Bug 903126 - Don't use an xpcshell cert for verification. r=rstrong

toolkit/mozapps/update/updater/Makefile.in

@@ -24,13 +24,12 @@ else
 	SECONDARY_CERT = dep2.der
 endif
 
-CERT_HEADERS := primaryCert.h secondaryCert.h xpcshellCert.h
+CERT_HEADERS := primaryCert.h secondaryCert.h
 
 export:: $(CERT_HEADERS)
 
 primaryCert.h: $(PRIMARY_CERT)
 secondaryCert.h: $(SECONDARY_CERT)
-xpcshellCert.h: xpcshellCertificate.der
 
 $(CERT_HEADERS): gen_cert_header.py
 	$(PYTHON) $< $(@:.h=Data) $(filter-out $<,$^) > $@

toolkit/mozapps/update/updater/archivereader.cpp

@@ -19,7 +19,6 @@
 // being used
 #include "primaryCert.h"
 #include "secondaryCert.h"
-#include "xpcshellCert.h"
 
 #define UPDATER_NO_STRING_GLUE_STL
 #include "nsVersionComparator.cpp"
@@ -72,19 +71,9 @@ ArchiveReader::VerifySignature()
     return ARCHIVE_NOT_OPEN;
   }
 
-  // If the fallback key exists we're running an XPCShell test and we should
-  // use the XPCShell specific cert for the signed MAR.
-  int rv = OK;
-#ifdef XP_WIN
-  if (DoesFallbackKeyExist()) {
-    rv = VerifyLoadedCert(mArchive, xpcshellCertData);
-  } else
-#endif
-  {
-    rv = VerifyLoadedCert(mArchive, primaryCertData);
-    if (rv != OK) {
-      rv = VerifyLoadedCert(mArchive, secondaryCertData);
-    }
+  int rv = VerifyLoadedCert(mArchive, primaryCertData);
+  if (rv != OK) {
+    rv = VerifyLoadedCert(mArchive, secondaryCertData);
   }
   return rv;
 }