Add support for using external signing application and .pem private key files to vbutil_keyblock.

This allows signing using a .pem file using an external program.

It is assumed that the external program reads input from stdin, and outputs signed data on stdout. It takes one argument - the file name for the .pem private key reference. See for an example external program.

Example usage:
vbutil_keyblock --pack 4096.keyblock \
                --datapubkey 4096.vbpubk \
                --signprivate_pem 4096.pem \
                --pem_algorithm 8 \
                --externalsigner ""

I have tried to make the change such that it doesn't impact existing tools/interfaces (since these are used at various places). That said, I am aware of the places where we could just extend an old interface an avoid code duplication but thought I'd put that re-factoring in as a TODO for now. Let me know if you disagree and I can merge them (and changing the existing interface).

TEST=Extended to test vbutil_keyblock packing using an external signer.

To test, make && make runtests (or just run tests/; tests/

Review URL:

Change-Id: I7cc52c8293c04ef9ba074794d046c9a4f19f6bdd
7 files changed