Don't rely on protobuf field serialization order

[jtoohill]

Per the protobuf encoding guide, "Serialization order is an implementation detail and the details of any particular implementation may change in the future".

We rely on signatures over serialized protobufs in the google.keytransparency.v1.SignedEntry proto. There's probably other places as well, that's just the first one that come to mind. It happens to work because the protobuf implementation we use has a stable serialization order, but that shouldn't be relied on.

[jtoohill]

In particular, we compare serialized protos in the replay detection here. A new mutation with the same Entry but a different serialization wouldn't be caught by that check.