Will your phone accept an app upgrade which has been signed by Google or Apple instead of by Signal?
If not, is the law capable of compelling your telephone vendor to ship you an upgrade that weakens its upgrade testing enough that Apple/Google can ship you such an upgrade?
Apple controls the root CA on iOS devices. I guess that Google controls the root CA on Android too. Therefore it is within their technical ability to issue a certificate that bears the name of Signal and is trusted by almost all devices. They wouldn’t need to ship any OS upgrades to forge the signature of Signal, as they are already the ultimate authority of who is Signal. I won’t speculate on whether they or their Australian employees will actually do so in the future.
AFAIK, that's not how Android works. Each apk is signed by a standalone certificate (which does not have to be signed by any CA), and the operating system will only allow an upgrade if the same certificate is used. Which means a developer must carefully guard the certificate's private key; if it's lost, the application can no longer be updated, but it must instead be released as a new application with a separate name. And since AFAIK this mechanism is part of the operating system (not the constantly-updated Google Play store), to bypass it would require a full OS update.
(This has other consequences: if a developer releases the same apk to several stores, but it's signed by different certificates on each store, a user who installed the apk from one store will not be able to upgrade it using the other store.)
My understanding is that it would not due to the different app signing certificate. This would be a new application unless Apple or Google signs the app using certificate forgery or similar.
The Australian government could just force Google or Apple to make updates to their OS to not enforce signatures for some apps, or put in vulnerabilities that could be used by them to bypass signature checking at all.
I'm not a lawyer, but from what I hear any Australian employees can be compelled to change code and be threatened with prison if they tell anyone. Any companies with any presence in Aus can be given demands and gag orders to ensure they can't talk about what is happening.
And if this article is trustworthy, this isn't hypothetical, it's already happening right now. Right now people are being served with orders to do things like this and if they tell anyone (including the company they work for and are in essence "attacking"), they can kiss their life goodbye.
That's what makes it so scary. A programmer that is living in Aus that works for Google or Apple could one day get a notice that they are now mandated to modify code for an unknown reason with the threat of prison if they don't or if they tell anyone. Technically even programmers that don't work for those companies can be compelled to make contributions to open source software to introduce vulnerabilities or exploits, and again there is literally nothing the person can do except follow orders or go to jail forever.
If not, is the law capable of compelling your telephone vendor to ship you an upgrade that weakens its upgrade testing enough that Apple/Google can ship you such an upgrade?