enrud: I was extracting the playready public/private key pairs from a rooted chromecast. It also stores a database of XMR licenses that I could then decrypt for the content key. I have a lot of scripts for handling the XMR and playready certificate chains. It can verify privates keys and do some useful functions. I also have an MP4 atom box parsers that I meant to eventually handle decryption. I never got the code working like mp4decrypt though. I can specify the track id and content key with mp4decrypt and get correctly dercypted videos.
I investigated the silverlight playready IBX on windows and mac but it seemed heavily obfuscated. They use white box AES so the content keys aren't stored in the clear in memory. I never had much luck with the silver light IBX. I also investigated the actual silverlight request to MS that individualized the blackbox. It allowed me to generate a bunch of IBX files and certificate chains to compare.
It was interesting learning about Eliptic Curve Crypto. I have some code that can decrypt many XMR licenses to content keys. Some are special cases where they are different types of licenses(ex. leaf or seed key). I have a bunch of test XMRs collected from various playready ios apps(ex. amazon instant), chromecast, windows and mac silverlight.
The patent applications for XMR and playready were really helpful in figuring out all the various binary fields. I think I have a list of the interesting patents on another computer. here is an example
http://www.google.co.in/patents/US20060265758
I wanted to publish a toolkit for playready but wasn't sure the best way to do that. I haven't really looked at it in a while. I know there are private playready hacks around because decrypted versions of playready exclusive content is available around on the web.
The chromecast has a few DRM libraries that were much easier to load into hexrays IDA Pro/decompiler because they weren't obfuscated as the SL IBX. It really helped me figured out a lot of the head scratchers.