Don't use upgrade-key-sets check when scanning during boot.

Apps may specify upgrade-key-sets which are different than their current signing
keys to prevent a future upgrade with the current set of keys.  Every package is
re-scanned on boot, however, so the existing application would violate its own
recorded upgrade-key-sets.  Change the key verification check to ignore
upgrade-key-sets on boot.  Also default to the same-sig checks if the
upgrade-key-set meta-data has been corrupted.

Bug: 21785716
Change-Id: I5c0c1e2017ec780a745a74488620bfe95b052269