Fix and improve handling of good but not fully valid signatures

The check for unknown validity in the old code was wrong because
GpgME::Signature::Validity::Unknown equals 0 so that
(sig.validity() & GpgME::Signature::Validity::Unknown) is always falsy.

The new code explicitly handles good signatures made with not fully
certified keys, with expired keys and with revoked keys and it handles
good signatures that have expired. Previously, all of those good
signatures were reported as invalid signatures.

The new texts (e.g. the warnings) are based on the texts printed by gpg.

• GnuPG-bug-id: T8035