android - Checking APK signature before install through PackageManager.installPackageWithVerification -

i work company building app can programmatically install, update , remove apps (similar google play does). there business requirement support installation of company signed apks. understand cdd allows self-signed certificates. but, keeping cdd requirement aside, best way achieve this?

after spending time on aosp codebase, figured packagemanager provides api called installpackagewithverification can satisfy requirement allow installation of apps signed specific signature. following signature of installpackagewithverification api:

public abstract void installpackagewithverification(uri packageuri,             packageinstallobserver observer, int flags, string installerpackagename,             uri verificationuri, manifestdigest manifestdigest,             containerencryptionparams encryptionparams); 

it appears verificationuri can file uri certificate againinst apk should checked. correct? great if please share more info specific api.

thanks.