How to programatically verify signed applications?
You can use standard mechanisms to generate payload signature. In your case the payload is an Application.
The signature verification involves the payload (the Application bytes), certificates and the computed signature.
On board, it can be done using the
security library (security-1.1.0.jar).
The main class to look into is
Our implementations of the
security library rely on C libraries provided by the BSP (such as CycurLIB from ESCRYPT).