Skip to content

How EME Widevine works

FoxRefire edited this page May 18, 2024 · 7 revisions

Diagram of overview

This diagram has been simplified to make it easier for the noobs to understand and contains a few errors and misrepresentations.

emeHowItWorks drawio

How CDM generate keys from license?

At step 3 of the diagram, CDM sends a challenge containing its own public key to the license server.

The license server returns a key encrypted with its public key as a license.

Therefore, CDM can generate keys with private keys that are obfuscated and hard-coded into itself.

What is License Wrapping?

In many cases, when sending and receiving the challenge and license in steps 3~4, the license server uses raw binary data for both its request/response.

However, some license servers often require and return the challenge/license in encoded form.

CommonWV

CommonWV response that uses RAW format

DRMToday

DRMToday response that uses JSON+base64 encoded format

Scheme files are used to define the format of these license server challenges/licenses.

See How to add custom license scheme yourself for more information.

How Big brothers revoke particular CDM, or some websites block emulator's CDM?

The challenge generated in step 3 includes a unique identifier and hardware information.

This can be confirmed by actually checking the challenge generated by Pywidevine.

emulatorChallenge

physicalChallenge

EME sends a challenge based on these information to the server, that allowing Big Brother to revoke a particular CDM or refuse to return a license based on hardware information.