devine-dl/pywidevine

Support for Licenses with a 128-byte Session Key

Opened this issue · 6 comments

EatThisRock commented

I've noticed that on Chrome license's responses, the session key which is normally 256 bytes long to match the length of the device private key, now is 128 bytes. It seems to suggest it is decrypted with a less secure private key (very unlikely) or the device private key is used elsewhere and differently.

I am not sure if I am missing anything or I am misunderstanding, but has this been noted or researched? or maybe this is on web based CDM's only? Padding the session key is not an option that works.

rlaphoenix commented

Could you send a License Response in Base64 for me to take a look? What version of Chrome are you on, and is it beta or stable?

EatThisRock commented

Sure,
CAISlwUKKgoQ5T7fYkLzm1bqmuUFW8+J0hII0Tb66uxPiKogASgAOABAAEji/YqbBhIjCAEQABgBIOCoASgAMOCoATiA54QPQgBIAFAAWABgAHAAeAEaZhIQkNSaA9/ZTW0ixDbXXS4KDRpQnhB1DKh4OTOwDk1RtDnF8tDZn0W9NSVHjTTGxCMfyuy8NKwyTh8pShi8j7UeG8RpqU6sA4fcRKHkbHoQxQupDG5H1GTCamXgj8HqBSkH6eQgARpyChABAGi9OTZNmFqvXvmer5IIEhA6mDua7TqySSfuH1bniJ4aGiCbX17NMfYu+1lC4kSqRpSP0pjBh5MVBsukuC5EweTr9iACKAEyCAgAECoYACAAOggIABAqGAAgAEISChBrYzE2AABUYMFdu0SgAAAIGnIKEAEFSZk3aN8Jjaf+pWaIAFsSELkRjA8yMydGdSqIR5BsncAaIEUfam4c4UJA6WaDkr7ye4jn1nlR2xH1/7YrKkTtlrXGIAIoBDIICAEQKhgAIAA6CAgAECoYACAAQhIKEGtjMTYAAFRgwV27ROwAAgwacgoQAQIrdxRoWSsjWp3hiBDfchIQ+Vw+66vDCzVVEL185cES6RogxMzbDDIQvnNo74oyBDZnNi+VkSCTbruy3BC+Cx3KC6AgAigCMggIARAqGAAgADoICAAQKhgAIABCEgoQa2MxNgAAVGDBXbtE5AACDBpyChABAXWklYgUevx0rosVGv/iEhAemqJkjrxi7LavoG+P2gEqGiDgg4mYkcEJAOZmnLMD1PVOCLbyTWpFbUBKAW7X0ecnQyACKAEyCAgAECoYACAAOggIABAqGAAgAEISChBrYzE2AABUYMFdu0SgAAAIIOL9ipsGOOPclZsGUAUaIInhj78Ba8e0aqaoYIFonvurpC8NIxZWjGrWbb1CiQjfIoABjYozicuHHEwRDzgKgM72b1BApGJHDNhVK9OjOC0THuCW0K1VqZCct/Bp8UcsOs2JhAYFM46cuCDJapWv8P8oY/UlNLAmJ82J228svsjmYZc82VrnRUmCOb2oeW4UtcGPC3GF//VNxr+ANmp89gn4kBi+BfrGMdUiQnnpnPn9SH06CAoGMTcuMC4xQAFKqAIAAAACAAABKAAFABDBXbtEIRVJAgAAAFUAAAAQAAAAZwAAAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAABAAAAAAAAAAAAAAAAAAAAAAAAVGAAAAAAAAAAAAAAAAAB4TOAAAAABAAAAL0AAAAQAAAAzwAAABAAAADhAAAAEAAAAAAAAAAAAAABHQAAABAAAAExAAAAEAAAAUMAAAAQAAABVQAAABAAAAAAAAAAAAAAAZEAAAAQAAABpQAAABAAAAG3AAAAEAAAAckAAAAQAAAAAAAAAAAAAAIFAAAAEAAAAhkAAAAQAAACKwAAABAAAAI9AAAAEAAAAAAAAAAAAAABHQAAABB2v5CVIOZO45HO0nAf2EaAbxbRUuS5D4SZi4jWJjRKJ1gB

This is from the newest Chrome CDM version, pretty sure it was like that too on the previous version.

Chrome version: 107.0.5304.88 and CDM: 4.10.2557.0

rlaphoenix commented

Yeah I can confirm that is only 128 bytes somehow. All Chrome CDMs v4.10.2449.0 and older do 256 bytes like normal. I wonder if v4.10.2540.0 is like this as well, as that reportedly uses the same private key.

