When decoding SBOMs, surface more information instead of just "unable to identify format"

[kzantow]

Please provide a set of steps on how to reproduce the issue

syft file:$(which syft) -o spdx-tag-value | sed -e 's/SHA256/sha256/g' > bad-checksum-algorithm.spdx
syft convert bad-checksum-algorithm.spdx -o table

What happened:
When an SBOM format fails to parse an SBOM, error messages returned from the format.Identify are not displayed anywhere. Instead all the user is presented with is "unable to identify format", which gives no path to identify or resolve the issue.

What you expected to happen:
The user gets notified why an SBOM fails to parse.

Anything else we need to know?:
We could/should make the Identify functions more intelligent to check for things like "is this JSON, XML, or Tag-Value?" and subsequently things like matching Syft, SPDX, or CycloneDX within the document: SPDXVersion: SPDX-2.3 or "spdxVersion": "SPDX-2.3", in order to more accurately attempt to parse and return a valid error for the user.

Environment:

• Output of syft version:
  Application: syft
  Version: 0.62.0
  JsonSchemaVersion: 6.0.0
  BuildDate: 2022-11-18T19:09:50Z
  GitCommit: da4b2df
  GitDescription: v0.62.0
  Platform: darwin/amd64
  GoVersion: go1.18.7
  Compiler: gc

• OS (e.g: cat /etc/os-release or similar): any OS