Is possible download a MPEG Dash content with DRM?
How can I decrypt using the MPD file?
I tried download all M4S segments (audio and video) but when I join the segments the video doesn't work properly.
The site is using Widevine platform for DRM.
I tried too youtube-dl and dash-proxy but again unsuccessfully.
I searched on Google but I didn't succeed.
No because it's not part of the browser. The browser implements eme which allows to 'offload' decoding a video to a 3rd party software.
When you download chrome, you download another compiled "CDM" app which does the decoding and is a 'black box'. So you'd need to modify that black box CDM, not the browser. So only option is then the screen capture.
MS has a system that even prevents screen capture software (since windows controls OS) Chrome desktop CDM has weaknesses but not in the league of 'youtube downloader'.
Also Google doesn't provide CDM for modified browsers.
A researcher on twitter a couple years ago claimed to defeat the encryption by directly cracking the encryption itself, based on knowledge of what the CDM was doing. At this point though, it's beyond 'look the other way' and you would definitely be in legal jeopardy if you distributed such information or content.
In the future, Google would like all of this to be done in hardware further making it hard to defeat. Eg once they got several hardware manufacturers to put a chip in their monitors, they might literally say "if you want to watch google play or netflix, you need an 'secure monitor' (you know, so people don't spy on you...) ".
It's basic economics. If you can't live without netflix, they will lock it down and make you pay for each view. If you're 'meh' they will make it 9.99 and reel you in. If you literally prefer some 'open source movie website where everythings free, though lame' They will just try to track your interests, for a better day when they can make something irresistible you will pay for.
At this point people are pretty 'addicted' so encryption chips are being put into monitors, motherboards, video cards, even cables connecting the monitor to computer. But if they squeeze too hard, people will just walk away. But their data models now would warn them if people were getting to that limit, so it's unlikely.
EDIT: today I came across a code repository which is a chrome extension that will tell you the decryption key as it decrypts a video. I won't post the link here (but it's currently at github publicly). It contains the private key that is used by the Google Widevine CDM to decrypt the keys (which are sent encrypted from the license server). So if you have access to watch a video (eg you rent a video at google play) then you can see the key, download the mp4, then use ffmpeg to decrypt the mp4 with that key that was reported while you played the video. You would then have an unencrypted video. This is why Google tells their content providers to only provide 'low quality' versions for desktop browsers, and reserve high quality (eg 4K) content for environments where decryption is happening in a hardware chip.
I am assuming you are asking how you can handle the DRM part and that the download part is ok, using dash-proxy or similar?
The way the DRM works with DASH streaming is that the player streaming the video will recognise from the manifest and/or the video stream that the video is encrypted when you try to play it and will ask the DRM license server for the license.
For widevine it requires the URL of the license server to be configured or input into the player - see the the example at Shaka player: https://shaka-player-demo.appspot.com and choose custom asset from the drop down list and you will see how you have to enter the License Server URL.
If you have downloaded the video then the player will still need to recognise that the video is encrypted, that the DRM system is widevine and will need to be told the license server to request the license from.
The player can recognise the content is encrypted from the MP4 PSSH box - a header which indicates it is encrypted and the DRM system being used, in your case Widevine.
If you don't have authorisation or the video was originally a live stream or if it had some time constraints you may not be granted a license. Similarly, if you are planing to watch it offline, then you will need to receive a persistent license (one that is valid on the device for some time) which may not be available for the video you want to watch.
