Cdm: Save Service Certificate in SignedMessage form

We may need the signature for external verification, and most APIs require it to be in a SignedMessage to be accepted, even though the SignedMessage is pretty much empty (not even actually signed lol).
2025-11-04 03:44:50 +00:00 · 2022-07-31 13:17:49 +01:00 · 2022-07-31 13:17:49 +01:00 · 0c85abb2d4
commit 0c85abb2d4
parent a0fa559255
2 changed files with 7 additions and 3 deletions
--- a/pywidevine/cdm.py
+++ b/pywidevine/cdm.py
@ -150,6 +150,10 @@ class Cdm:
                signed_drm_certificate.ParseFromString(certificate)
                if signed_drm_certificate.SerializeToString() != certificate:
                    raise DecodeError()
+                # Craft a SignedMessage as it's stored as a SignedMessage
+                signed_message.Clear()
+                signed_message.msg = signed_drm_certificate.SerializeToString()
+                # we don't need to sign this message, this is normal
        except DecodeError:
            # could be a direct unsigned DrmCertificate, but reject those anyway
            raise DecodeError("Could not parse certificate as a SignedDrmCertificate")
@ -164,9 +168,9 @@ class Cdm:
        except (ValueError, TypeError):
            raise SignatureMismatch("Signature Mismatch on SignedDrmCertificate, rejecting certificate")
        else:
+            session.service_certificate = signed_message
            drm_certificate = DrmCertificate()
            drm_certificate.ParseFromString(signed_drm_certificate.drm_certificate)
-            session.service_certificate = drm_certificate
            return drm_certificate.provider_id

    def get_license_challenge(
--- a/pywidevine/session.py
+++ b/pywidevine/session.py
@ -3,12 +3,12 @@ from typing import Optional
 from Crypto.Random import get_random_bytes

 from pywidevine.key import Key
-from pywidevine.license_protocol_pb2 import DrmCertificate
+from pywidevine.license_protocol_pb2 import SignedMessage


 class Session:
    def __init__(self):
        self.id = get_random_bytes(16)
-        self.service_certificate: Optional[DrmCertificate] = None
+        self.service_certificate: Optional[SignedMessage] = None
        self.context: dict[bytes, tuple[bytes, bytes]] = {}
        self.keys: list[Key] = []