signindex: support signing index-v1.jar
This is a bit different than index.jar: instead of their being index.xml and index_unsigned.jar, the presense of index-v1.json means that there is unsigned data. That file is then stuck into a jar and signed by the signing process. index-v1.json is never published to the repo. It is included in the binary transparency log, if that is enabled.