Provide checksum check on uncommited upload that is transformed into a content unit

[simenon]

Is your feature request related to a problem? Please describe.
In #5875 we had a discussion about that it is no longer allowed to list artifacts.

That lead to the point that if you want a chunked upload transform in a content unit you should call one of the following on an uncommitted upload
https://pulpproject.org/pulp_file/restapi/#tag/Content:-Files/operation/content_file_files_create
https://pulpproject.org/pulp_rpm/restapi/#tag/Content:-Packages/operation/content_rpm_packages_create

One of the benefits of the /commit step of the chunked upload was that you could verify the end result with a checksum. This is no longer possible in the new scenario

Describe the solution you'd like
Option to pass a checksum when an uncommitted upload is transformed in a content unit. I guess it could also benefit regular uploads and file_url's to have a checksum verification

Describe alternatives you've considered
None

Additional context
This is a consequence of not allowing non admins to list artifacts and allow artifacts to change in content units

[mdellweg]

When thinking about where to put the checksum, I see different options.
We could add a whole bunch of checksums to be checked on the upload object. That would allow us to not only check sha256. But maybe the user/client does not know the checksum of the stream before starting to upload chunks.
Also we have other means of committing data into content units (direct file upload, remote url) these could benefit from checksum verification as well. So I guess, we should add some sort of "expected file attributes" sub serializer to the content create serializer (filesize could be worth checking too).