Does this mean that I am not able to use any permission with 'signature' protection level, so all permissions defined in the Android's API and having such protection level are unavailable to anyone, apart the team which is developing it?
Generally speaking, yes.
More specifically, a signature
-level permission means that the app defending itself with that permission (e.g., via android:permission
attributes) and the app trying to talk to the first app that needs the permission (<uses-permission>
element) must be signed by the same signing key.
If the app defending itself is part of the device firmware, or is the OS itself, only apps signed by the same signing key as that firmware can talk to the defending app by holding the permission.
However, if you write App A that defends itself with a signature
-level permission (e.g., a custom one), and you write App B that wants to talk to the defended portions of App A, you can do so, if you are signing App A and App B with the same signing key.