Fix the broken existing signature checking on add/resign (RhBug:488953)

Fix the broken existing signature checking on add/resign (RhBug:488953)
- The previously used %_signature macro for determining the generated
  signature type is utterly useless as gpg can generate both DSA and RSA
  signatures just fine. Generate the new signature and compare with the
  previous one in the header (if any) for real results. This is ugly
  hackery around limitations in the lower level signature functions but
  to keep this remotely backportable for now...