Don't depend on Bouncy Castle. This switches PKCS#7 SignedData generation code from Bouncy Castle to OpenJDK's proprietary internal API. This is to avoid depending on a huge library that's not really needed. In the longer term, it's best to add our own implementation of PKCS#7 SignedData building, parsing, and verification. This will give the code more power to mimic what the Android platform does. Bug: 27461702 Change-Id: I29f1ceea1293e35424fde69c0f2969d551345100

commit: 7f770c09630ae5f838a4962bebd99757a4c7b1c7 [log] [tgz]
author: Alex Klyubin <klyubin@google.com> Tue Jun 14 10:26:41 2016 -0700
committer: Alex Klyubin <klyubin@google.com> Tue Jun 14 11:20:49 2016 -0700
tree: cfc1e23086583f296a832d2c1d0f81e2f951090a
parent: dca955a9bdf06622d9920095ac7e3ab7a2e003cb [diff] [blame]
diff --git a/tools/apksigner/core/Android.mk b/tools/apksigner/core/Android.mk
index c86208b..132a6f1 100644
--- a/tools/apksigner/core/Android.mk
+++ b/tools/apksigner/core/Android.mk

@@ -20,7 +20,10 @@
 include $(CLEAR_VARS)
 LOCAL_MODULE := apksigner-core
 LOCAL_SRC_FILES := $(call all-java-files-under, src)
-LOCAL_JAVA_LIBRARIES = \
-  bouncycastle-host \
-  bouncycastle-bcpkix-host
+
+# Disable warnnings about our use of internal proprietary OpenJDK API.
+# TODO: Remove this workaround by moving to our own implementation of PKCS #7
+# SignedData block generation, parsing, and verification.
+LOCAL_JAVACFLAGS := -XDignore.symbol.file
+
 include $(BUILD_HOST_JAVA_LIBRARY)
commit	7f770c09630ae5f838a4962bebd99757a4c7b1c7	[log] [tgz]
author	Alex Klyubin <klyubin@google.com>	Tue Jun 14 10:26:41 2016 -0700
committer	Alex Klyubin <klyubin@google.com>	Tue Jun 14 11:20:49 2016 -0700
tree	cfc1e23086583f296a832d2c1d0f81e2f951090a
parent	dca955a9bdf06622d9920095ac7e3ab7a2e003cb [diff] [blame]