Decryption fails with keys

Hi,

Today i've been reading through many threads on here and was able to get far in acquiring a video I'd like to save.

This is the video: https://jfc.org.il/en/movie/46728-2/

I got the mpd file and the PSSH inside:
https://d1v1gqjht5uu1.cloudfront.net/media/uSzsLV8Q7jwF5/63703adb/stream.mpd
PSSH:
AAAAUnBzc2gAAAAA7e+LqXnWSs6jyCfc1R0h7QAAADIiKnZkb2 NpcGhlcjpmOGU5YzE1NjI4NmQ0Y2NhYmIyZWQ1ZmVjZjliNWE4 ZEjj3JWbBg==

Searching the network tab for 'license' related requests if found this:
https://license.vdocipher.com/auth/wv/:authToken

To get that authToken i searched the Network tab again and found 2 tokens (maybe 1 for video file and 1 for audio?). I picked the first one, it looked like this:
eyJvdHAiOiIyMDE2MDMxM3ZlcnNBU0UzMjNoVlFacnh0MHBJNj QzclphMTRqTTBmMDdJWGhnenp0c1BDd0xUNWY1bFgyZUYzIiwi cGxheWJhY2tJbmZvIjoiZXlKMmFXUmxiMGxrSWpvaU5qSTVNRE JoTlRjMFpXVmlORGt6WlRreFlXWTFNMlE0TVRVeU56bGlOVEVp ZlE9PSIsImhyZWYiOiJodHRwczovL2pmYy5vcmcuaWwvZW4vbW 92aWUvNDY3MjgtMi8iLCJ0ZWNoIjoid3YiLCJsaWNlbnNlUmVx dWVzdCI6IkNBUT0ifQ==

I checked that it was good by doing a base64 decode on it:
{"otp":"20160313versASE323hVQZrxt0pI643rZa14jM0f07 IXhgzztsPCwLT5f5lX2eF3","playbackInfo":"eyJ2aWRlb0 lkIjoiNjI5MDBhNTc0ZWViNDkzZTkxYWY1M2Q4MTUyNzliNTEi fQ==","href":"https://jfc.org.il/en/movie/46728-2/","tech":"wv","licenseRequest":"CAQ="}

So the license url should be:
https://license.vdocipher.com/auth/wv/:eyJvdHAiOiIyMDE2MDMxM3ZlcnNBU0UzMjNoVlFacnh0MHB...I6IkNBUT0ifQ==

So then i went to cdrm-project, and put in the PSSH.

And its at this point possibly I messed something up. Earlier, before I got this license url, i tried a different one: https://cwip-shaka-proxy.appspot.com/no_auth, and to my surprise, it returned keys:
4a5f13127ca255f38a1395938d608d3f:84c1008ffbdcf33de 77e352b75dbae6c
50abc93015eb5c8f850e32146d8bf2bd:5a18a235257030aa3 57b2e9c5b80da10
0827b41963015424a9433e1f9e40e794:15695a715d6eb5896 c243d4b86c59b4b
b9c7961ac2f7570a822796dc55963da8:295571c033054bc83 7e0e37e27b97137
0da15c75e0155a73b47121fa2179226c:40cfa2ecfaca26ecd 1039847c74e8245

Reason why i think i made a mistake, is because i didn't find that license url from any of the files in the Networks tab, I got it from some other thread i was reading. So now when go back to cdrm-project with the newer license url, it works, but it just says "cached PSSH" and gives the same keys from the previous license url. I suppose it's possible that both of those license urls are active, and give the same keys? Side note: I also tried getting keys with the l3.py script from the WKS-KEYS project, but it always gave me the error: unable to parse license - check protobufs

Anyways, next I downloaded the encrypted audio and video file:
yt-dlp.exe --allow-unplayable-formats -o vid_encrypted.mp4 https://d1v1gqjht5uu1.cloudfront.net/media/uSzsLV8Q7jwF5/63703adb/stream.mpd

This got both the audio and video file:
vid_encrypted.f4.mp4
vid_encrypted.f0.m4a

