* Add support for ed25519/signify/minisign keys and signatures

Signed-off-by: Bob Callaway <bcallawa@redhat.com>

- adds trillian API object to context
- improves request error logging pre and post validation
- use consistent request context throughout all GRPC calls
- improve validation of incoming UUID values
- disable swagger UI endpoint
- only print cacheable headers if response code is HTTP 2XX
- use GetLeavesByRange instead of deprecated GetLeavesByIndex API

Signed-off-by: Bob Callaway <bcallawa@redhat.com>

* add types unit tests

* explicitly ignore error from ValidateLeaf

* improve PGP unit test coverage (#58)

* update & improve pgp unit tests

* add types unit tests

* explicitly ignore error from ValidateLeaf

* use files instead of embedded strings

* update & improve pgp unit tests

If the HTTP fetch failed, the io.Pipe created to pass the response body to the
goroutines that compute the SHA256 hash and verify the signature would be leaked.

Some changes:
- import names (app -> api, logging -> log)
- Commands package (cmd -> app)

This also breaks the go module dependency on rekor-server.

Seems to work for Node right now. I haven't tested on linux.