Resolved Widevine L3 without any flash


Status
Not open for further replies.
Same problem on Mi 9t Davinci. Widevine has gone from L1 to L3 for no reason.

Thanks to the developers for trying to analyze and help us.
 
A small task for all participants, those who had L1 and it turned to L3 suddenly:
1) Install "DRM Info" from Play Store (if you haven't done that already).
2) Connect the phone to the PC and have ADB tools ready.
3) Enter the command:
Code:
adb logcat -c
4) Enter the command:
Code:
adb logcat -s DrmUtils,DrmLibTime,OPS_SERVICE,QC-time-services,QCOM-OEMCrypto,QSEECOMAPI,WVCdm > drm.txt
5) Launch DRM Info, and once it's fully loaded, Ctrl+C to stop logging.

Post the drm.txt log here with your device model and ROM version. (the log does not contain any sensitive information)
Example: Redmi Note 8 (21.4.22)
 
  • Like
Reactions: yaaghlaelnas
A small task for all participants, those who had L1 and it turned to L3 suddenly:
1) Install "DRM Info" from Play Store (if you haven't done that already).
2) Connect the phone to the PC and have ADB tools ready.
3) Enter the command:
Code:
adb logcat -c
4) Enter the command:
Code:
adb logcat -s DrmUtils,DrmLibTime,OPS_SERVICE,QC-time-services,QCOM-OEMCrypto,QSEECOMAPI,WVCdm > drm.txt
5) Launch DRM Info, and once it's fully loaded, Ctrl+C to stop logging.

Post the drm.txt log here with your device model and ROM version. (the log does not contain any sensitive information)
Example: Redmi Note 8 (21.4.22)

Here is a drm.txt
I did a persist partition restore from a dump I'm sure it was L1, but still the same.
Xiaomi Mi 9 (21.4.21)

EDIT: I've just looked into /vendor/firmware_mnt/image, I don't have widevine.mdt but I have widevine.mbn file
 

Attachments

  • drm.txt
    33.1 KB · Views: 720
Last edited:
EDIT: I've just looked into /vendor/firmware_mnt/image, I don't have widevine.mdt but I have widevine.mbn file
Normal. widevine.mdt was used up to Android 10, while widevine.mbn is used instead since Android 11.
 
The following is relevant to Mi 9 (cepheus) and Mi 9T Pro/Redmi K20 Pro (raphael) only, and does not apply to Mi 9T (davinci) or Redmi Note 8 (ginkgo), for which we need more logs from users with L1 or L3:

From what we learned so far, users of these 2 devices simply lost their L1 keys or they got somehow corrupted.
The OEMCrypto libs are compatible and work properly, as confirmed by a Mi 9T Pro/Redmi K20 Pro user of our ROM (latest Weekly), who still has his L1 key working properly, and as evident by this part from his log, which shows the L1 key being read properly:
Code:
I QCOM-OEMCrypto: LibOEMCrypto version 1.30
I QCOM-OEMCrypto: TA   version 1.74
I QCOM-OEMCrypto: Api  version 16.3
D WVCdm   : [oemcrypto_adapter_dynamic.cpp(729):Initialize] OEMCrypto_Initialize Level 1 success. I will use level 1.
I WVCdm   : [oemcrypto_adapter_dynamic.cpp(732):Initialize] Level 1 Build Info (v16): Build Information: API_Version: 16.3 LibOEMCrypto_Version: 1.30 TA_Version: 1.74
While logs from users who lost their L1 key look like this:
Code:
I QCOM-OEMCrypto: LibOEMCrypto version 1.30
I QCOM-OEMCrypto: TA   version 1.74
I QCOM-OEMCrypto: Api  version 16.3
E QCOM-OEMCrypto: Error at trusted_app_is_keybox_or_oemcert_valid : 735
E QCOM-OEMCrypto: TA Result : 17 OEMCryptoResult : 10
I QCOM-OEMCrypto: -----------------------------------------------------------------
I QCOM-OEMCrypto: Error stack trace[1] for TA version 1:74
E QCOM-OEMCrypto:      i_widevine_oemcrypto_is_keybox_or_oemcert_valid : 914
I QCOM-OEMCrypto: -----------------------------------------------------------------
E QCOM-OEMCrypto: Error at _oecc05 : 637
W WVCdm   : [oemcrypto_adapter_dynamic.cpp(916):LoadLevel1] Could not find /factory/wv.keys. Falling Back to L3.
As you can see, the key is completely lost. One thing you may want to try is flash the latest official Global fastboot ROM and relock the bootloader. It may, or may not, restore the key. Will be interesting to hear the results.
 
