* Verify the cryptographic signature of a system update package before installing it. Note thatthe package is also verified separately bythe installer once the device is rebooted intothe recovery system. This function will return only ifthe package was successfully verified; otherwise it will throw an exception.
Verification of a package can take significant time, so this function should not be called from a UI thread. Interrupting the thread while this function isin progress will resultin a SecurityException being thrown (andthe thread's interrupt flag will be cleared).
@param packageFile the package to be verified
@param listener an object to receive periodic progress
updates as verification proceeds. May be null.
@param deviceCertsZipFile the zip fileof certificates whose
public keys we will accept. Verification succeeds ifthe
package is signed bythe private key corresponding to any
default file (currently "/system/etc/security/otacerts.zip").
@throws IOException if there were any errors reading the
package or certs files.
@throws GeneralSecurityException if verification failed