remote: defensively validate referrers subject binding

[1seal]

title: remote: defensively validate referrers subject binding

summary

• when the referrers API endpoint is used, validate that each returned referrer (manifest or index) is actually bound to the requested subject digest (subject.digest).
• filter out referrers that are missing a subject or whose subject digest does not match the requested digest.
• if the returned referrers index includes a subject digest and it does not match the requested digest, return an error.

rationale

• the referrers response crosses an untrusted service boundary. consumers often use referrers for discovery in integrity/policy workflows, so defensive binding validation helps prevent incorrect associations.

behavior change

• additional manifest fetches are performed to validate binding (one per returned descriptor) when the referrers API endpoint is used.
• registries returning wrong-subject referrers will no longer surface those descriptors to callers.

tests

• added unit tests that cover wrong-subject filtering, missing-subject filtering, index referrers, and index-level subject mismatch.
• go test ./...