Next i tried to decode with the keys:
mp4decrypt --key 4a5f13127ca255f38a1395938d608d3f:84c1008ffbdcf33de 77e352b75dbae6c --key 50abc93015eb5c8f850e32146d8bf2bd:5a18a235257030aa3 57b2e9c5b80da10 --key 0827b41963015424a9433e1f9e40e794:15695a715d6eb5896 c243d4b86c59b4b --key b9c7961ac2f7570a822796dc55963da8:295571c033054bc83 7e0e37e27b97137 --key 0da15c75e0155a73b47121fa2179226c:40cfa2ecfaca26ecd 1039847c74e8245 vid_encrypted.f4.mp4 vid_decrypted.f4.mp4

And did the same for the audio file.

But it didn't work, when playing the video (with VLC) the entire screen was just a bright color gradient with garbled and distorted pixels at the top.

I decrypted the audio file too, but when playing it back there was no sound.

Although I was certain it wouldn't work, i tried combining them, but no difference:
ffmpeg -i vid_decrypted.f4.mp4 -i vid_decrypted.f0.m4a -vcodec copy -acodec copy vid_final.mp4

Wondering if i missed a step or am missing some concept about this whole process. Any help would be much appreciated, thank you in advance.

correct key must four

Code:

--key 50abc93015eb5c8f850e32146d8bf2bd:5ead58b9464e49caf69aab7eb159b40d

--key 0827b41963015424a9433e1f9e40e794:d40d8fcc5f6a49f66360fd45d1c4cb28

--key b9c7961ac2f7570a822796dc55963da8:d69cba9effce90b612e57e02174d746b

--key 0da15c75e0155a73b47121fa2179226c:c01f512728b8343000e72883afb7f623

Originally Posted by shellcmd

correct key must four

Code:

--key 50abc93015eb5c8f850e32146d8bf2bd:5ead58b9464e49caf69aab7eb159b40d

--key 0827b41963015424a9433e1f9e40e794:d40d8fcc5f6a49f66360fd45d1c4cb28

--key b9c7961ac2f7570a822796dc55963da8:d69cba9effce90b612e57e02174d746b

--key 0da15c75e0155a73b47121fa2179226c:c01f512728b8343000e72883afb7f623

same keys as OP at the first post ... and it looks like they're not good. have you tried ?

Originally Posted by lomero

Originally Posted by shellcmd

correct key must four

Code:

--key 50abc93015eb5c8f850e32146d8bf2bd:5ead58b9464e49caf69aab7eb159b40d

--key 0827b41963015424a9433e1f9e40e794:d40d8fcc5f6a49f66360fd45d1c4cb28

--key b9c7961ac2f7570a822796dc55963da8:d69cba9effce90b612e57e02174d746b

--key 0da15c75e0155a73b47121fa2179226c:c01f512728b8343000e72883afb7f623

same keys as OP at the first post ... and it looks like they're not good. have you tried ?

Take a better look, those are not the same keys, only KIDs are the same (obviously).

cache keys:

Code:

4a5f13127ca255f38a1395938d608d3f:84c1008ffbdcf33de77e352b75dbae6c
50abc93015eb5c8f850e32146d8bf2bd:5a18a235257030aa357b2e9c5b80da10
0827b41963015424a9433e1f9e40e794:15695a715d6eb5896c243d4b86c59b4b
b9c7961ac2f7570a822796dc55963da8:295571c033054bc837e0e37e27b97137
0da15c75e0155a73b47121fa2179226c:40cfa2ecfaca26ecd1039847c74e8245

my keys:

Code:

--key 50abc93015eb5c8f850e32146d8bf2bd:5ead58b9464e49caf69aab7eb159b40d
--key 0827b41963015424a9433e1f9e40e794:d40d8fcc5f6a49f66360fd45d1c4cb28
--key b9c7961ac2f7570a822796dc55963da8:d69cba9effce90b612e57e02174d746b
--key 0da15c75e0155a73b47121fa2179226c:c01f512728b8343000e72883afb7f623

useful keys:

Code:

--key 0da15c75e0155a73b47121fa2179226c:[[c01f512728b8343000e72883afb7f623]]
--key 0827b41963015424a9433e1f9e40e794:[[d40d8fcc5f6a49f66360fd45d1c4cb28]]

same kid, diffrent key.

