As we all know, MANIFEST.MF contains sha1-digest encoded in base64 for all the files in apk, CERT.SF contains sha1-digest of file MANIFEST.MF and all items in it, and CERT.RSA contains signature for file CERT.SF and a certification.
Here is the question: Why not just sign MANIFEST.MF and save the signature in CERT.RSA directly?
The apk protection chain is .(RSA|DSA|EC) -> .SF -> MANIFEST.MF -> contents of each integrity-protected JAR entry.
As per official android page [website][1]
.SF file contains a whole-file digest of the META-INF/MANIFEST.MF and digests of each section of META-INF/MANIFEST.MF. The whole-file digest of the MANIFEST.MF is verified. If that fails, the digest of each MANIFEST.MF section is verified instead.
Thus, CERT.SF is added to provide fallback mechanism for signature verification.
