commit 7cd4a107cb1d9e49db0bb5252b6c720a397660c7
author Kevin Hufnagle <khufnagle@google.com> Wed May 04 15:30:45 2016 -0700
committer Kevin Hufnagle <khufnagle@google.com> Tue May 10 16:26:34 2016 -0700
tree 4adb01222e641f5350e0ef58f1107b4dce632d24
parent 908a8703f0119367255d1d1a184f2f9b9b9c074a

cherrypick from mnc-docs docs: Updated APK Signature Scheme v2 doc.

This version of the APK Signature Scheme v2 documentation doesn't
mention the "apksigner" command-line tool, since this feature isn't
supported as of I/O 2016. However, it will still be possible to sign
an app using APK Signature Scheme v2---and disable v2 signing---using
Android Studio 2.2 and Gradle.

This document is gated on the release of Android Studio 2.2,
scheduled to release on the first day of I/O (May 18).

Bug: 28143514
Change-Id: I00164a740bcc19b5ba08b517023cca11f4373680
Original-Change-Id: Ied916823424d38731e03073b07166f54e8a86b66

docs/html/preview/api-overview.jd

diff --git a/docs/html/preview/api-overview.jd b/docs/html/preview/api-overview.jd
index 4a7b879..88b8a3d 100644
--- a/docs/html/preview/api-overview.jd
+++ b/docs/html/preview/api-overview.jd
@@ -724,18 +724,46 @@
 
 <h2 id="apk_signature_v2">APK signature scheme v2</h2>
 
-<p>The PackageManager class now supports verifying apps using the APK
-signature scheme v2. The APK signature scheme v2 is a whole-file signature scheme
-that significantly improves verification speed and strengthens integrity
-  guarantees by detecting any unauthorized changes to APK files.</p>
+<p>
+  Android N introduces APK Signature Scheme v2, a new app-signing scheme that
+  offers faster app install times and better protection against unauthorized
+  alterations to APK files. Android Studio 2.2 and Gradle provide built-in
+  support for APK Signature Scheme v2.
+</p>
 
-<p>To maintain backward-compatibility, an APK must be signed with the v1 signature
-scheme (JAR signature scheme) before being signed with the v2 signature scheme.
-With the v2 signature scheme, verification fails if you sign the APK with an
-  additional certificate after signing with the v2 scheme. </p>
+<p>
+  Although we recommend applying APK Signature Scheme v2 to your app, the new
+  scheme is not mandatory. If your app doesn't build properly when using the
+  APK Signature Scheme v2, you can use the traditional signing scheme—which
+  uses JAR signing—instead. To use the traditional scheme, open the
+  module-level <code>build.gradle</code> file and add the
+  <code>v2SigningEnabled</code> parameter to your release signing
+  configuration, setting this parameter's value to <code>false</code>:
+</p>
 
-<p>APK signature scheme v2 support will be available later in the N Developer
-Preview.</p>
+<pre>
+  android {
+    ...
+    defaultConfig { ... }
+    signingConfigs {
+      release {
+        storeFile file("myreleasekey.keystore")
+        storePassword "password"
+        keyAlias "MyReleaseKey"
+        keyPassword "password"
+        <strong>v2SigningEnabled false</strong>
+      }
+    }
+  }
+</pre>
+
+<p>
+  For more information, see the following guides, which describe how to <a href=
+  "{@docRoot}studio/tools/publishing/app-signing.html#release-mode"> sign an app
+  in Android Studio</a> and how to <a href=
+  "{@docRoot}studio/tools/building/configuring-gradle.html#signing"> configure
+  the Gradle build file for signing apps</a>.
+</p>
 
 <h2 id="scoped_directory_access">Scoped directory access</h2>