  • Like
Reactions: JiaiJ and ingbrzy
Mi device Mi 9T ROM 21.4.21.
Thanks.
Thank you. This confirms that what is said above for cepheus and raphael is also true for davinci:
Code:
I QCOM-OEMCrypto: LibOEMCrypto version 1.30
I QCOM-OEMCrypto: TA   version 1.71
I QCOM-OEMCrypto: Api  version 16.3
E QCOM-OEMCrypto: Error at trusted_app_is_keybox_or_oemcert_valid : 735
E QCOM-OEMCrypto: TA Result : 17 OEMCryptoResult : 10
I QCOM-OEMCrypto: -----------------------------------------------------------------
I QCOM-OEMCrypto: Error stack trace[1] for TA version 1:71
E QCOM-OEMCrypto:      i_widevine_oemcrypto_is_keybox_or_oemcert_valid : 912
I QCOM-OEMCrypto: -----------------------------------------------------------------
E QCOM-OEMCrypto: Error at _oecc05 : 637
W WVCdm   : [oemcrypto_adapter_dynamic.cpp(916):LoadLevel1] Could not find /factory/wv.keys. Falling Back to L3.
You may want to try the method I described at the end of my reply: "One thing you may want to try is flash the latest official Global fastboot ROM and relock the bootloader. It may, or may not, restore the key. Will be interesting to hear the results."
Users of certain devices from another brand had their L1 keys lost when they had their bootloader unlocked, and restored once they relocked it. We don't know yet if it's a possibility with Xiaomi devices.
 
Log from my Mi 9T (12.1.2 Stable), comparing to your posted logs it seems like the key ist lost completely
 

Attachments

  • drm.txt
    29.3 KB · Views: 346
Have you even been using our Android 11 Weeklies?

Yes initially I tried the Android 11 Weekly about 1,5 months ago, but decided that the stable was fine for me and used the stable since then (and I also had Widevine L1 on the stable until a week ago).
When I realized I lost Widevine L1 somehow I also tried the Android 11 Weekly again to see if that fixes it, but that didn't change the Widevine level.
 
Yes initially I tried the Android 11 Weekly about 1,5 months ago, but decided that the stable was fine for me and used the stable since then (and I also had Widevine L1 on the stable until a week ago).
When I realized I lost Widevine L1 somehow I also tried the Android 11 Weekly again to see if that fixes it, but that didn't change the Widevine level.
Yeah, it almost looks like the keys expired/invalidated. Might have been done automatically by Xiaomi's Cloud Service.
 
Thank you. This confirms that what is said above for cepheus and raphael is also true for davinci:
Code:
I QCOM-OEMCrypto: LibOEMCrypto version 1.30
I QCOM-OEMCrypto: TA   version 1.71
I QCOM-OEMCrypto: Api  version 16.3
E QCOM-OEMCrypto: Error at trusted_app_is_keybox_or_oemcert_valid : 735
E QCOM-OEMCrypto: TA Result : 17 OEMCryptoResult : 10
I QCOM-OEMCrypto: -----------------------------------------------------------------
I QCOM-OEMCrypto: Error stack trace[1] for TA version 1:71
E QCOM-OEMCrypto:      i_widevine_oemcrypto_is_keybox_or_oemcert_valid : 912
I QCOM-OEMCrypto: -----------------------------------------------------------------
E QCOM-OEMCrypto: Error at _oecc05 : 637
W WVCdm   : [oemcrypto_adapter_dynamic.cpp(916):LoadLevel1] Could not find /factory/wv.keys. Falling Back to L3.
You may want to try the method I described at the end of my reply: "One thing you may want to try is flash the latest official Global fastboot ROM and relock the bootloader. It may, or may not, restore the key. Will be interesting to hear the results."
Users of certain devices from another brand had their L1 keys lost when they had their bootloader unlocked, and restored once they relocked it. We don't know yet if it's a possibility with Xiaomi devices.
I would like to do it, but I need my mobile for work and I don't have another one to replace it.
If at some point I have time, I will, but now it is impossible.
I really appreciate your time and efforts to offer us the roms weekly.
Thanks.
 
