Verify apex files on staged sessions.

import android.annotation.NonNull;

import android.apex.ApexInfo;

import android.apex.ApexInfoList;

import android.apex.IApexService;

import android.content.pm.PackageInstaller;

import android.content.pm.PackageInstaller.SessionInfo;

        return false;

    }

    void commitSession(@NonNull PackageInstallerSession sessionInfo) {

        updateStoredSession(sessionInfo);

    private static boolean submitSessionToApexService(int sessionId, ApexInfoList apexInfoList) {

        final IApexService apex = IApexService.Stub.asInterface(

                ServiceManager.getService("apexservice"));

        boolean success;

        try {

            success = apex.submitStagedSession(sessionId, apexInfoList);

        } catch (RemoteException re) {

            Slog.e(TAG, "Unable to contact apexservice", re);

            return false;

        }

        return success;

    }

    void preRebootVerification(@NonNull PackageInstallerSession session) {

        boolean success = true;

        if ((session.params.installFlags & PackageManager.INSTALL_APEX) != 0) {

        mBgHandler.post(() -> {

            sessionInfo.setStagedSessionReady();

            final ApexInfoList apexInfoList = new ApexInfoList();

            SessionInfo session = sessionInfo.generateInfo(false);

            // For APEXes, we validate the signature here before we write the package to the

            // staging directory. For APKs, the signature verification will be done by the package

            // manager at the point at which it applies the staged install.

            if (!submitSessionToApexService(session.sessionId, apexInfoList)) {

                success = false;

            } else {

                // For APEXes, we validate the signature here before we mark the session as ready,

                // so we fail the session early if there is a signature mismatch. For APKs, the

                // signature verification will be done by the package manager at the point at which

                // it applies the staged install.

                //

                // TODO: Decide whether we want to fail fast by detecting signature mismatches right

                // away.

            if ((sessionInfo.params.installFlags & PackageManager.INSTALL_APEX) != 0) {

                if (!validateApexSignatureLocked(session.resolvedBaseCodePath,

                        session.appPackageName)) {

                    sessionInfo.setStagedSessionFailed(SessionInfo.VERIFICATION_FAILED);

                for (ApexInfo apexPackage : apexInfoList.apexInfos) {

                    if (!validateApexSignatureLocked(apexPackage.packagePath,

                            apexPackage.packageName)) {

                        success = false;

                        break;

                    }

                }

            }

        }

        if (success) {

            session.setStagedSessionReady();

        } else {

            session.setStagedSessionFailed(SessionInfo.VERIFICATION_FAILED);

        }

        mPm.sendSessionUpdatedBroadcast(session.generateInfo(false), session.userId);

    }

            mPm.sendSessionUpdatedBroadcast(sessionInfo.generateInfo(false), sessionInfo.userId);

        });

    void commitSession(@NonNull PackageInstallerSession session) {

        updateStoredSession(session);

        mBgHandler.post(() -> preRebootVerification(session));

    }

    void createSession(@NonNull PackageInstallerSession sessionInfo) {