The certificates of the package and its shared user certificates
are initialized only when installing the package.
When scanning the packages, the certificates are collected from the apk
if the time stamp changes. If not the one's from
PackageSetting(read from packages.xml) are reused.
Removed mergeSignatures and updateSignatures since we don't support
this any more.
Also fix some bugs related to reinstalling failed upgrades.
Some unit tests.
Change-Id: Ibdeff170bd386d723f774136b18e0ad59d9cdabb
ae18171acd