F/u previous widevine signing refactorings

* Replace config.brave_enable_cdm_host_verification with newly introduced config.enableCDMHostVerification() * Decouple signing and widevine sig file generation * Fix some typos F/u https://github.com/brave/brave-browser/pull/7518 Fix https://github.com/brave/brave-browser/issues/7601
2020-01-05 23:33:42 +09:00 · 2020-01-05 23:33:42 +09:00 · d77b5dbccf
commit d77b5dbccf
parent 94660a2247
4 changed files with 22 additions and 21 deletions
--- a/lib/build.js
+++ b/lib/build.js
@ -102,19 +102,13 @@ const build = (buildConfig = config.defaultBuildConfig, options) => {
    util.generateXcodeWorkspace()
  } else {
    util.buildTarget()
-    if (config.shouldSign()) {
-      if (process.platform === 'win32') {
-        // Sign only binaries for widevine sig generation.
-        // Other binaries will be done during the create_dist.
-        // Then, both are merged whenarchive for installer is created.
-        util.signWinBinaries()

-        if (config.brave_enable_cdm_host_verification) {
-          util.generateWidevineSigFiles()
-        }
-      } else {
-        util.signApp()
-      }
+    if (config.shouldSign()) {
+      util.signApp()
+    }
+
+    if (config.enableCDMHostVerification()) {
+      util.generateWidevineSigFiles()
    }
  }
 }
--- a/lib/config.js
+++ b/lib/config.js
@ -99,7 +99,7 @@ Config.prototype.isDebug = function () {
 }

 Config.prototype.isDcheckAlwaysOn = function () {
-  return this.buildConfig != 'Release'
+  return this.buildConfig !== 'Release'
 }

 Config.prototype.enableCDMHostVerification = function () {
--- a/lib/util.js
+++ b/lib/util.js
@ -367,14 +367,18 @@ const util = {

  signApp: (options = config.defaultOptions) => {
    console.log('signing ...')
-
-    util.run('ninja', ['-C', config.outputDir, config.signTarget], options)
+    if (process.platform === 'win32') {
+      // Sign binaries used for widevine sig file generation.
+      // Other binaries will be done during the create_dist.
+      // Then, both are merged when archive for installer is created.
+      util.signWinBinaries()
+    } else {
+      util.run('ninja', ['-C', config.outputDir, config.signTarget], options)
+    }
  },

+  // TODO(bridiver) - this should move to gn and windows should call signApp like other platforms
  signWinBinaries: () => {
-    // TODO(bridiver) - this should move to gn and windows should call signApp like other platforms
-    console.log('signing win binaries...')
-
    // Copy & sign only binaries for widevine sig file generation.
    // With this, create_dist doesn't trigger rebuild because original binaries is not modified.
    const dir = path.join(config.outputDir, 'signed_binaries')
@ -390,6 +394,9 @@ const util = {
  },

  generateWidevineSigFiles: () => {
+    if (process.platform !== 'win32')
+      return
+
    const cert = config.sign_widevine_cert
    const key = config.sign_widevine_key
    const passwd = config.sign_widevine_passwd
--- a/scripts/commands.js
+++ b/scripts/commands.js
@ -49,7 +49,7 @@ program
  .option('--brave_google_api_key <brave_google_api_key>')
  .option('--brave_google_api_endpoint <brave_google_api_endpoint>')
  .option('--brave_infura_project_id <brave_infura_project_id>')
-  .option('--channel <target_chanel>', 'target channel to build', /^(beta|dev|nightly|release)$/i)
+  .option('--channel <target_channel>', 'target channel to build', /^(beta|dev|nightly|release)$/i)
  .option('--ignore_compile_failure', 'Keep compiling regardless of error')
  .option('--skip_signing', 'skip signing binaries')
  .option('--xcode_gen <target>', 'Generate an Xcode workspace ("ios" or a list of semi-colon separated label patterns, run `gn help label_pattern` for more info.')
@ -69,7 +69,7 @@ program
  .option('--brave_google_api_key <brave_google_api_key>')
  .option('--brave_google_api_endpoint <brave_google_api_endpoint>')
  .option('--brave_infura_project_id <brave_infura_project_id>')
-  .option('--channel <target_chanel>', 'target channel to build', /^(beta|dev|nightly|release)$/i)
+  .option('--channel <target_channel>', 'target channel to build', /^(beta|dev|nightly|release)$/i)
  .option('--build_omaha', 'build omaha stub/standalone installer')
  .option('--tag_ap <ap>', 'ap for stub/standalone installer')
  .option('--skip_signing', 'skip signing dmg/brave_installer.exe')
@ -98,7 +98,7 @@ program
  .option('--ui_mode <ui_mode>', 'which built-in ui appearance mode to use', /^(dark|light)$/i)
  .option('--show_component_extensions', 'show component extensions in chrome://extensions')
  .option('--enable_brave_update', 'enable brave update')
-  .option('--channel <target_chanel>', 'target channel to start', /^(beta|dev|nightly|release)$/i, 'release')
+  .option('--channel <target_channel>', 'target channel to start', /^(beta|dev|nightly|release)$/i, 'release')
  .option('--official_build <official_build>', 'force official build settings')
  // See https://github.com/brave/brave-browser/wiki/Rewards#flags for more information
  .option('--rewards [options]', 'options for rewards')