c2a36afd6772d9286e8071693f80648beef763a3 - platform/build

commit	c2a36afd6772d9286e8071693f80648beef763a3	[log] [tgz]
author	Alex Klyubin <klyubin@google.com>	Wed Jan 13 10:32:47 2016 -0800
committer	Alex Klyubin <klyubin@google.com>	Fri Jan 29 10:17:02 2016 -0800
tree	00347526394018525a69f65c4e0fca2965c45854
parent	4a97cde443829f1a3bf40fe6e820ba5b01e3bf87 [diff]

Sign APKs using SHA-256 instead of SHA-1 when possible.

This changes the build system to provide the signapk tool with the
minSdkVersion of the APK being signed. signapk in turn will then use
SHA-256 instead of SHA-1 if minSdkVersion is 18 (JB MR2) or higher
(see c2c49ed0c13846f7f96249c7419971dfcddc9215).

To avoid increasing incremental OTA update package sizes for already
released platforms, release build scripts disable the above logic when
signing target files ZIPs for pre-N platforms.

Bug: 25643280

(cherry picked from commit de5bc04717505ad0e5b55605bccf43974f4c5c7a)

Change-Id: I4b100750e47788ab6ed897a0a5abfd33542e8676

core/definitions.mk[diff]
core/prebuilt_internal.mk[diff]
tools/releasetools/common.py[diff]
tools/releasetools/sign_target_files_apks.py[diff]

4 files changed

tree: 00347526394018525a69f65c4e0fca2965c45854

core/
libs/
target/
tools/
.gitignore
buildspec.mk.default
CleanSpec.mk
envsetup.sh