In Safari 13.1 / MacOS 10.15.4, Safari and tvOS (and likely iOS) no longer play our fMP4 AES-128 encrypted HLS streams. They still work in JavaScript players like Bitmovin and hls.js, and older versions of Safari. The same streams without encryption also still work fine.
It seems like our segments actually do get decrypted just fine - Safari will play the first segment (i.e. display video frames) before stopping. Seek also works, except again only one segment plays. If I manually decrypt everything using openssl, and remove the key URI from the manifest, then the playback works fine (as expected, since it's the same as a clear stream).
I suspect that something broke the combination of fMP4/CMAF + AES-128, because fMP4/CMAF + SAMPLE-AES using Common Encryption with cbcs seems to work.
Can you please fix fMP4 encrypted with AES-128?