Introduce integrity block v2

[GrapeGreen]

This PR changes the format of the integrity block from [magic, version, signatures] to [magic, version, ib_attributes, signatures], where ib_attributes is a map with a single attribute called webBundleId; this field's purpose is to simplify key rotation while having a guarantee that the ID of the web bundle is always stable regardless of the signing keys specified.

The default behavior of the signing tool stays the same, i.e. the following invocation
wbn-sign --input {bundle} -k {key} -o {output}
will continue generating the usual v1 bundles.

With v2, on the contrary, it's now possible to have the bundle signed by multiple signatures in parallel and explicitly call out the exact web-bundle-id:
wbn-sign --version v2 --input {bundle} -k {key1} {key2} {key3} -o {output} --web-bundle-id {id}

Chrome supports both v1 & v2 bundles as of M128.