Implement transparent key rotation system

[timotheeg]

The SDK currently hardcodes the public key that is used to validate the call signatures.

The SDK is instaled by admins in their webhook handlers and deployed in their infratsucture. If we have to rotate the key, we will need to notify all admins for them to download the latest SDK and redeplloy their webhook handler. That is a very invasive process, and the longer we wait the more webhook forms will need to be updated.

We should support transparent key rotation, and there are simple techniques which we could apply:

• Don't hardcode the public key, retrieve the key at bootstrap from the formsg servers, perhaps from a .well-known endpoint
• Allow retrieving an array of key, rather than a single key. This will allow a smooth transition from one encrypting key to the next
  • SDK can try the keys till one succeeds