Add live channels

[mediaminister]

[michaelarnauts]

@mediaminister i've tried this on windows, but it seems that the license server doesn't give a correct decryption key.

Is this still working for you, and on what OS?

2023-09-26 13:49:27.221 T:23688   debug <general>: AddOnLog: inputstream.adaptive: Initializing stream with KID: 9156127a9b2259149c1ac3b6b12fceca
2023-09-26 13:49:27.360 T:23688   debug <general>: AddOnLog: inputstream.adaptive: CDMMessage: 1 arrived!
2023-09-26 13:49:27.361 T:23688   debug <general>: AddOnLog: inputstream.adaptive: Opened widevine session ID: FA7484B7BBC81529CA71541C346CF0EC
2023-09-26 13:49:27.362 T:23688   debug <general>: CurlFile::XFILE::CCurlFile::Open - <https://wv-keyos.licensekeyserver.com/>
2023-09-26 13:49:27.362 T:23688   debug <general>: XCURL::DllLibCurlGlobal::easy_acquire - Created session to https://wv-keyos.licensekeyserver.com
2023-09-26 13:49:27.559 T:23688   error <general>: CCurlFile::CReadState::XFILE::CCurlFile::CReadState::FillBuffer - (0x1259c15b8b0) Failed: HTTP returned code 403
2023-09-26 13:49:27.559 T:23688   error <general>: CCurlFile::XFILE::CCurlFile::Open - <https://wv-keyos.licensekeyserver.com/> Failed with code 403:

2023-09-26 13:49:27.559 T:23688   error <general>: AddOnLog: inputstream.adaptive: License server returned failure
2023-09-26 13:49:27.559 T:23688   debug <general>: AddOnLog: inputstream.adaptive: WV_CencSingleSampleDecrypter::GetCapabilities: Keys empty
2023-09-26 13:49:27.559 T:23688   debug <general>: AddOnLog: inputstream.adaptive: Initializing stream with KID: 9156127a9b2259149c1ac3b6b12fceca
2023-09-26 13:49:27.601 T:23688   debug <general>: AddOnLog: inputstream.adaptive: CDMMessage: 1 arrived!
2023-09-26 13:49:27.601 T:23688   debug <general>: AddOnLog: inputstream.adaptive: Opened widevine session ID: 843D3B810E94C1891D2858003F25B075
2023-09-26 13:49:27.602 T:23688   debug <general>: CurlFile::XFILE::CCurlFile::Open - <https://wv-keyos.licensekeyserver.com/>
2023-09-26 13:49:27.642 T:23688   error <general>: CCurlFile::CReadState::XFILE::CCurlFile::CReadState::FillBuffer - (0x1259c15c170) Failed: HTTP returned code 403
2023-09-26 13:49:27.642 T:23688   error <general>: CCurlFile::XFILE::CCurlFile::Open - <https://wv-keyos.licensekeyserver.com/> Failed with code 403:

2023-09-26 13:49:27.642 T:23688   error <general>: AddOnLog: inputstream.adaptive: License server returned failure

Specific part with curl logging:

2023-09-26 13:52:30.647 T:11612   debug <general>: Curl::Debug - HEADER_IN: HTTP/2 403
2023-09-26 13:52:30.647 T:11612   debug <general>: Curl::Debug - HEADER_IN: date: Tue, 26 Sep 2023 11:52:31 GMT
2023-09-26 13:52:30.647 T:11612   debug <general>: Curl::Debug - HEADER_IN: content-type: application/json
2023-09-26 13:52:30.647 T:11612   debug <general>: Curl::Debug - HEADER_IN: server: nginx
2023-09-26 13:52:30.648 T:11612   debug <general>: Curl::Debug - HEADER_IN: access-control-allow-headers: Origin, X-Requested-With, Content-Type, Cache-Control, Pragma, Accept, SOAPAction, customdata, Authorization, X-KeyOS-Authorization
2023-09-26 13:52:30.648 T:11612   debug <general>: Curl::Debug - HEADER_IN: access-control-allow-methods: HEAD, POST, GET, OPTIONS
2023-09-26 13:52:30.648 T:11612   debug <general>: Curl::Debug - HEADER_IN: access-control-allow-origin: *
2023-09-26 13:52:30.648 T:11612   debug <general>: Curl::Debug - HEADER_IN: x-keyos-svc-version: 6.1.0
2023-09-26 13:52:30.648 T:11612   debug <general>: Curl::Debug - SSL_DATA_IN: ⸮
2023-09-26 13:52:30.648 T:11612   debug <general>: Curl::Debug - SSL_DATA_IN:
2023-09-26 13:52:30.648 T:11612   debug <general>: Curl::Debug - TEXT: Connection #0 to host wv-keyos.licensekeyserver.com left intact
2023-09-26 13:52:30.648 T:11612   error <general>: CCurlFile::XFILE::CCurlFile::Open - <https://wv-keyos.licensekeyserver.com/> Failed with code 403:
                                                   {"errorcode":371000005,"errormsg":"Verified media path cannot be verified","errorid":"e80df1bc-0f00-4b72-8ad0-7572b216f318"}

