Fix key renewal and allow renewal by setting context key-status to 'expired'.

robwalch · robwalch · commit eb45c019522f · 2026-02-16T20:27:12.000-08:00
diff --git a/api-extractor/report/hls.js.api.md b/api-extractor/report/hls.js.api.md
@@ -1213,7 +1213,7 @@ export class EMEController extends Logger implements ComponentAPI {
     // (undocumented)
     loadKey(frag: EncryptedFragment): Promise<LevelKey>;
     // (undocumented)
-    renewKeySession(levelKey: LevelKey): void;
+    renewKeySession(levelKey: LevelKey, context: MediaKeySessionContext): Promise<LevelKey>;
     // (undocumented)
     selectKeySystemFormat(frag: Fragment): Promise<KeySystemFormats>;
 }
diff --git a/src/controller/eme-controller.ts b/src/controller/eme-controller.ts
@@ -136,11 +136,6 @@ class EMEController extends Logger implements ComponentAPI {
   // Tracks active `main`, `audio` (playlistType), and `previous[]` (array) of encrypted fragments and LevelKey objects
   private activeKeys: ActiveKeys = {};
 
-  // Resolves when key status starts with "usable", deleted when changed to expired or released
-  private keyUsablePromises: {
-    [keyId: string]: Promise<LevelKey> | undefined;
-  } = {};
-
   private mediaKeys: MediaKeys | null = null;
   private setMediaKeysQueue: Promise<void>[] = EMEController.CDMCleanupPromise
     ? [EMEController.CDMCleanupPromise]
@@ -517,8 +512,6 @@ class EMEController extends Logger implements ComponentAPI {
       return Promise.reject(error);
     }
 
-    const keyId = getKeyIdString(levelKey);
-
     // track active playlist fragments
     const playlistType = frag.type as
       | PlaylistLevelType.MAIN
@@ -528,52 +521,45 @@ class EMEController extends Logger implements ComponentAPI {
     if (encryptedFrag && !levelKey.matches(encryptedFrag.decryptdata)) {
       activeKeys.previous ||= [];
       activeKeys.previous.push(encryptedFrag);
+      delete activeKeys[playlistType];
     }
-    activeKeys[playlistType] = frag;
+    activeKeys[playlistType] ||= frag;
 
-    // Get key-session context async
-    const keyUsablePromise = this.keyUsablePromises[keyId];
-    if (!keyUsablePromise) {
-      this.log(
-        `Waiting for usable key (playlist: ${playlistType} keyId: ${keyId} URI: ${levelKey.uri} format: "${levelKey.keyFormat}" method: ${levelKey.method})`,
-      );
-      return this.updateUsablePromise(levelKey, 'playlist-key', frag);
+    // check for external expiration
+    for (let i = this.mediaKeySessions.length; i--; ) {
+      const context = this.mediaKeySessions[i];
+      if (
+        levelKey.keyId &&
+        context.keyStatuses[arrayToHex(levelKey.keyId)] === 'expired'
+      ) {
+        return this.renewKeySession(levelKey, context);
+      }
     }
 
-    return keyUsablePromise;
+    // Get key-session context async
+    return this.updateUsablePromise(levelKey, 'playlist-key', frag);
   }
 
-  public renewKeySession(levelKey: LevelKey) {
-    const keyId = getKeyIdString(levelKey);
-    if (levelKey.pssh) {
-      // Reset cached mediaKeys, access promise, and usable key promise so that new session and request are generated
-      this.resetMediaKeys();
-      delete this.keyUsablePromises[keyId];
-
-      // same as loadKey, mediaKeys will be set with new session
-      const renewalPromise = this.updateUsablePromise(levelKey, 'expired');
-      renewalPromise
-        .then(() => {
-          // remove old session after new one is established
-          // return this.removeSession(mediaKeySessionContext);
-        })
-        .catch((error) => this.handleError(error));
-    } else {
-      this.warn(`Could not renew expired key ${keyId}. Missing pssh initData.`);
-    }
+  public renewKeySession(
+    levelKey: LevelKey,
+    context: MediaKeySessionContext,
+  ): Promise<LevelKey> {
+    // Reset cached mediaKeys, access promise, and usable key promise so that new session and request are generated
+    this.resetMediaKeys();
+    return this.removeSession(context).then(() => {
+      this.throwIfDestroyed();
+      return this.updateUsablePromise(levelKey, 'expired');
+    });
   }
 
