This PR replaces the GOOGLE_CLOUD_DATASTORE_HTTP_ENABLE_E2E_CHECKSUM flag with two:

• GOOGLE_CLOUD_DATASTORE_HTTP_ENABLE_E2E_REQUEST_CHECKSUM - attach payload checksum header to requests (enabled by default)
• GOOGLE_CLOUD_DATASTORE_HTTP_ENABLE_E2E_RESPONSE_CHECKSUM - verify response checksum (if extsts in response headers) against response payload and raise IOException if it doesn't match (disabled by default)

And enables the E2E request checksum by default.
This is safe because nobody is using the old flag and we don't reject calls with invalid checksum on the server side yet. But this will provide us the analytics of number of requests with valid/invalid checksums to find edge cases and better prepare for E2E checksum rollout.

The tests for RemoteRpc using request and response checksum was also reworked.

Previously the test called the protected setHeaders but it does not verify that RemoteRpc will call it when making a call. I. e., if in the future we change RemoteRpc's call method and remake adding the headers without using the setHeaders method then the tests will remain green while necessary headers may not be added.

Instead of calling setHeaders from the test itself, we pass the expected headers to the MyHttpTransport and make sure the required headers are in place when MyLowLevelHttpRequest is doing its execute call.

It is easy to convert the remaining test (not related to E2E checksum) that uses setHeaders to the same approach, then we can make setHeaders private. I can do it in a separate PR if you like.

Another change in the test is that now we verify that checksum in the header is generated correctly (not just checking the length of the checksum string) and verify that the response checksum gets validated.