[identity] validate signed message from keyserver

Summary:
introduce a new function that validates the signed keyserver message sent as part of registration start request (for claiming a reserved username)

checks that the message is the right format, the username in the message matches the username in the gRPC request field, and the timestamp is valid. once we have the keyserver public key available, we should actually verify the signature.

Depends on D8060

Test Plan: tested in subsequent diff which uses the new validate function

Reviewers: jon, bartek

Reviewed By: jon, bartek

Subscribers: ashoat, tomek

Differential Revision: https://phab.comm.dev/D8061