[michaelarnauts]

I've also noticed that the goplay website uses the X-Keyos-Authorization header to pass the base64 drmXml instead of the customdata header as it was before, but none of those work here.

[mediaminister]

I only tested this on Linux and it still works. I'll try on Windows.

[mediaminister]

Okay, I see. A verified media path (VMP) error. Nothing to do about it, so this won't work on Windows: https://github.com/xbmc/inputstream.adaptive/issues/919#issuecomment-1077469189

[peno64]

@mediaminister I tried this on Raspberry PI4 with libreelec kodi 20 and I have the same error as Michael:

2023-10-07 08:27:54.440 T:1069 info : VideoPlayer::OpenFile: plugin://plugin.video.viervijfzes/play/live/Play4?.pvr 2023-10-07 08:27:54.441 T:1765 info : Creating InputStream 2023-10-07 08:27:54.501 T:1765 info : AddOnLog: inputstream.adaptive: [Repr. chooser] Resolution set: 1920x1080, max allowed: 1920x1080, Adjust refresh rate: 0 2023-10-07 08:27:54.502 T:1765 error : GetDirectory - Error getting /usr/lib/kodi/addons/inputstream.adaptive/ 2023-10-07 08:27:54.897 T:1765 info : AddOnLog: inputstream.adaptive: Successfully parsed manifest file (Periods: 1, Streams in first period: 2, Type: live) 2023-10-07 08:27:56.403 T:1765 error : CCurlFile::CReadState::FillBuffer - (0xc2b01030) Failed: HTTP returned code 403 2023-10-07 08:27:56.403 T:1765 error : CCurlFile::Open - https://wv-keyos.licensekeyserver.com/ Failed with code 403:

2023-10-07 08:27:56.404 T:1765 error : AddOnLog: inputstream.adaptive: License server returned failure 2023-10-07 08:27:57.045 T:1765 error : CCurlFile::CReadState::FillBuffer - (0xc2b01030) Failed: HTTP returned code 403 2023-10-07 08:27:57.046 T:1765 error : CCurlFile::Open - https://wv-keyos.licensekeyserver.com/ Failed with code 403:

2023-10-07 08:27:57.046 T:1765 error : AddOnLog: inputstream.adaptive: License server returned failure 2023-10-07 08:27:57.047 T:1765 info : Creating Demuxer 2023-10-07 08:27:57.048 T:1765 info : Opening stream: 1001 source: 256 2023-10-07 08:27:57.242 T:1765 info : Creating video codec with codec id: 27 2023-10-07 08:27:57.242 T:1765 info : CDVDVideoCodecDRMPRIME::Open - using decoder V4L2 mem2mem H.264 decoder wrapper 2023-10-07 08:27:57.316 T:1765 info : Creating video thread 2023-10-07 08:27:57.316 T:1789 info : running thread: video_thread 2023-10-07 08:27:57.316 T:1765 info : Opening stream: 1002 source: 256 2023-10-07 08:27:57.337 T:1765 info : Finding audio codec for: 86018 2023-10-07 08:27:57.342 T:1765 info : CDVDAudioCodecFFmpeg::Open() Successful opened audio decoder aac 2023-10-07 08:27:57.342 T:1765 info : OpenStream: Allowing max Out-Of-Sync Value of 10 ms 2023-10-07 08:27:57.342 T:1765 info : Creating audio thread 2023-10-07 08:27:57.342 T:1791 info : running thread: CVideoPlayerAudio::Process() 2023-10-07 08:27:57.385 T:1765 error : AddOnLog: inputstream.adaptive: Decrypt Sample returns failure!

