Reject invalid backup flags combination BS without BE

[ScottHelme]

Per the W3C WebAuthn spec (§6.3.3 Authenticator Data / Level 3 §6.1), the Backup State (BS) flag cannot be set without the Backup Eligible (BE) flag also being set. This is a logically impossible state — a credential cannot claim to be backed up if it is not eligible for backup.

Currently _readFlags() parses both flags but does not validate this constraint, so crafted authenticatorData with BS=1, BE=0 is silently accepted.

This adds validation after the named flags are assigned:

if ($flags->isBackup && !$flags->isBackupEligible) {
    throw new WebAuthnException('invalid backup flags: BS without BE', WebAuthnException::INVALID_DATA);
}

Fixes #128

[ScottHelme]

Just a heads-up for anyone landing here: we've published a security-focused fork of this library as report-uri/passkeys-php

It already includes this fix, along with several other hardening changes. Huge thanks to @lbuchs for the original work!

This PR is still very much open for upstream consideration, but the fork is available in the meantime for anyone who needs the change today.