313d707fb9
nsIX509CertDB.openSignedAppFileAsync supports PKCS#7 signatures with either SHA-1 or SHA-256 as well as COSE signatures with SHA-256. To deprecate SHA-1, it would be helpful to know which signatures the implementation actually encountered and verified. This patch returns this information via the nsIOpenSignedAppFileCallback.openSignedAppFileFinished callback. In addition, this patch returns the verified certificate that created each verified signature. Differential Revision: https://phabricator.services.mozilla.com/D203304