This is also Linux...

[peno64]

I also found this: https://github.com/xbmc/inputstream.adaptive/issues/593 But this is from 2021 and @michaelarnauts was involved with it but since GoPlay and VTM Go are working now (except for this live stream) it must have been fixed so I wonder if the problem is more that not all needed data is provided...

[mediaminister]

No, it's not fixed. There are several levels of DRM. Some content, like livestreams or Hollywood series in 1080p quality have a more strict level of DRM: https://github.com/add-ons/plugin.video.viervijfzes/issues/69

It can't be fixed using InputStream Adaptive that uses a Widevine DRM binary with Verified Media Path enabled. Only the Widevine DRM binary on Linux x86/x64 works because Verified Media Path isn't enabled.

On Windows and RPi maybe Verified Media Path isn't enabled when you choose a lower video resolution (non-HD, like 540p)

[peno64]

Unfortunately it also doesn't work with a lower quality. I changed the setting in inputstream.adaptive to ask quality and even 640x360, 25ffs, 157 Kbps, the lowest quality does not work.

[JeroenED]

Hi, What is current status of this Merge Request? Is it rejected because of the windows issue? Or is the windows issue being solved with next kodi release? Or just waiting for something else?

[mediaminister]

It's impossible to solve the Verified Media Path DRM-issue as long as Kodi uses the Widevine Content Decryption Module that Google ships with web browsers. So, livestreams will not work on Windows, Apple and ARM-devices like Raspberry Pi.

I guess Kodi with InputStream Adaptive cannot provide a solution for this DRM-issue: https://github.com/xbmc/inputstream.adaptive/wiki/Verified-Media-Path-%28VMP%29

This add-on is also not actively maintained anymore.

This PR can work on Linux x64 and Android but I guess a new maintainer needs to test, merge and release this.

[JeroenED]

OK. That is clear. Real pity.

The only thing i personally don't understand (technically), what is the deal with the digital code signing? Why is this not possible? Is it a thing on resources? Licence thing? Or on the open source characteristics that requires a private key to be deployed in the public? And if I personally have the resources myself can I get my own device certified for official widivine DRM?

I know it a completely different discussion. it's just not clear to me.

[mediaminister]

For Verified Media Path (VMP) to work you need to sign your software binary (Kodi) with a keypair from Google Widevine. So you need to have a license agreement with Google Widevine.

There is a similar issue with TV Vlaanderen add-on: https://github.com/add-ons/plugin.video.tvvlaanderen/issues/63

[michaelarnauts]

For Verified Media Path (VMP) to work you need to sign your software binary (Kodi) with a keypair from Google Widevine. So you need to have a license agreement with Google Widevine.

There is a similar issue with TV Vlaanderen add-on: add-ons/plugin.video.tvvlaanderen#63

There is another way that could work, but it's also getting in a grayer area legal-wise.

• Dump your own CDM from an Android Device (Do a Google search for "Dumping Your own L3 CDM with Android Studio")
• Use your own CDM with https://github.com/devine-dl/pywidevine and negotiate with the license server ourselves. We can obtain the decryption key since from the standpoint of the License Server, we are an Android device.
• Pass the decryption key to InputStream Adaptive (I think this needs support for clearkey, see https://github.com/xbmc/inputstream.adaptive/issues/811)

I have tested the first two steps and this seems to work. It doesn't complain about VMP here (I think since that's something specific for browsers, and using an Android CDM doesn't have that restriuction). I'm able to pass the decryption key to ffmpeg, remux and play it in VLC.

However... I'm not interested in developing this... As said, It's a gray area, and I'm not using Kodi and my addons anymore.

[JeroenED]

That sound more like a black area. If you take up ADB for getting a key (Didn't do that google search thing though) you should be knowing that you do stuff you are not allowed that. Even tough it's your device and the kodi box is your device as well the key is the device's one. For myself I'm actually looking into the whitest area possible (hence the question on getting my kodi box certified) so it's far from an option to me.

I really appreciate the answer. And it's a pity you quit kodi altough recent developments make me think to do the same. Maybe you can still release this PR as a new version and give all users a notice that you quit your addons and encourage them to create a fork? I think you can label the live channels with beta or alpha so people actually know they use something that may or may not work?