[identity] Verify lastPrimarySignature for singleton lists
Summary:
Required for ENG-8212.
In case of backup restore, the singleton device list will also have lastPrimarySignature, which wasn't accepted before for singleton device lists.
Test Plan:
Existing tests still pass.
Tested manually with lastPrimarySignature being present:
- Passes with no last primary signature provided and none expected (previous behavior unchanged)
- Fails if signature provided but none expected
- Fails no signature is provided but one is expected
- Passes if valid signature is provided and it's expected (previous signing key provided)
- Fails if signature verification fails for given signing public key
Reviewers: varun, kamil
Reviewed By: kamil
Subscribers: ashoat, tomek
Differential Revision: https://phab.comm.dev/D13222