For reference, this StackOverflow answer - https://stackoverflow.com/a/53407183 - has a reasonable-looking implementation. My understanding is that in the apkContentsSigners path, we should check that all certificates matches, while in the signingCertificateHistory path, we need to only check that one certificate matches.
UAMP uses
PackageInfo#signatures, see https://github.com/android/uamp/blob/2136c37bcef54da1ee350fd642fc61a744e86654/common/src/main/java/com/example/android/uamp/media/PackageValidator.kt#L107 - this is deprecated in API 28. The newer APIs involve usingPackageInfo#signingInfo. The associated APIs on that class -apkContentsSigners,signingCertificateHistory,hasMultipleSigners- need careful attention to ensure they are used correctly. We could adjust UAMP to show proper usage of these APIs.For reference, this StackOverflow answer - https://stackoverflow.com/a/53407183 - has a reasonable-looking implementation. My understanding is that in the
apkContentsSignerspath, we should check that all certificates matches, while in thesigningCertificateHistorypath, we need to only check that one certificate matches.