Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "cherrypick from mnc-docs docs: Updated APK Signature Scheme v2 doc." into mnc-io-docs am: 24c2969312

Browse Source 
am: c34dee0c99

* commit 'c34dee0c99bbc1d21bd557e095d4f88761a4245f':
  cherrypick from mnc-docs docs: Updated APK Signature Scheme v2 doc.

Change-Id: If46bff14d2a8a461eda04b4e1d40bee06b10984c
This commit is contained in:
Kevin Hufnagle
2016-05-12 00:07:08 +00:00
committed by android-build-merger
parent b9bb8e88c6 c34dee0c99
commit 29bd2c17f9
1 changed files with 38 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
docs/html/preview/api-overview.jd
View File

@@ -723,18 +723,46 @@ specify how user CAs should be trusted.</p>
<h2 id="apk_signature_v2">APK signature scheme v2</h2>
<p>The PackageManager class now supports verifying apps using the APK
signature scheme v2. The APK signature scheme v2 is a whole-file signature scheme
that significantly improves verification speed and strengthens integrity
guarantees by detecting any unauthorized changes to APK files.</p>
<p>
Android N introduces APK Signature Scheme v2, a new app-signing scheme that
offers faster app install times and better protection against unauthorized
alterations to APK files. Android Studio 2.2 and Gradle provide built-in
support for APK Signature Scheme v2.
</p>
<p>To maintain backward-compatibility, an APK must be signed with the v1 signature
scheme (JAR signature scheme) before being signed with the v2 signature scheme.
With the v2 signature scheme, verification fails if you sign the APK with an
additional certificate after signing with the v2 scheme. </p>
<p>
Although we recommend applying APK Signature Scheme v2 to your app, the new
scheme is not mandatory. If your app doesn't build properly when using the
APK Signature Scheme v2, you can use the traditional signing scheme—which
uses JAR signing—instead. To use the traditional scheme, open the
module-level <code>build.gradle</code> file and add the
<code>v2SigningEnabled</code> parameter to your release signing
configuration, setting this parameter's value to <code>false</code>:
</p>
<p>APK signature scheme v2 support will be available later in the N Developer
Preview.</p>
<pre>
android {
...
defaultConfig { ... }
signingConfigs {
release {
storeFile file("myreleasekey.keystore")
storePassword "password"
keyAlias "MyReleaseKey"
keyPassword "password"
<strong>v2SigningEnabled false</strong>
}
}
}
</pre>
<p>
For more information, see the following guides, which describe how to <a href=
"{@docRoot}studio/tools/publishing/app-signing.html#release-mode"> sign an app
in Android Studio</a> and how to <a href=
"{@docRoot}studio/tools/building/configuring-gradle.html#signing"> configure
the Gradle build file for signing apps</a>.
</p>
<h2 id="scoped_directory_access">Scoped directory access</h2>