Strict Chromium version checking is necessary because both sandbox
info and chrome_elf introduce Chromium version dependencies, and we
don't know which non-matching versions are compatible.
This adds a runtime dependency on chrome_elf.dll and makes all
runtime errors LOG(FATAL) to generate a crash report. Don't wait
for libcef to load before running as the crashpad-handler process.
Move code signing verification code to libcef_dll_wrapper
and add example checks in cefclient.
Load libcef.dll with code signing checks.
Add a CefScopedLibraryLoader variant for Windows.
If either the bootstrap executable or the client dll is code signed
then both must be valid (all signatures) and signed with the same
primary certificate. This is a protection against mixing binaries
with different trust levels.
