Add u2f attestation support

[briansmith]

• [ ] Add support for U2F trust anchors.
• [ ] Make it easy to parse the u2f attestation certificate out of the U2F message.
• [ ] Maybe add a workaround for the encoding issue described at https://github.com/briansmith/webpki/pull/34#issuecomment-273683726.
• [ ] Write documentation, including an example, about how to verify attestations.
• [ ] Compare AAGUID from the certificate via the id-fido-gen-ce-aaguid extension and comparing it to the expected AAGUID.
• [ ] Packed Attestation Certificates
  • [ ] Don't require a subjectAltName extension.
• [ ] TPM Attestation Certificates
  • [ ] Subject must be empty
  • [ ] There must be a SAN as specified in the TPM specs.
  • [ ] EKU = "2.23.133.8.3" OID.
• [ ] Android Attestation Certificates
  • [ ] dNSName = attest.android.com

AFAICT, Yubico's attestation certificates don't include any EKU or key usage fields. Presumably we shouldn't verify for an EKU and the key usage should be digitalSignature.

/cc @wisespace-io @robn

[briansmith]

See also https://fidoalliance.org/specs/fido-v2.0-ps-20150904/FIDO-COMPLETE-v2.0-ps-20150904.pdf.

[briansmith]

See also https://github.com/briansmith/webpki/pull/40#issuecomment-329984420

/cc @cmsd2

[targodan]

Just wanted to poke at this.

Apparently this issue prevents me from using my YubiKey with bitwardenrs. See #bitwarden_rs/272