   private updateUsablePromise(
     levelKey: LevelKey,
     reason: LicenseRequestReason,
     frag?: EncryptedFragment,
   ): Promise<LevelKey> {
-    const keyId = getKeyIdString(levelKey);
     const keySessionContextPromise = this.getSessionForKey(levelKey, reason);
     keySessionContextPromise.catch((error) => this.handleError(error, frag));
-    const usablePromise = (this.keyUsablePromises[keyId] =
-      keySessionContextPromise.then((context) => levelKey));
-    return usablePromise;
+    return keySessionContextPromise.then((context) => levelKey);
   }
 
   // add Key to new or existing session
@@ -593,6 +579,9 @@ class EMEController extends Logger implements ComponentAPI {
           // If request is in progress wait for it to resolve
           const requestEmitter = context.keyRequests[levelKey.uri];
           if (requestEmitter) {
+            this.log(
+              `Waiting for usable key (${reason} keyId: ${getKeyIdString(levelKey)} format: "${levelKey.keyFormat}" URI: ${levelKey.uri})`,
+            );
             return getRequestToKeyUsablePromise(requestEmitter).then(
               () => context,
             );
@@ -1034,7 +1023,9 @@ class EMEController extends Logger implements ComponentAPI {
           this.log(
             `Expired key ${stringify(keyStatuses)} in key-session "${context.mediaKeysSession.sessionId}"`,
           );
-          this.renewKeySession(levelKey);
+          this.renewKeySession(levelKey, context).catch((error) =>
+            this.handleError(error),
+          );
           break;
         }
       }
@@ -1560,7 +1551,6 @@ class EMEController extends Logger implements ComponentAPI {
   private _clear() {
     this.keyFormatPromise = null;
     this.keySystemAccessPromises = {};
-    this.keyUsablePromises = {};
     this.activeKeys = {};
     const mediaResolved = this.mediaResolved;
     if (mediaResolved) {
diff --git a/tests/unit/controller/eme-controller.ts b/tests/unit/controller/eme-controller.ts
@@ -20,15 +20,9 @@ import type { MediaAttachedData } from '../../../src/types/events';
 
 use(sinonChai);
 
-type EMEControllerTestable = Omit<
-  EMEController,
-  'hls' | 'keyUsablePromises' | 'mediaKeySessions'
-> & {
+type EMEControllerTestable = Omit<EMEController, 'hls' | 'mediaKeySessions'> & {
   hls: HlsMock;
   mediaKeySessions: MediaKeySessionContext[];
-  keyUsablePromises: {
-    [keyUri: string]: Promise<LevelKey> | undefined;
-  };
   activeKeys: {
     main?: EncryptedFragment;
     audio?: EncryptedFragment;
@@ -367,10 +361,6 @@ describe('EMEController', function () {
         type: 'main',
       } as any)
       .then(() => {
-        expect(emeController.keyUsablePromises).to.deep.equal(
-          {},
-          '`keyUsablePromises` should be an empty dictionary when no key IDs are found',
-        );
         expect(emeController.activeKeys).to.deep.equal(
           {},
           '`activeKeys` should be an empty dictionary when no playlisty-keys are found',
@@ -455,15 +445,10 @@ describe('EMEController', function () {
     const levelKey = getParsedLevelKey();
     const encryptedFrag = getEncryptedFrag(levelKey);
     return emeController.loadKey(encryptedFrag).then(() => {
-      expect(emeController.keyUsablePromises['data://key-uri']).to.be.a(
-        'Promise',
+      expect(mediaKeysSetServerCertificateSpy).to.have.been.calledOnce;
+      expect(mediaKeysSetServerCertificateSpy).to.have.been.calledWith(
+        sinon.match({ byteLength: 6 }),
       );
-      return emeController.keyUsablePromises['data://key-uri']!.finally(() => {
-        expect(mediaKeysSetServerCertificateSpy).to.have.been.calledOnce;
-        expect(mediaKeysSetServerCertificateSpy).to.have.been.calledWith(
-          sinon.match({ byteLength: 6 }),
-        );
-      });
     });
   });
 
