kbx: Add bounds check to detect corrupt keyboxes.

* kbx/keybox-dump.c (_keybox_dump_blob): Fix the fixmes.  Add support
for 32 byte fingerprints.

kbxutil is a debug tool but nevertheless it should behave well and not
read beyond allocated buffers and in turn crash.

Vincent Ulitzsch and Dominik Maier were kind enough to report these
crashes along with a couple of test keyboxes and crash analysis.

Backported from master and while doing that adding also the support
for OpenPGP v5 keys.

• Signed-off-by: Werner Koch <wk@gnupg.org>