APEXs are signed with apk signer

The entire APEX (which is a zip file) is signed with the apk signer.
Certificate can be specified via the 'certificate' property just like
ordinary apps. Note: multiple additional certificates are not supported.

Bug: 115721587
Test: m apex.test
Test: jarsigner -verify -verbose -certs .../apex.test.apex shows the
certificate info

Change-Id: Ia4c898d3427779a3809fdc683b85d7661ca65137

java/app_builder.go

@@ -29,7 +29,7 @@ import (
 )
 
 var (
-	signapk = pctx.AndroidStaticRule("signapk",
+	Signapk = pctx.AndroidStaticRule("signapk",
 		blueprint.RuleParams{
 			Command: `${config.JavaCmd} -Djava.library.path=$$(dirname $signapkJniLibrary) ` +
 				`-jar $signapkCmd $certificates $in $out`,
@@ -63,7 +63,7 @@ var combineApk = pctx.AndroidStaticRule("combineApk",
 	})
 
 func CreateAppPackage(ctx android.ModuleContext, outputFile android.WritablePath,
-	resJarFile, jniJarFile, dexJarFile android.Path, certificates []certificate) {
+	resJarFile, jniJarFile, dexJarFile android.Path, certificates []Certificate) {
 
 	unsignedApk := android.PathForModuleOut(ctx, "unsigned.apk")
 
@@ -84,11 +84,11 @@ func CreateAppPackage(ctx android.ModuleContext, outputFile android.WritablePath
 
 	var certificateArgs []string
 	for _, c := range certificates {
-		certificateArgs = append(certificateArgs, c.pem.String(), c.key.String())
+		certificateArgs = append(certificateArgs, c.Pem.String(), c.Key.String())
 	}
 
 	ctx.Build(pctx, android.BuildParams{
-		Rule:        signapk,
+		Rule:        Signapk,
 		Description: "signapk",
 		Output:      outputFile,
 		Input:       unsignedApk,