1<?xml version="1.0" encoding="utf-8"?>
2<policy>
3
4<!--
5
6    * A signature is a hex encoded X.509 certificate or a tag defined in
7      keys.conf and is required for each signer tag. The signature can
8      either appear as a set of attached cert child tags or as an attribute.
9    * A signer tag must contain a seinfo tag XOR multiple package stanzas.
10    * Each signer/package tag is allowed to contain one seinfo tag. This tag
11      represents additional info that each app can use in setting a SELinux security
12      context on the eventual process as well as the apps data directory.
13    * seinfo assignments are made according to the following rules:
14      - Stanzas with package name refinements will be checked first.
15      - Stanzas w/o package name refinements will be checked second.
16      - The "default" seinfo label is automatically applied.
17
18    * valid stanzas can take one of the following forms:
19
20     // single cert protecting seinfo
21     <signer signature="@PLATFORM" >
22       <seinfo value="platform" />
23     </signer>
24
25     // multiple certs protecting seinfo (all contained certs must match)
26     <signer>
27       <cert signature="@PLATFORM1"/>
28       <cert signature="@PLATFORM2"/>
29       <seinfo value="platform" />
30     </signer>
31
32     // single cert protecting explicitly named app
33     <signer signature="@PLATFORM" >
34       <package name="com.android.foo">
35         <seinfo value="bar" />
36       </package>
37     </signer>
38
39     // multiple certs protecting explicitly named app (all certs must match)
40     <signer>
41       <cert signature="@PLATFORM1"/>
42       <cert signature="@PLATFORM2"/>
43       <package name="com.android.foo">
44         <seinfo value="bar" />
45       </package>
46     </signer>
47-->
48
49    <!-- Platform dev key in AOSP -->
50    <signer signature="@PLATFORM" >
51      <seinfo value="platform" />
52    </signer>
53
54</policy>
55