Create new instance of shared lineage signers to preserve capabilities

When the platform writes package signatures to packages.xml the first
instance of a shared signature is written with the hex value of the
ANS.1 DER encoding and an index; subsequent instances of the same
signature just reference it via the index value. When writing a
previous signer in the lineage a flags attribute is also written
containing the capabilities of this previous signer in the lineage.
During boot the platform will read the packages and signatures from
the packages.xml, but when a shared signer is read the initial
instance of the signature is used for all packages that share this
same signer even if the signer is a previous signer with its own
capabilities. This causes the platform to lose the unique
capabilities granted to each signing lineage that use the same
signatures and can prevent apps from being able to join a
sharedUserId if another app with a lineage has revoked this
capability from its own signer. This commit creates a new signature
for each shared signature used as a previous signer in the
lineage to ensure these unique capabilities are maintained.

Bug: 195789348
Test: atest PkgInstallSignatureVerificationTest#
  testSharedKeyInSeparateLineageRetainsDeclaredCapabilities
Change-Id: I0f763a1b1b004c6e6e4f80d0e401ad5d4c4fab34