The XML files in this directory are taken from the packages tag of a test APK signed with the
certificates and keys under the certs/ directory. To recreate the XML files run the following:

1. Build the test APK:
mmm -j cts/hostsidetests/appsecurity/test-apps/tinyapp/

2. Sign the APK with the first signer:
apksigner sign --in ${OUT}/data/app/CtsPkgInstallTinyApp/CtsPkgInstallTinyApp.apk --out test.apk \
 --cert certs/ec-p256.x509.der --key certs/ec-p256.pk8

3. Install the APK on a device:
adb install test.apk

4. Pull the packages.xml file containing the new entry for the APK from the device:
adb pull /data/system/packages.xml

5. Search the packages.xml file for the package name 'android.appsecurity.cts.tinyapp'. Following is
   the full entry when the APK is signed as above:

    <package name="android.appsecurity.cts.tinyapp" codePath="/data/app/android.appsecurity.cts.tiny
    app-4ix3umoWct_iD26jQ03Z_g==" nativeLibraryPath="/data/app/android.appsecurity.cts.tinyapp-4ix3u
    moWct_iD26jQ03Z_g==/lib" publicFlags="805879364" privateFlags="0" ft="1663710dd00" it="1663710de
    41" ut="1663710de41" version="10" userId="10051">
        <sigs count="1" schemeVersion="3">
            <cert index="16" key="3082016c30820111a003020102020900ca0fb64dfb66e772300a06082a8648ce3d
            04030230123110300e06035504030c0765632d70323536301e170d3136303333313134353830365a170d3433
            303831373134353830365a30123110300e06035504030c0765632d703235363059301306072a8648ce3d0201
            06082a8648ce3d03010703420004a65f113d22cb4913908307ac31ee2ba0e9138b785fac6536d14ea2ce90d2
            b4bfe194b50cdc8e169f54a73a991ef0fa76329825be078cc782740703da44b4d7eba350304e301d0603551d
            0e04160414d4133568b95b30158b322071ea8c43ff5b05ccc8301f0603551d23041830168014d4133568b95b
            30158b322071ea8c43ff5b05ccc8300c0603551d13040530030101ff300a06082a8648ce3d04030203490030
            46022100f504a0866caef029f417142c5cb71354c79ffcd1d640618dfca4f19e16db78d6022100f8eea48297
            99c06cad08c6d3d2d2ec05e0574154e747ea0fdbb8042cb655aadd" />
        </sigs>
        <proper-signing-keyset identifier="480" />
    </package>

The PackageSignatures#readXml and writeXml methods read and write everything within the sigs tag.
The tags and attributes within the sigs tag can be modified and used to verify various good and
error paths for the PackageSignaturesTest.

Step 2 can be modified to sign with multiple signers by running one of the following commands:

- To sign with two signers in the lineage (after the signing key has been rotated once):
apksigner sign --in ${OUT}/data/app/CtsPkgInstallTinyApp/CtsPkgInstallTinyApp.apk --out test.apk \
  --cert certs/ec-p256.x509.der --key certs/ec-p256.pk8 --next-signer --cert \
  certs/ec-p256_2.x509.der --key certs/ec-p256_2.pk8 --lineage certs/ec-p256-lineage-2-signers

- To sign with three signers in the lineage (after the second key rotation):
apksigner sign --in ${OUT}/data/app/CtsPkgInstallTinyApp/CtsPkgInstallTinyApp.apk --out test.apk \
  --cert certs/ec-p256.x509.der --key certs/ec-p256.pk8 --next-signer --cert \
  certs/ec-p256_3.x509.der --key certs/ec-p256_3.pk8 --lineage certs/ec-p256-lineage-3-signers

- To sign with two distinct signers (NOTE: The V3 signature scheme only supports a single signer,
  so this method can only be used with signature schemes V1 and V2):
apksigner sign --in ${OUT}/data/app/CtsPkgInstallTinyApp/CtsPkgInstallTinyApp.apk --out test.apk \
  --cert certs/ec-p256.x509.der --key certs/ec-p256.pk8 --next-signer --cert \
  certs/ec-p256_3.x509.der --key certs/ec-p256_3.pk8 --v3-signing-enabled false