Sign generated files with PCKS#7 (and maybe OpenBSD signify)

[poettering]

Currently mkosi can sign generated artifacts with gpg. I'd like to move away from that, hence I'd like to see support for alternative signature schemes. Specifically:

1. I'd particularly love to see PKCS#7 being used for this. This would be particularly interesting since we could use the SecureBoot signature keys for this we already read anyway. You'd thus just need a single key pair/certificate, not many. This would simplify things greatly: if we could sign both the UEFI kernels and the disk images, all the same way things would become so much simpler. Implementation idea: add mkosi.sign.crt + mkosi.sign.key that are preferably used for signing the artifacts if they exist. If they don't, use mkosi.crt + mkosi.key and then change the secureboot logic to follow a similar loic: if mkosi.secure-boot.crt+ mkosi.secure-boot.key exists use tht, but otherwise fall back to the common mkosi.crt+ mkosi.key. That way people can either just have one pair if they want everything signed with the same key, or have two pairs, if they want distinct keys.
2. The other option is OpenBSD signify. This is simpler and more modern. It's just ed25519 ultimately. very pretty in its simplicity. Trivial to implement if you link to openssl. Drawback: we could use this only for signing the images, it's not suitable for signing UEFI kernels. Matching the PKCS#7 idea we'd introduce mkosi.sign.pub + mkosi.sign.sec (as .pub + .sec are how signify likes to name its key pair files).

(Oh, and maybe we should update the gpg code to look for mkosi.sign.gpg or so as a keyring to extract the gpg keys from, to match the PKCS#7 and signify idea)

I intend to update systemd-importd with the ability to verify downloads with either PKCS#7 and signify signatures.