sas: Added DIGEST-MD5 qop-option validation in native challange handling

Given that we presently support "auth" and not "auth-int" or "auth-conf"
for native challenge-response messages, added client side validation of
the quality-of-protection options from the server's challenge message.