2e1f052f45
* We now require that all certs used to sign the apk and all certs stored with policy be tested for set equality. Prior efforts required that the cert included with policy only needed to match one of the certs included with an apk. * Allowed a new tag to be included with policy describing the signatures. <cert signature=""/> is now allowed as a child element of the <signer> tag describing multiple certs. The old way of describing signatures attached as attributes to the root signer tag is still supported. The engine now treats it the same as if they used the new layout with the outer signature as the first signature value. * Moved the class which holds all policy from an inner static to a builder pattern governed by the Policy.PolicyBuilder class. This will help provide more clarity and allow for easier enforcement of certain invariants as the policy representation is being built. * Loads of new comments. Change-Id: I38eb00ed8962fdef71bc9f2e7370cb910cadeff4 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>