Create checksum and signatures

While building assets for release, build a checksum file.  Also, sign all of the build assets, so users have some confidence that the packages have not been tampered with.