Vega 0.22 Widevine CDM rejects encryptionScheme: 'cbcs'

Platform: Vega 0.22, @amazon-devices/react-native-w3cmedia 2.1.99, Shaka 4.16.13 (per the official integration guide).

When Shaka calls requestMediaKeySystemAccess (or mediaCapabilities.decodingInfo) for com.widevine.alpha with an encryptionScheme: 'cbcs' capability, Vega’s CDM logs:

WARN  EncryptedMediaImpl: requestMediaKeySystemAccess. Unsupported encryptionScheme passed: cbcs. skipping

…and drops the capability. HLS streams with CBCS-encrypted audio or video (any stream where the init segment’s tenc box has scheme_type=cbcs) then get decrypted as CENC and produce decoder garbage. Symptom: video freezes on the first frame with no audio and no JS-visible error.

Questions:

  1. Is CBCS support planned, and if so when?

  2. Is the CBCS decryption code path entirely absent, or is it just not exposed through EME negotiation? (i.e. would supplying CBCS segments without the EME hint still decrypt?)

  3. Is there an alternate keysystem string or flag that selects the CBCS path today?

Thanks!

Hi @ScottW ,

Welcome to the Amazon Developer Community.

We are checking internally on the CBCS support and will let you know as soon as we have answers.

Thanks,
Rohit

Hi @ScottW ,

Thank you for your patience while we investigated this.

To answer your questions:

  1. CBCS is already supported on Vega. No additional work is needed on that front.

  2. The CBCS decryption path is fully present and works. The issue is only in the EME negotiation layer, not in actual decryption.

  3. No alternate keysystem string is needed. com.widevine.alpha works for both CENC and CBCS.

Workaround: Remove the drm.advanced[keySystem].encryptionScheme configuration from your Shaka setup. Without that hint, the CDM will handle CBCS streams correctly.

Let us know if the workaround resolves the issue for you.

Thanks,
Aishwarya

Hi @ScottW,

Just checking in — were you able to try the workaround (removing drm.advanced[keySystem].encryptionScheme from your Shaka config)? Let us know if that resolved the CBCS playback issue on your end.

Thanks,
Aishwarya

Following your suggestion to drop encryptionScheme from the EME/DRM config so the CDM auto-detects the scheme from the content — we implemented that, but CBCS still does not play.

Environment

  • Vega 0.22, @amazon-devices/react-native-w3cmedia 2.1.99

  • Shaka Player 4.16.13

  • Widevine (com.widevine.alpha), L3/software — robustness requested SW_SECURE_CRYPTO, negotiated back as NON-SECURE

  • HLS fMP4, AVC video (avc1.4d001f) + AAC audio (mp4a.40.5), cbcs scheme on both tracks

What we changed

  • No encryptionScheme is passed to requestMediaKeySystemAccess or navigator.mediaCapabilities.decodingInfo — we strip the field entirely. The CDM accepts the config and returns a valid MediaKeySystemAccess.

What happens

  • requestMediaKeySystemAccess succeeds; MediaKeys created.

  • License acquired successfully for both audio and video sessions (license response submitted, key status usable).

  • CBCS init + media segments append to the SourceBuffers with no errors.

  • Playback never advances. The playhead stays at the start position while both audio and video buffers fill several seconds ahead. The player sits in buffering (“waiting for other streams to buffer”), a stall is detected, and the automatic forward-seek to break the stall has no effect. No decoded frames, no audio, and no error is ever surfaced.

Key signal: the same content delivered as CENC plays correctly on the same device. Only cbcs fails, and it fails at the decode stage — after EME negotiation and license/key delivery have all succeeded.

Questions

  1. Is cbcs decryption actually supported on Vega 0.22’s Widevine + GStreamer decrypt pipeline for L3/software?

  2. If yes — what configuration is required beyond removing encryptionScheme? Is there a decoder/pipeline flag we’re missing?

  3. If no — please confirm, so we can route all DRM content to CENC for Vega.