testPrf

Probe the passkey's PRF extension. Builds a deterministic salt from a versioned purpose string, runs an assertion twice with the same salt, and reports whether the outputs match — used during canary to confirm an authenticator supports CTAP2's hmac-secret extension before relying on it for backup.

Logging gates. Two tiers:

• Always-on (Log.i): PASS / FAIL determinism verdict, plus the salt (a SHA-256 of a public purpose string — not sensitive). Safe for production.

• Debug-only (debugLog): the raw PRF output bytes in hex. These ARE the key material the backup blob is encrypted under — combined with the salt, anyone with logcat access can decrypt a captured blob. Gated behind BuildConfig.DEBUG, which is const val false in release builds; R8 dead-code-eliminates the whole conditional including the .toHex() allocations.