Add Transparent TPM_RC_RETRY auto-resubmit

[aidangarske]

Description

The TPM returns TPM_RC_RETRY when momentarily busy — e.g. the core
dictionary-attack logic persisting the daUsed flag to NV on the first auth
use of a non-noDA key (an externally provisioned AIK/SUDI key). wolfTPM
passed this raw code back to the caller, unlike the TCG ESYS stack which
auto-resubmits. A customer hit it on wolfTPM2_SignSequenceComplete.

This adds optional, bounded auto-resubmit at the command chokepoint
(TPM2_SendCommand / TPM2_SendCommandAuth), covering all transports. A
TPM_RC_RETRY response is header-only, so the saved 10-byte header is restored
and the identical command resent — no re-marshalling.

Opt-in / disabled by default. wolfTPM's own key templates all set noDA,
so wolfTPM-created keys never trigger it; defaulting on would change behavior
for everyone to serve a case none of our keys reach. Existing callers keep the
raw TPM_RC_RETRY unless they opt in.

• TPM2_SetCommandRetries(&dev.ctx, N) — enable at runtime (0 = off)
• -DWOLFTPM_MAX_RETRIES=N — change the compile-time default (default 0)
• WOLFTPM_NO_RETRY — compile the handling out entirely (~528 B)

Note: TPM_RC_RETRY is original TPM 2.0 (Part 2 rev 00.99, 2014) core-TPM DA
behavior — unrelated to SPDM, transport, or SPI wait states.

Tests cover the resubmit bookkeeping and the config API; ChangeLog and README
updated

ZD 22030

[dgarske]

Could / should we actually map INTERNAL_SEND_COMMAND -> TPM2_SPDM_SendCommand to cleanup this section and the duplicated one below?
I suppose not since it is used to check for SPDM active. Do we need to do a better job making sure that someone can't just get SPDM to fail and have it fall back to plain text cmd/rsp?