Only an Apple engineer could answer this fully but here are some of my ideas as to why this hasn't been done yet:
-They still support playback on devices with no TEE. Kinda defeats the point of implementing it until this is the case.
- They are wary of moving more functionality into their TEE as it increases the attack surface.
- If the platform is already "attested" and locked down as it is the case today, moving the playback to the TEE provides only a little bit of extra security.
- They are banking on the ARM Realm Management Extension[0] coming to their chips. This would be more of a "catch all" solution to fuck over the owners of their machines in new and exciting ways.
There isn't enough known about the whole thing to answer this. But for what it's worth, Intel's version of this tech has a wiki paragraph dedicated to this concern.
I'm having doubts about what you mean about "TEE", I suppose it's term for "trusted execution environment". I'm not sure about I might answer, and it's probable the right question to ask to Apple engineering. I think Apple can use the same technology they used for Apple Pay via the Secure Chip. I'm talking mainly about exchanging keys via servers, decryption and then serve the content via a sort of "frontend". I wish to know more about TEE to give you a more detailed answer.
EDIT: thinking about secure enclave.. maybe (still an hypothesis) the chip does not have the bandwidth to perform decryption just in time. Probably it's a huge cost for Apple to apply something like that.
They didn't need to. If you have a robust secure boot chain then code running in kernel mode is sufficient (which is what Apple claim FairPlay Streaming is doing). The video is decrypted in kernel space and the drivers enforce HDCP.
Windows has a similar approach, but it's easier to get attacker's code into kernel space there, and PCs can't properly remotely attest so the whole thing doesn't really work (too many possible legit configurations).
