* replace CertifyCreation() by CertifyEx() to handle certification of objects for which we cannot extract CreationData
* add AK.Certify(handle) allowing to certify externally-created keys
* replace ReadPublic() by DecodePublic() when creating and loading keys: the current implementation calls ReadPublic() even if public data is already accessible
* drop handle() from the ak interface: it is unnecessary
* add Blobs() to attest.Key: to allow agnostic key marshaling
Found manually looking through the code. The activate credential could
crash the client, the secureboot and challenge generation could crash
the server.
