webauthnutil: add helpers for webauthn

[calebdoxsey]

Summary

Add a webauthnutil package for helping with webauthn. It includes:

• CredentialStorage which stores webauthn credentials in the databroker.
• GetDeviceType gets a device type from the databroker or a set of pre-defined device types.
• EnrollmentToken which is a SecureToken containing the enrollment id. This token may be passed on the URL to automatically approve a new device. It is HMAC'd and has an expiration timestamp.
• Helpers for generating Request and Creation options which convert the protobuf types into the webauthn types.
• GenerateChallenge used to generate a challenge, which is a random SecureToken that expires after 15 minutes.
• GetUserEntity and GetUserEntityID to fill in the user details for webauthn. The User ID has unique requirements so we use a UUID v5.

Checklist

• reference any related issues
• updated docs
• updated unit tests
• updated UPGRADING.md
• add appropriate tag (improvement / bug / etc)
• ready for review

[codeclimate]

Code Climate has analyzed commit 6c4e79e and detected 0 issues on this pull request.

View more on Code Climate.

[coveralls]

Coverage increased (+0.2%) to 65.048% when pulling 6c4e79e on cdoxsey/webauthnutil into ddccbcf on master.

[wasaga]

15 min seems very large value, is it coming from the standard?

[calebdoxsey]

It was arbitrary. It's the time the user has before the challenge expires. I thought it might take a bit sometimes, say if someone has to go get their yubikey from somewhere... what would be a better value?