@@ -521,26 +506,20 @@ describe('EMEController', function () {
       media: media as any as HTMLMediaElement,
     });
 
-    emeController.loadKey(encryptedFrag).catch((error) => {
-      // expected?
-    });
-
-    expect(emeController.keyUsablePromises['data://key-uri']).to.be.a(
-      'Promise',
-    );
-    return emeController.keyUsablePromises['data://key-uri']!.catch(
-      () => {},
-    ).finally(() => {
-      expect(mediaKeysSetServerCertificateSpy).to.have.been.calledOnce;
-      expect((mediaKeysSetServerCertificateSpy.args[0] as any)[0]).to.equal(
-        xhrInstance.response,
-      );
+    emeController
+      .loadKey(encryptedFrag)
+      .catch(() => {})
+      .finally(() => {
+        expect(mediaKeysSetServerCertificateSpy).to.have.been.calledOnce;
+        expect((mediaKeysSetServerCertificateSpy.args[0] as any)[0]).to.equal(
+          xhrInstance.response,
+        );
 
-      expect(emeController.hls.trigger).to.have.been.calledOnce;
-      expect(emeController.hls.trigger.args[0][1].details).to.equal(
-        ErrorDetails.KEY_SYSTEM_SERVER_CERTIFICATE_UPDATE_FAILED,
-      );
-    });
+        expect(emeController.hls.trigger).to.have.been.calledOnce;
+        expect(emeController.hls.trigger.args[0][1].details).to.equal(
+          ErrorDetails.KEY_SYSTEM_SERVER_CERTIFICATE_UPDATE_FAILED,
+        );
+      });
   });
 
   it('should fetch the server certificate and trigger request failed error', function () {
@@ -589,21 +568,15 @@ describe('EMEController', function () {
     emeController.onMediaAttached(Events.MEDIA_ATTACHED, {
       media: media as any as HTMLMediaElement,
     });
-    emeController.loadKey(encryptedFrag).catch((error) => {
-      // expected?
-    });
-
-    expect(emeController.keyUsablePromises['data://key-uri']).to.be.a(
-      'Promise',
-    );
-    return emeController.keyUsablePromises['data://key-uri']!.catch(
-      () => {},
-    ).finally(() => {
-      expect(emeController.hls.trigger).to.have.been.calledOnce;
-      expect(emeController.hls.trigger.args[0][1].details).to.equal(
-        ErrorDetails.KEY_SYSTEM_SERVER_CERTIFICATE_REQUEST_FAILED,
-      );
-    });
+    emeController
+      .loadKey(encryptedFrag)
+      .catch(() => {})
+      .finally(() => {
+        expect(emeController.hls.trigger).to.have.been.calledOnce;
+        expect(emeController.hls.trigger.args[0][1].details).to.equal(
+          ErrorDetails.KEY_SYSTEM_SERVER_CERTIFICATE_REQUEST_FAILED,
+        );
+      });
   });
 
   it('should remove media property  when media is detached', function () {

Original file line number	Diff line number	Diff line change
`@@ -1213,7 +1213,7 @@ export class EMEController extends Logger implements ComponentAPI {`
`1213`	`1213`	`// (undocumented)`
`1214`	`1214`	`loadKey(frag: EncryptedFragment): Promise<LevelKey>;`
`1215`	`1215`	`// (undocumented)`
`1216`		`- renewKeySession(levelKey: LevelKey): void;`
	`1216`	`+ renewKeySession(levelKey: LevelKey, context: MediaKeySessionContext): Promise<LevelKey>;`
`1217`	`1217`	`// (undocumented)`
`1218`	`1218`	`selectKeySystemFormat(frag: Fragment): Promise<KeySystemFormats>;`
`1219`	`1219`	`}`