1APKs in this directory are used by PkgInstallSignatureVerificationTest. 2See that class for additional information about their use. 3 4In general, they are differently signed forms of the tinyapp APK and follow 5the following naming scheme: 6 7${version}-with-${signing-algorithm}-${OID-params}-${keysize}-${extra_info} 8 9where some fields may not be present, but have the following meaning: 10 11version: denotes which APK Signature Scheme (v1, v2, and/or v3) was used 12signing-algorithm: indicates how the signature was generated 13OID-params: PKI object identifiers indicating how to use the provided key 14 to generate the signature. See, e.g. rfc3279 and rfc4055. 15keysize: the size of the key used for signing 16extra_info: additional notes to distinguish packages. Currently this denotes 17 which test certificates were used to generate a proof-of-rotation object, 18 if one exists, included in the signing block of the APK, as well as the 19 capabilities of those certificates according to APK Signature Scheme v3. 20 21Generation of these apks was performed using the apksigner command-line tool, 22which lives at tools/apksig/src/apksigner/java/com/android/apksigner/ in the 23android source tree. Please refer to the usage instructions there for how to 24sign APKs using different keystores, providers, etc. In particular, some of 25the APKs in this directory were generated by modifying the apksig library (see 26README in tools/apksig/) to create invalid or unsupported outcomes. 27