feat protocol implement device eligible and backup flags

Extend existing flags by adding new ones backup eligible and backup state

protocol/authenticator.go

@@ -129,9 +129,11 @@ const (
  // FlagUserVerified Bit 00000100 in the byte sequence. Tells us if user is verified
  // by the authenticator using a biometric or PIN
  FlagUserVerified // Referred to as UV
- _ // Reserved
- _ // Reserved
- _ // Reserved
+ // FlagBackupEligible Bit 00001000 in the byte sequence. Tells us if a backup is eligible for device
+ FlagBackupEligible // Referred to as BE
+ // FlagBackupState Bit 00010000 in the byte sequence. Tells us if a backup state for device
+ FlagBackupState // Referred to as BS
+ _ // Reserved
  // FlagAttestedCredentialData Bit 01000000 in the byte sequence. Indicates whether
  // the authenticator added attested credential data.
  FlagAttestedCredentialData // Referred to as AT
@@ -159,6 +161,16 @@ func (flag AuthenticatorFlags) HasExtensions() bool {
  return (flag & FlagHasExtensions) == FlagHasExtensions
 }
 
+// HasBackupEligible returns if the BE flag was set
+func (flag AuthenticatorFlags) HasBackupEligible() bool {
+ return (flag & FlagBackupEligible) == FlagBackupEligible
+}
+
+// HasBackupState returns if the BS flag was set
+func (flag AuthenticatorFlags) HasBackupState() bool {
+ return (flag & FlagBackupState) == FlagBackupState
+}
+
 // Unmarshal will take the raw Authenticator Data and marshalls it into AuthenticatorData for further validation.
 // The authenticator data has a compact but extensible encoding. This is desired since authenticators can be
 // devices with limited capabilities and low power requirements, with much simpler software stacks than the client platform.