Use libwebauthn for JSON response serialization

This commit migrates from custom JSON response serialization to
libwebauthn's WebAuthnIDLResponse::to_inner_model() for both
create credential (MakeCredential) and get credential (GetAssertion)
responses.

Changes:
- Use libwebauthn's to_inner_model() to serialize responses, then
  modify the result to add transport and authenticator_attachment
  information that is known at the credential service level
- Remove create_credential_request_try_into_ctap2's client_data_json
  return value (now extracted from the request by libwebauthn)
- Remove get_credential_request_try_into_ctap2's client_data_json
  return value
- Update gateway.rs to clone the request for response serialization
- Remove unused modules: cbor.rs, cose.rs, serde/mod.rs
- Simplify webauthn.rs to just re-exports from libwebauthn

This removes ~800 lines of custom serialization code including:
- CreatePublicKeyCredentialResponse and GetPublicKeyCredentialResponse
- AttestationStatement enum and create_attestation_object function
- All the extension output types (CredentialPropertiesOutput, etc.)
- Custom CBOR writer for attestation object serialization
- COSE key type helpers

The response serialization now uses libwebauthn's implementation which:
- Handles attestation object CBOR encoding
- Handles all extension output serialization
- Handles base64url encoding of binary fields
- Produces WebAuthn Level 3 compliant JSON responses

Author: AlfioEmanueleFresta

credentialsd/src/cbor.rs

@@ -233,7 +233,7 @@ impl<C: CredentialRequestController + Send + Sync + 'static> CredentialGateway<C
                 tracing::warn!("Client attempted to issue cross-origin request for credentials, which are not supported by this platform.");
                 return Err(WebAuthnError::NotAllowedError.into());
             }
-            let (make_cred_request, client_data_json) =
+            let make_cred_request =
                 create_credential_request_try_into_ctap2(&request).map_err(|e| {
                     if let WebAuthnError::TypeError = e {
                         tracing::error!(
@@ -248,6 +248,7 @@ impl<C: CredentialRequestController + Send + Sync + 'static> CredentialGateway<C
             }
             // Find out where this request is coming from (which application is requesting this)
             let requesting_app = query_connection_peer_binary(header, connection).await;
+            let make_cred_request_for_response = make_cred_request.clone();
             let cred_request =
                 CredentialRequest::CreatePublicKeyCredentialRequest(make_cred_request);
 
@@ -260,7 +261,7 @@ impl<C: CredentialRequestController + Send + Sync + 'static> CredentialGateway<C
 
             if let CredentialResponse::CreatePublicKeyCredentialResponse(cred_response) = response {
                 let public_key_response =
-                    create_credential_response_try_from_ctap2(&cred_response, client_data_json)
+                    create_credential_response_try_from_ctap2(&cred_response, &make_cred_request_for_response)
                         .map_err(|err| {
                             tracing::error!(
                                 "Failed to parse credential response from authenticator: {err}"
@@ -306,11 +307,12 @@ impl<C: CredentialRequestController + Send + Sync + 'static> CredentialGateway<C
             // - if RP ID is set, but origin's effective domain doesn't match
             //    - query for related origins, if supported
             //    - fail if not supported, or if RP ID doesn't match any related origins.
-            let (get_cred_request, client_data_json) =
+            let get_cred_request =
                 get_credential_request_try_into_ctap2(&request).map_err(|e| {
                     tracing::error!("Could not parse passkey assertion request: {e:?}");
                     WebAuthnError::TypeError
                 })?;
+            let get_cred_request_for_response = get_cred_request.clone();
             let cred_request = CredentialRequest::GetPublicKeyCredentialRequest(get_cred_request);
             // Find out where this request is coming from (which application is requesting this)
             let requesting_app = query_connection_peer_binary(header, connection).await;
@@ -324,7 +326,7 @@ impl<C: CredentialRequestController + Send + Sync + 'static> CredentialGateway<C
 
             if let CredentialResponse::GetPublicKeyCredentialResponse(cred_response) = response {
                 let public_key_response =
-                    get_credential_response_try_from_ctap2(&cred_response, client_data_json)
+                    get_credential_response_try_from_ctap2(&cred_response, &get_cred_request_for_response)
                         .map_err(|err| {
                             tracing::error!(
                                 "Failed to parse credential response from authenticator: {err}"
@@ -448,8 +450,6 @@ impl From<WebAuthnError> for Error {
 
 #[cfg(test)]
 mod test {
-    use std::future::Future;
-
     use credentialsd_common::model::WebAuthnError;
 
     use crate::dbus::gateway::check_origin;