This should send people strongly to use the defaults, so that other
tools can easily determine whether policies are in use and what their
values are.
It still allows overriding them.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
It was decided to use standard base64 instead of base64-url because
that's what the Go implementation did by default for a []byte.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
My hardware TPM only supports AES128, so let's use that for now to
be more compatible.
The tpm_sym_def function does take a mutable ctx borrow, so that in
the future it can automatically detect the best supported symdef.
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>