add signing checker script to releasetools

The check_target_files_signatures determines what key was used to sign
every .apk in a given target_files.  It can compare that signature to
that of another target_files (eg, the previous release for that
device) and flag any problems such as .apks signed with a different
key.

(This is a backport of a change in froyo.  It does not affect device
code, only the scripts that sign images and OTA packages.)