@Harcroft I'm trying to create a DLC signer python script for XBMC4Gamers that will enable you to basically take an entire TDATA directory, FTP it to a new XBOX, and sign everything all in one shot (vs. having to run each DLC installer separately). I think this would be very helpful and save a lot of time when building a brand new XBOX hard drive on which you want to install ALL the DLC. XBMC4Gamers already includes a "DLC Download" option where you can download the DLC individually from the xbmc-emustation web site and it will sign them and install them, but I'm thinking towards the future when, perhaps, the xbmc-emustation web site may be offline. So, I'd like to have the script just take a bunch of local DLC in directories and sign them all in one batch process. Looking at the python script from XBMC4Gamers for signing the DLC, here is the method it uses: - Get XBOX HD Key (not HDD Unlock Password, but the actual XBOX hardware key) - Look for contentmeta.xbx - Then... (please excuse the fact that the variable is named contextmeta instead of contentmeta ) filesize = os.path.getsize(contextmetafile) readxbx = open(contextmetafile, 'r+b') filedata = readxbx.read(filesize) # Check the header fields. headersize = struct.unpack('I', filedata[24:28]) titleid = filedata[36:40] # Compute the HMAC key using the title id and HDD key. hmacKey = hmac.new(hddkey, titleid, hashlibsha1).digest()[0:20] # Compute the content signature. contentSignature = hmac.new(hmacKey, filedata[20:headersize], hashlibsha1).digest()[0:20] readxbx.seek(0,0) readxbx.write(contentSignature) So, it looks like it first hashes the hddkey with the title ID. Then hashes that result with the content header (bytes 20 through headersize). But this appears to not work (in my script, or even when I run the DLC downloader/Installer from XBMC4Gamers). I tried MX Superfly 5451001000000001, for example, and when the DLC was installed it was not recognized by the game. When I installed the DLC using your installer, the DLC was recognized by the game. Looking at the two generated contextmeta.xbx files side by side I can see that the signature is different (Yours: C3BE7E602DCD3E19E35054146FA90AE23D7582D9; Theirs: 7ADB4117578F143EA9FB0C312288597C69EF54CF) AND byte 0x20 is different (Yours: 01; Theirs: 00). A few questions (and kind of thinking out loud): 1) Does the above algorithm look correct (for DLC without special custom signing)? a) Is the 2nd (contentSignature) hash always needed? b) Is the 2nd hash done correctly? Should it be filedata[21:headersize]? or filedata[20:headersize-20]? or is it correct the way it is? 2) Is it only the contentmeta.xbx file that needs to be signed? Or do ALL the files contained in the DLC need to be signed in some way? 3) What is the purpose of byte 0x20? 4) Which DLCs do you know of that require custom signing (is MX Superfly one of them)? And can you help me with the algorithms for signing those (feel free to PM me)? I'd be happy to share the script I'm working on with you and see if we can get it working together. Just let me know! Thanks!