CTAP 2.3

[0x0ece]

Two changes:

1. We now need a press and long-press events, so we can support the proper reset according to specs (long-press >= 5s, instead of our custom plug-pressing)
2. ml-dsa-44, using rust-crypto, it should work on m4/m33. I saw the other PR with definitions for all post quantum algos, I used the same def for features, realistically we won't do more than 128-bit security so to me it doesn't make sense to have code for all 3, but we can add later if needed.

[robin-nitrokey]

LGTM, I just have some small comments regarding the COSE serialization. Also I want to give @sosthene-nitrokey a chance to review before merging.

Previously we were more reluctant to add experimental features to trussed directly (and would maybe have used a custom backend instead), but with the increased separation due to trussed-core and as this is implemented using a rust-crypto crate, I think it is totally fine.

[robin-nitrokey]

I find the comment “key = pub” somewhat misleading. I would put it like this:

Suggested change

	// 01 07 — 1: 7 (kty = AKP)
	// 03 38 31 — 3: -50 (alg = ML-DSA-44; -50 = ~49 = 0x31)
	// 20 — -1 (key = pub)
	// 59 05 20 — bstr(1312)
	// 01 07 — key 1 = kty, value 7 = APK
	// 03 38 31 — key 3 = alg, value -50 = ML-DSA-44 (-50 = ~49 = 0x31)
	// 20 — key -1 = pub
	// 59 05 20 — bstr with length 1312 = 0x0520

[robin-nitrokey]

Why is this not part of header?

[robin-nitrokey]

Maybe it would be clearer to use PUBLIC_KEY_LEN here instead of duplicating the magic constant?

[robin-nitrokey]

Just out of curiosity, what problem did you have with cbor-smol?