Add the SHA256 digest of the intoto payload into the rekor entry

[bobcallaway]

Currently we are storing the digest over the entire intoto envelope in the corresponding Rekor entry. This PR adds the SHA256 digest for the envelope's payload (the base64 decoded bytes) into the log entry as well.

This also fixes the length check in Attestation to measure against the length of bytes after base64 decoding the payload, instead of the payload itself.

@asraa @haydentherapper @SantiagoTorres

[codecov-commenter]

Codecov Report

Merging #764 (39b1a25) into main (3de8b60) will decrease coverage by 0.18%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main     #764      +/-   ##
==========================================
- Coverage   49.15%   48.96%   -0.19%     
==========================================
  Files          61       61              
  Lines        5566     5577      +11     
==========================================
- Hits         2736     2731       -5     
- Misses       2536     2551      +15     
- Partials      294      295       +1     

Impacted Files	Coverage Δ
pkg/types/intoto/v0.0.1/entry.go	33.33% <0.00%> (-2.10%)	⬇️
pkg/types/helm/v0.0.1/entry.go	52.41% <0.00%> (-1.21%)	⬇️
pkg/types/alpine/v0.0.1/entry.go	61.24% <0.00%> (-0.78%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3de8b60...39b1a25. Read the comment docs.

[haydentherapper]

Should you either return an error if a non sha256 algorithm enum is specified?

[bobcallaway]

we're setting the value, its not user selectable

[haydentherapper]

Ah, looks good then!

[dlorenc]

Nice!