Hey folks,

This is a fantastic forum, I appreciate how much work people put in to help others.

I've successfully got my own CDM, all relevant scripts functioning, and can successfully get the keys for a variety of sites. There are however, some sites which seem to have a 2-step process before keys are returned, where a licence request bearing '0x04, 0x08' is sent to the LIC, which then returns a certificate. I modified l3.py in WKS-Keys, and I think that I have functionally been able to repeat the process, alas, doing this then causes me to get an 'RSA key not supported error' in return.

Here is my modified l3.py script:

HTML Code:
import base64, requests, sys, xmltodict
import headers
from pywidevine.L3.cdm import cdm, deviceconfig
from base64 import b64encode
from pywidevine.L3.getPSSH import get_pssh
from pywidevine.L3.decrypt.wvdecryptcustom import WvDecrypt

pssh = input('PSSH: ')
lic_url = input('License URL: ')

# Define the byte array
byte_array = bytearray([0x08, 0x04])

# Send the byte array as a payload (replace 'cert_url' with the actual URL)
cert_response = requests.post(lic_url, data=byte_array, headers=headers.headers)
cert_response.raise_for_status()  # Ensure the request was successful

# Base64 encode the response
cert_data_b64 = base64.b64encode(cert_response.content)
print(cert_data_b64)

def WV_Function(pssh, lic_url, cert_data_b64):
    wvdecrypt = WvDecrypt(init_data_b64=pssh, cert_data_b64=cert_data_b64, device=deviceconfig.device_android_generic)                   
    widevine_license = requests.post(url=lic_url, data=wvdecrypt.get_challenge(), headers=headers.headers)
    license_b64 = base64.b64encode(widevine_license.content).decode('utf-8')
    wvdecrypt.update_license(license_b64)
    Correct, keyswvdecrypt = wvdecrypt.start_process()
    if Correct:
        return Correct, keyswvdecrypt

# Usage
correct, keys = WV_Function(pssh, lic_url, cert_data_b64)

print()
for key in keys:
    print('--key ' + key)
The information I inferred was that if I sent the '0x04,0x08' as a byte array, encoded the response body in base64 and passed it on to WVDecrypt, that this would then function as normal.

Alas I get the RSA key issue.

Is there any tips anyone could help me with please? Anything I'm clearly doing wrong? Any guidance would be really appreciated.

Thank-you in advance!