Support stateless verifications

[MasterKale]

This PR updates presentation verification to make it stateless. Put another way, it is no longer necessary to persist anything on the server between request generation and presentation verification.

Instead, the server is now free to simply send back the nonce from the front end along with the presentation response to provide the server with enough information to:

1. Verify the nonce lifetime, to limit replay attacks
2. Decrypt encrypted responses

In exchange for this flexibility, servers must now provide a random, 32-byte serverAESKeySecret value needed to facilitate the AES-GCM-based encryption and decryption of necessary values now being used as the OID4VP request nonce.

Fixes #17.

Example

/** Server */
const serverAESKeySecret: Uint8Array = secretKeyToBytes(process.env.AES_SECRET_KEY);

const { dcapiOptions } = await generatePresentationRequest({
  credentialOptions: {
    format: "mdl",
    desiredClaims: ["family_name", "given_name"],
  },
  presentationLifetime: 600, // seconds, defaults to 300 seconds
  serverAESKeySecret,
});

/** Browser */
const response = await navigator.credentials.get(dcapiOptions);

sendJSONToServer({
  data: response.data,
  nonce: dcapiOptions.digital.requests[0].data.nonce,
});

/** Server */
const { data, nonce } = getJSONFromBrowser(req);

const verified = await verifyPresentationResponse({
  data,
  nonce,
  expectedOrigin: "http://localhost:8000",
  serverAESKeySecret,
});