Previously, we only fuzzed the deserialization of
PublicKeyCredentialUserEntity. This patch replaces that fuzz target
with the deserialization of entire ctap1 and ctap2 requests.
This makes it possible to use the requests in fuzzing. The
implementations are behind an arbitrary feature. As arbitrary requires
std, we also introduce a std feature. Both new features are disabled by
default.
These tests makes sure that the serialization of the new enums works
correctly, and also help to detect accidental changes to the field order
used by serde_indexed in the response struct.
Previously, we used String<_> to represent string constants in some
responses. This has multiple drawbacks:
- It is error-prone because the value is not validated.
- Construction is fallible because of the fixed length of the string.
- The length needs to be bumped if longer values are added.
This patch introduces enums to replace these constants. As cbor_smol
serializes enums using the variant index instead of the string, we need
to manually implement the string conversion.
In CTAP 2.2, att_stmt will be optional in the make_credential response.
Applying this change now allows us to release v0.2.0 and then add the
remaining (compatible) changes required for CTAP 2.2 in a patch release.
