored somewhere. The public key is contained inside the EBOOT.BIN and gets loaded into the SPU when you launch the game, and from there it is used to decrypt all fastfiles. The private key, however, is not stored anywhere in the game files. It is only used by treyarch to generate RSA signatures for their game update fastfiles.
This should help to clarify things for some of you, but if you have any questions feel free to ask. I hope you all learned something by reading