CAS/Bytestream: Add additional hash length checks

When handling batch reads and writes BuildGrid is currently not very strong at handling invalid hashes: it assumes all clients have no bugs and always send hashes that are valid. In the other read/write modes it checks digest validity.

This MR adds more rigorous protections against invalid digests for batch read and write, and reports them in the response.

I noticed this issue particularly when using S3, with a bucket configured as {digest[0]}{digest[1]}. When I provide a 1-length digest, BuildGrid would raise an exception as it tries to substring. These kinds of checks should be handled at the highest possible layer.

Tests to cover these cases.