Review salts management

[davidloiret]

Currently, we are limited to using one salt per identity in the vault.

• To retrieve the passphrase for an identity, we need to iterate over all available salts. This can lead to performance issues, especially when there are multiple identities to process.
• For WebAuthn, the process requires the user to select a credential_id manually. This means the user must choose their WebAuthn identity before initiating authentication. Ideally, the identity selection should be handled directly within the Authenticator. However, since we cannot send multiple salts for each credential_id, this is not feasible.
• Additionally, the user needs to know their public key when selecting from multiple recipient_ids. While we could store usernames to simplify this process, doing so introduces other challenges, such as handling scenarios where the vault is shared between multiple users.

Perhaps it is secure to use a single prf_salt and passphrase_salt per vault, even when managing multiple identities. If this approach is feasible, it would address all the outlined issues effectively.

[oScape]

I just introduced username_pk: HashMap<String, String> for store the username linked to a public_key into the vault which enabled the authentication with webauthn. It was done with the user public_key before, I think its more user friendly to use a username instead of a public_key but, it might require some review with this PR.