More progress towards split APKs in ASECs.

Teach DefaultContainerService to install split APKs, which will be
needed when moving to/from ASECs.  Also support forward locking for
testing purposes, even though its deprecated.

Move native library unpacking code to NativeLibraryHelper location
where it can be shared by both DCS and PMS.  Also update footprint
calculation logic to mirror the later unpack codepaths.

Immediately persist sealed sessions.  When resolving install
locations, prefer location of any existing install of that
package.  Lightweight parse requesting certificates now always
verifies that all contents are signed correctly.

Bug: 16514385
Change-Id: Ida1c4eb0f95b065104dd971e19126d4085ebf1f0