Using Android-captured Widevine license with pywidevine on PC

[rgysoft]

HI
I have a .wvd device file. My pywidevine script can't get a license from the server, but I can capture it via Android browser (same .wvd). The license comes as a base64 string in JSON format.

Can I use this Android-captured license with my .wvd file on PC to extract decryption keys? If yes, what's the proper way to parse it?

What I get from Android: {"license":"MDAwMDAw..."} (base64 string)
What I have: Same .wvd file, correct PSSH
Issue: parse_license() fails with InvalidLicenseMessage
Merci

[larley]

Yes you can, I've hit this problem as well when trying to get around VdoCipher (which is probably what you're trying to do as well). First, make sure that your device doesn't support L1 if the device you dumped is L3 (which it likely is). When I tried this and dumped a WVD I wasn't aware that Chrome on Android and Zen Player were actually using L1 (Firefox doesn't support it, see: https://bugzilla.mozilla.org/show_bug.cgi?id=1988424).

When trying to parse the license, move the last 6 base64 chars to the front of the string (at least on the web player) to make it parsable. If you did everything correctly the script below should be able to recover the keys:

Code:

import base64

from Crypto.Cipher import PKCS1_OAEP
from Crypto.Hash import HMAC, SHA256
from pywidevine import Cdm, Device, Key
from pywidevine.exceptions import SignatureMismatch
from pywidevine.license_protocol_pb2 import SignedMessage, License

if __name__ == '__main__':
    device = Device.load("device.wvd")
    decrypter = PKCS1_OAEP.new(device.private_key)

    challenge_bytes = base64.b64decode("CAES...")

    challenge_signed_message = SignedMessage()
    challenge_signed_message.ParseFromString(challenge_bytes)

    licence_bytes = base64.b64decode("CAIS...")

    licence_signed_message = SignedMessage()
    licence_signed_message.ParseFromString(licence_bytes)

    context = Cdm.derive_context(challenge_signed_message.msg)
    enc_key, mac_key_server, _ = Cdm.derive_keys(
        *context,
        key=decrypter.decrypt(licence_signed_message.session_key)
    )

    computed_signature = HMAC. \
        new(mac_key_server, digestmod=SHA256). \
        update(licence_signed_message.oemcrypto_core_message or b""). \
        update(licence_signed_message.msg). \
        digest()

    # If this doesn't work you didn't use the same device as your phone
    if licence_signed_message.signature != computed_signature:
        raise SignatureMismatch("Signature Mismatch on License Message, rejecting license")

    licence = License()
    licence.ParseFromString(licence_signed_message.msg)

    keys = [
        Key.from_key_container(key, enc_key)
        for key in licence.key
    ]

    for key in keys:
        print(f"[{key.type}] {key.kid.hex}:{key.key.hex()}")

[rgysoft]

Thank you for your help. I did everything as you said, but I’m getting this error:

key = decrypter.decrypt(licence_signed_message.session_k ey)
File "C:\Users\Administrator\AppData\Local\Programs\Pyt hon\Python39\lib\site-packages\Crypto\Cipher\PKCS1_OAEP.py", line 191, in decrypt
raise ValueError("Incorrect decryption.")
(https://license.vdocipher.com/auth)

[larley]

This proves that the challenge was not generated by your widevine device

[rgysoft]

"No, it’s the same; I extracted the WVD myself Does it change if the phone is flashed with another firmware?! Anyway, thank you so much for your help!"

[solheh]

...First, make sure that your device doesn't support L1 if the device you dumped is L3 (which it likely is)....

But even if you had a device that was only L3, you still wouldn't be able to play VdoCipher, since it only lets you use L1, right?

[larley]

I think they maybe do for some limited amount of L3 devices, but every L3 I've tried doesn't work