Improve robustness of package manager certificate collection.

The package manager contains an optimization which reuses cached
signatures instead of reloading them on startup if the package
appears to be unchanged.  This commit adds an extra check to ensure
that the PackageSettings object actually has valid signatures since
it has happened that they have gone missing.  Unfortunately it does
not address the root cause of the problem but it should alleviate the
symptoms after a reboot.

Bug: b/2547993
Change-Id: I41900c6a752711eb3a901360e3bb29aec946d0be