Fix #319: CTAP2.0 bug in preflighting, which can omit credential data

[msirringhaus]

Fix bug in preflighting, where CTAP2.0 devices can omit the credential data if the allow_list is of length one. Without this fix, those answer get ignored and the device discarded as being not useable.

Adding a bunch of prefligh-tests. For this, I had to extend the mock device to be able to skip the low-level byte-by-byte comparison of incoming and outgoing data, and instead use CTAP requests and responses directly, for higher-level business-logic testing. Now, we can add what requests we expect, and what responses the mock device should give. For this, CTAP-responses have to be marked with their own marker trait, so that we can collect all different responses as dyn std::any::Any in a single Vec. For that, responses have to be marked 'static (required by Any), but since all of our Responses are 'static, this is currently not a problem.

And a new TestDevice-trait has been added, which is a no-op implementation in release-mode, but gives us the ability to skip the low-level serialization of requests. Only the mock-device actually implements something. It is currently decided upon creation of the device (using the two new*()-functions), if it should skip the serialization or not.

[xchapron-ledger]

@msirringhaus @jschanck Thanks!