Fixes and improvements for secret sealing/unsealing:
Do not set userWithAuth by default when creating sealed objects. That flag allows password auth for the sealed object. Without the flag it only allows policy auth.
Allow setting policy auth with flags.
Fix secret_unseal to use policy session and valid sealed name.
Added expected failure test cases for seal/unseal with policy.
Fixes and improvements for secret sealing/unsealing: