Support `SignedData.verify()` with signer's certificate absent from `SignedData.certificates` but present in arguments

[gnarea]

I have a SignedData value whose signer's certificate is transmitted separately so, as a workaround, I'm planning to create a temporary copy of the SignedData to add the certificate to SignedData.certificates before calling verify().

However, this is bit of a hack, so I was wondering if you'd welcome a PR to optionally take the signer's certificate from the arguments passed to verify()?

I think there are two ways to do this:

• Plan A: Introducing an additionalCertificates: CertificateSetItem[] parameter, which, will be appended to SignedData.certificates. I think this is the safest approach.
• Plan B: Introducing a signerCert: CertificateSetItem parameter.