Allow checking hashes for exact versions, and check them for default versions

[andersk]

Corepack currently depends on the security of HTTPS. Projects that want stronger guarantees should optionally be allowed to configure an integrity hash for the downloaded package manager. Obviously this would only be possible when configuring an exact version rather than a range.

Integrity hashes for the default known-good versions should be included in Corepack, so that users get the strongest security guarantees by default.

(Related to #10, but without requiring modifications to the registry or the package managers.)