Code:

N_m3u8DL-RE "https://d1v1gqjht5uu1.cloudfront.net/media/uSzsLV8Q7jwF5/63703adb/stream.mpd" --key 50abc93015eb5c8f850e32146d8bf2bd:5ead58b9464e49caf69aab7eb159b40d --key 0827b41963015424a9433e1f9e40e794:d40d8fcc5f6a49f66360fd45d1c4cb28 --key b9c7961ac2f7570a822796dc55963da8:d69cba9effce90b612e57e02174d746b --key 0da15c75e0155a73b47121fa2179226c:c01f512728b8343000e72883afb7f623 --thread-count 64 -mt --save-name vdo -M format=mp4

[Attachment 76333 - Click to enlarge]

oh right, sorry. my bad post!

thank you 2nHxWW6GkN1l916N3ayz8HQoi and shellcmd, with those new 4 --keys I was able successfully decrypt. I see that I was missing the cdm step, and I see a guide for that is in the tutorial, I will go through that.

Originally Posted by 2nHxWW6GkN1l916N3ayz8HQoi

Custom python script needed since it deals with base64 payload.

Code:

import base64
import json

import requests
from pywidevine.cdm import Cdm
from pywidevine.device import Device
from pywidevine.pssh import PSSH


def bytes_to_base64(input_bytes):
    return base64.b64encode(input_bytes).decode('utf-8')


def dict_to_base64(input_dict):
    return base64.b64encode(json.dumps(input_dict).encode('utf-8')).decode('utf-8')


def base64_to_dict(input_base64):
    return json.loads(base64.b64decode(input_base64).decode('utf-8'))


LICENSE_URL = "https://license.vdocipher.com/auth"
PSSH_VALUE = "Iip2ZG9jaXBoZXI6ZjhlOWMxNTYyODZkNGNjYWJiMmVkNWZlY2Y5YjVhOGRI49yVmwY="
WVD_FILE = "./cdm/device_wvd_file.wvd"
LICENSE_HEADERS = {
    'content-type': 'application/json'
}

DICT_PAYLOAD = {
    "token": "<INSERT_TOKEN_VALUE_REQUEST_PAYLOAD_OF_SECOND_LICENSE_POST>"
}

pssh = PSSH(PSSH_VALUE)
device = Device.load(WVD_FILE)
cdm = Cdm.from_device(device)
session_id = cdm.open()
challenge = cdm.get_license_challenge(session_id, pssh)

custom_payload = base64_to_dict(DICT_PAYLOAD["token"])
custom_payload["licenseRequest"] = bytes_to_base64(challenge)
DICT_PAYLOAD["token"] = dict_to_base64(custom_payload)

licence = requests.post(LICENSE_URL, data=json.dumps(DICT_PAYLOAD), headers=LICENSE_HEADERS)
licence.raise_for_status()
cdm.parse_license(session_id, licence.content)

for key in cdm.get_keys(session_id):
    print(f"[{key.type}] {key.kid.hex}:{key.key.hex()}")
cdm.close(session_id)

I can't give you the keys since it gives me either

Code:

b'{"code":2042,"message":"This device is not supported. Please try on another device."}'

or

Code:

b'{"code":2042,"message":"Android system updates or update Chrome browser to play this video"}'

since my CDMs are emulated but for someone with a proper cdm it should work.

Edit: Seeing as this script has been mentioned a few times, I feel it is necessary to mention this. I never got any keys from vdocipher using this script (or any other one) because I don't have a good CDM. I just coded a possible solution by looking at what kind of errors they returned. Beware, vdocipher is very severe when it comes to license requests, and if you "burn" your legit CDM using this script, you're responsible for it.

Hi,

Why do you ask for the token of the SECOND request? It seems that previous posts on the forum implied that it is the first token that is needed.
I couldn't get this to work though, still trying to figure out why existing scripts stopped working .

I wonder if scripts have to do two auth requests, similar to what browsers do instead of one?

Thanks!