Extend the current signer flags to accept different kinds of signers, like AWS KMS and keystore signers.

Note that these flags should be mutually exclusive, e.g. if I pass --secret-key, I cannot also enable AWS KMS.

Depends on #90