CDHash based rules

[tnek]

We'd like to extend rule types in Santa to block off of binary CDHash. As CDHashes are already provided by the EndpointSecurity framework, this allows us to skip the expensive hashing in Santad.

Proposed New Rule Precedence (in-order of highest to lowest)

• CDHash
• SHA256
• Certificate
• Team ID

Steps to Completion

• Refactor santa_message_t to not hold the raw es_message_t
• Update EndpointSecurityManager to construct a santa_message_t with the relevant information for higher-level policy processing.
• Update santactl sync and rule commands to create/read/update/delete these new rules.
• Update validateBinaryWithMessage to properly check by CDHash first
• Update SNTPolicyProcessor to add a method for checking CDHashes