EatThisRock commented

I think I also had seen this on 4.10.2449.0, is probably a slight different key request/response approach on Chrome only, I've only noticed it on Licenses generated by Chrome. The license request for this license was not crafted by me or using your project. But is an interesting change nevertheless.

rlaphoenix commented

Hi @EatThisRock and @rlaphoenix , How do you know that response license is 128bit?

We aren't referring to the License, we are referring to the Session Key within the license.

I'm facing the same issue. In my Android device, CDM still works well, but in pywidevine, it always reports that: error parsing message .

This would be unrelated. You are likely not passing the correct value back to the CDM. Another user had this similar mistake see #25

I've already decode license from base64 (Like @EatThisRock's format, start with CAISlwUKKgoQ5T.... in Chrome for Windows, but it's different in Android) to binary then pass to CDM.

You don't need to Base64 decode it, Pywidevine does that for you.

EBSsss1 commented

{
"ec": 0,
"license": "U01XVgAAAzMAAABrAiQQEAILCg4NDwAJDAMHCAYBBGyElOBugllIM/kc1N1PDEEAAABAxdEiheOe/xemrHkTVRhmkO/3LQ29nEAQDhKEIeQULE/tMLJ1a6OdHst5ktk5MLY+orekgOUHtRBROK9i5N5TVbVRtcGfIdJ8UTQ3x4VsUuMeK4slCSIEBcF3HZPK3hnnR5dTnMxAcO4/7QiNWbYZYQjIXiiR1QC4+I9ckvn9qk81IImIegZ0JeyCP+PjOGgZSPiyyjsb71+4sAUxzvhifLXfqhRjlQu0TsQbZOpfqG+g41rN+ExQUjOKBEhHW45js3HHoWi5cLJShcnz51qbgY/KAWTfDIPKdbsOrrWnuGrosRjblCQpnI+B2PBPrS6tHIpufK2gNqAqudE+OZFm4dwh5n2ehp7JTALXE9gh4CrLvzonO918K47zsl7eft+0i7YmUgfka97v3KW0JLEkB9GoAj0Dz+UXm3JJbQp7OL0+toklZfgxifDoxPE3cL4YTTg1ipOZWQ4Z5n01Q0TT3+lQpocAyyRr4ABFP28fsT2k82cc2hE1fworz3gff8Komr1unFZ5JP/e1r03E7KQNcUcLzcC6kH75cSU6tx1OeSVgKceQXFNZ4ff+dheoNKes3o8rj0rTxomNPwNrEbDOsc1rrjAIqiS4l57TP3bUj35KrXr+dsgXUHZrtHHk7vMXx1vPX6jpByKI+LV0yT/w19Q0eLoJr6hsW8UMx8nXJ0OOxGlorNSB3hOks1SPVFDFGlQqYTtQDMkQe3zs4n3hfAbEoJHljULtz1Ck4IVvTgVBi8mSR+bqoNX7OKrmBheU9II5L0lYG0kaGWwlDyQ0qQ9GEJ8Lo9qiIM4LOK73xPcwJBCXD+2Nk25kzDezukRSn8K2cgbkmSYqqSQGTQmQfHKnjg4EuJ/HmmeBMbdzBkRYbjF0dlMsGZykskdRr3B34wN53nn9MnfO7CzvCLOJp9stPkeSvi5Qp4uNTdEDENTJ7tciCeUv9TNw8Edp4FXuYHN0a0VzqBy+GwxcD/DWhJeqPbERR8aYVLu912tZ9lWsCw+yUnWj9rzZgQxBwfH",
"clientInfo": {
"signature": "C7E1E476CBC1AB070EAE801654D3A064853F4AD3",
"appVersionCode": 276,
"appVersion": "3.3",
"packageId": "com.viettel.tv360",
"buildBoard": "exynos9825",
"buildHost": "21DK7A07",
"packageName": "TV360",
"sdkVersion": "31",
"deviceId": "4f13a24e46763182",
"deviceModel": "SM-N970F",
"packerVersion": "1.0.3",
"brand": "samsung",
"osVersion": "12",
"buildProduct": "d1xx",
"manufacture": "samsung",
"cpuInfo": "exynos9825",
"osBuild": "SP1A.210812.016.N970FXXS8HWD3",
"platform": "android",
"deviceName": "d1",
"fingerprint": "samsung/d1xx/d1:12/SP1A.210812.016/N970FXXS8HWD3:user/release-keys"
} is there any direction to parse the response and get the key

  • 😄1