Update .deb signature verification to use SignTool debian unpacking/repacking logic

[ellahathaway]

We should update the current functionality for extracting Debian packages for signature verification to use the unpacking/repacking logic added in #15345

The current functionality relies on ar, which is not available in all of our images (azurelinux-3.0-net9.0-cross-amd64 is an example). Rather than updating our images, we should update how SignTool extracts the packages.