diff --git a/tools/releasetools/Android.bp b/tools/releasetools/Android.bp
index b5ae00951..8cf3faba3 100644
--- a/tools/releasetools/Android.bp
+++ b/tools/releasetools/Android.bp
@@ -44,6 +44,7 @@ python_library_host {
         "ota_from_target_files.py",
         "ota_package_parser.py",
         "rangelib.py",
+        "sign_apex.py",
         "sign_target_files_apks.py",
         "sparse_img.py",
         "target_files_diff.py",
diff --git a/tools/releasetools/sign_apex.py b/tools/releasetools/sign_apex.py
index 1778615a6..affd6a79f 100755
--- a/tools/releasetools/sign_apex.py
+++ b/tools/releasetools/sign_apex.py
@@ -40,6 +40,20 @@ import common
 logger = logging.getLogger(__name__)
 
 
+def SignApexFile(apex_file, payload_key, container_key, signing_args=None):
+  """Signs the given apex file."""
+  with open(apex_file, 'rb') as input_fp:
+    apex_data = input_fp.read()
+
+  return apex_utils.SignApex(
+      apex_data,
+      payload_key=payload_key,
+      container_key=container_key,
+      container_pw=None,
+      codename_to_api_level_map=None,
+      signing_args=signing_args)
+
+
 def main(argv):
 
   options = {}
@@ -76,20 +90,12 @@ def main(argv):
 
   common.InitLogging()
 
-  input_zip = args[0]
-  output_zip = args[1]
-  with open(input_zip) as input_fp:
-    apex_data = input_fp.read()
-
-  signed_apex = apex_utils.SignApex(
-      apex_data,
-      payload_key=options['payload_key'],
-      container_key=options['container_key'],
-      container_pw=None,
-      codename_to_api_level_map=None,
-      signing_args=options.get('payload_extra_args'))
-
-  shutil.copyfile(signed_apex, output_zip)
+  signed_apex = SignApexFile(
+      args[0],
+      options['payload_key'],
+      options['container_key'],
+      options.get('payload_extra_args'))
+  shutil.copyfile(signed_apex, args[1])
   logger.info("done.")
 
 
diff --git a/tools/releasetools/test_sign_apex.py b/tools/releasetools/test_sign_apex.py
new file mode 100644
index 000000000..4dcc21460
--- /dev/null
+++ b/tools/releasetools/test_sign_apex.py
@@ -0,0 +1,41 @@
+#
+# Copyright (C) 2019 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+import os.path
+
+import common
+import sign_apex
+import test_utils
+
+
+class SignApexTest(test_utils.ReleaseToolsTestCase):
+
+  def setUp(self):
+    self.testdata_dir = test_utils.get_testdata_dir()
+    self.assertTrue(os.path.exists(self.testdata_dir))
+
+    common.OPTIONS.search_path = test_utils.get_search_path()
+
+  @test_utils.SkipIfExternalToolsUnavailable()
+  def test_SignApexFile(self):
+    foo_apex = os.path.join(self.testdata_dir, 'foo.apex')
+    payload_key = os.path.join(self.testdata_dir, 'testkey_RSA4096.key')
+    container_key = os.path.join(self.testdata_dir, 'testkey')
+    signed_foo_apex = sign_apex.SignApexFile(
+        foo_apex,
+        payload_key,
+        container_key)
+    self.assertTrue(os.path.exists(signed_foo_apex))
diff --git a/tools/releasetools/testdata/foo.apex b/tools/releasetools/testdata/foo.apex
new file mode 100644
index 000000000..42e0adb8c
Binary files /dev/null and b/tools/releasetools/testdata/foo.apex differ