I had some time and went back to the latest Mi 9T stock ROM (12.0.4QFJEUXM) + locked bootloader. Unfortunately, Widevine is still L3.
 

Attachments

  • drm_stockrom.txt
    60.3 KB · Views: 319
Mi 9T Pro (21.4.21)

I also tried to install the Global ROM a long time ago but Widevine stayed at L3...

Xiaomi appears to be silently blocking/invalidating Widevine L1 keys on unlocked devices... with no recovery option like other companies offer... very sad :(
 

Attachments

  • drm.txt
    27.2 KB · Views: 327
My experience. I tried today the latest weekly and flashed it, and suddenly lost my L1. Then, I came back to stock and still remains in L3. My device is mi 9t pro. It´s a weird situation.
 
  • Like
Reactions: Panosfil
My second Mi9 which is running 12.5 | 21.2.24 (weekly) still has widevine l1
 

Attachments

  • drm.txt
    31.6 KB · Views: 321
From the logs it seems that QC ***** 1.3 is the version that works but also the ones having the L1 are connecting to a server to get it? That is very weird.
 
  • Like
Reactions: Poney70
From the logs it seems that QC ***** 1.3 is the version that works but also the ones having the L1 are connecting to a server to get it? That is very weird.
I've no idea what you're saying. Those devices don't officially support installing a new Widevine key, something we're working to overcome.
 
I've no idea what you're saying. Those devices don't officially support installing a new Widevine key, something we're working to overcome.
But does a remote server could check and valid or invalid (and delete???) a Widevine key? It's very strange... :(
 
The following is relevant to Mi 9 (cepheus) and Mi 9T Pro/Redmi K20 Pro (raphael) only, and does not apply to Mi 9T (davinci) or Redmi Note 8 (ginkgo), for which we need more logs from users with L1 or L3:

From what we learned so far, users of these 2 devices simply lost their L1 keys or they got somehow corrupted.
The OEMCrypto libs are compatible and work properly, as confirmed by a Mi 9T Pro/Redmi K20 Pro user of our ROM (latest Weekly), who still has his L1 key working properly, and as evident by this part from his log, which shows the L1 key being read properly:
Code:
I QCOM-OEMCrypto: LibOEMCrypto version 1.30
I QCOM-OEMCrypto: TA   version 1.74
I QCOM-OEMCrypto: Api  version 16.3
D WVCdm   : [oemcrypto_adapter_dynamic.cpp(729):Initialize] OEMCrypto_Initialize Level 1 success. I will use level 1.
I WVCdm   : [oemcrypto_adapter_dynamic.cpp(732):Initialize] Level 1 Build Info (v16): Build Information: API_Version: 16.3 LibOEMCrypto_Version: 1.30 TA_Version: 1.74
While logs from users who lost their L1 key look like this:
Code:
I QCOM-OEMCrypto: LibOEMCrypto version 1.30
I QCOM-OEMCrypto: TA   version 1.74
I QCOM-OEMCrypto: Api  version 16.3
E QCOM-OEMCrypto: Error at trusted_app_is_keybox_or_oemcert_valid : 735
E QCOM-OEMCrypto: TA Result : 17 OEMCryptoResult : 10
I QCOM-OEMCrypto: -----------------------------------------------------------------
I QCOM-OEMCrypto: Error stack trace[1] for TA version 1:74
E QCOM-OEMCrypto:      i_widevine_oemcrypto_is_keybox_or_oemcert_valid : 914
I QCOM-OEMCrypto: -----------------------------------------------------------------
E QCOM-OEMCrypto: Error at _oecc05 : 637
W WVCdm   : [oemcrypto_adapter_dynamic.cpp(916):LoadLevel1] Could not find /factory/wv.keys. Falling Back to L3.
As you can see, the key is completely lost. One thing you may want to try is flash the latest official Global fastboot ROM and relock the bootloader. It may, or may not, restore the key. Will be interesting to hear the results.
I just flashed the latest Global EEA rom from Xiaomi on my Mi9/cepheus and relocked the bootloader. There seems to be no effect on my Widevine level, which is still L3.
 
Status
Not open for further replies.