Enhance support for ISO checksum verification

Currently, live-build supports embedding checksum verification data into ISOs, but it's not very usable. When using a traditional live-boot-based live ISO, the only way to do checksum verification is to edit the kernel command line from within the bootloader and add verify-checksums to it. This is not great UX for accessing this feature. Furthermore, dracut-based ISOs don't have checksum support yet.

This MR attempts to fix both of these issues. If checksums are added to the ISO, boot menu entries will be added that will do checksum verification. Additionally, md5-based checksum verification is added for dracut, which leverages isomd5sum since that's what dracut natively supports.

(Note that this does not resolve the currently bad UX that live-boot provides for checksum verification - if you do checksum-verify a Debian ISO that uses live-boot, you get no feedback about what the verification process is doing, and the only way you know the process worked is because the live environment reboots itself automatically. This is something I'd like to also fix potentially, but that needs fixed in live-boot. Dracut provides good feedback about what's happening when it checksum-verifies an ISO, so that won't need any further changes in order to make it good.)