Compare signature for pass updates

When updating a pass via the HTTP client, we should check whether the pass is signed with the same certificate to check for its authenticity. This method should also be exposed, so that updates from other sources (downloads etc) can do the same check.