| APKs in this directory are used by PkgInstallSignatureVerificationTest. |
| See that class for additional information about their use. |
| |
| In general, they are differently signed forms of the tinyapp APK and follow |
| the following naming scheme: |
| |
| ${version}-with-${signing-algorithm}-${OID-params}-${keysize}-${extra_info} |
| |
| where some fields may not be present, but have the following meaning: |
| |
| version: denotes which APK Signature Scheme (v1, v2, and/or v3) was used |
| signing-algorithm: indicates how the signature was generated |
| OID-params: PKI object identifiers indicating how to use the provided key |
| to generate the signature. See, e.g. rfc3279 and rfc4055. |
| keysize: the size of the key used for signing |
| extra_info: additional notes to distinguish packages. Currently this denotes |
| which test certificates were used to generate a proof-of-rotation object, |
| if one exists, included in the signing block of the APK, as well as the |
| capabilities of those certificates according to APK Signature Scheme v3. |
| |
| Generation of these apks was performed using the apksigner command-line tool, |
| which lives at tools/apksig/src/apksigner/java/com/android/apksigner/ in the |
| android source tree. Please refer to the usage instructions there for how to |
| sign APKs using different keystores, providers, etc. In particular, some of |
| the APKs in this directory were generated by modifying the apksig library (see |
| README in tools/apksig/) to create invalid or unsupported outcomes. |
