Enable signing validation of .pkg files using SignCheck

[ellahathaway]

Closes dotnet/source-build#4857

Pipeline run

[ellahathaway]

Current output from test run is:

[File] test.pkg, Signed: True [Error] Timestamp (2/7/2025 6:54:02 PM) outside validity period (2/1/2027 10:12:15 PM to 2/1/2027 10:12:15 PM)., Timestamp (2/7/2025 6:54:02 PM) outside validity period (2/1/2027 10:12:15 PM to 2/1/2027 10:12:15 PM)., Timestamp (2/7/2025 6:54:02 PM) outside validity period (2/9/2035 9:40:36 PM to 2/9/2035 9:40:36 PM).
  [File] 6741a098e863e0ff41f9bddf2c67747dbd9adde100e3deca6e308852287baddd.pkg, Signed: False, Virtual path: test.pkg/NestedPkg.pkg, Full Name: NestedPkg.pkg [Error] Timestamp (2/7/2025 6:54:02 PM) outside validity period (2/1/2027 10:12:15 PM to 2/1/2027 10:12:15 PM)., Timestamp (2/7/2025 6:54:02 PM) outside validity period (2/1/2027 10:12:15 PM to 2/1/2027 10:12:15 PM)., Timestamp (2/7/2025 6:54:02 PM) outside validity period (2/9/2035 9:40:36 PM to 2/9/2035 9:40:36 PM).

Need to figure out two things:

• Why the timestamp is outside of the validity period - fixed
• Why the NestedPkg.pkg is listed as being not-signed. - pinged @mmitche offline. I don't think that the lack of pkg signature here is related to these code changes, so I'm going to publish this PR now.

[ellahathaway]

Converting this to a draft PR. There are a few things to do first that will clean up the logic in this PR:

• Refactor the ArchiveVerifier. This will allow other package types to inherit the classes in a more concise way.
• Break the MacOsPkg tool up into a cli tool and a library

[ellahathaway]

This PR is ready. Just wanting on #15519 and #15508 to be completed before publishing.