Store longterm key in TPM

[zanebeckwith]

This PR implements the TPM key storage discussed in Issue #120. The implementation here is largely that described in that issue, except that no TPM-related functions are added to crypto_wrapper.h; this is because the "higher-level" functions have already been provided by the new xaptum-tpm API (and I didn't see a need to provide the "wrapper" implementation-agility for xaptum-tpm that we have for the other crypto libraries).

This work also includes:

• Bringing back SHA-256 hashing in the crypto sub-library
  • This is needed for creating TPM ECDSA signature, though it won't be used as a hash function for the handshake
• Updating the X.509 certificate generation to allow signing using a TPM key
  • My plan had been to actually rip out the X.509 stuff, but it seemed less problematic to just leave it as-is, and it was easy to add the TPM version

fixes #120

[zanebeckwith]

Note: The CI is failing because this work requires PR #122 . Once that's merged, I'll rebase this work on it