There's no need to try to set the engine/engine2 parameters, they're
automatically set.

Support tested with :
- eap-tls on libvirt/kvm virtual machine and real system
- wpa2-eap-peap-tls on real system. (TODO: setting test VM with mac80211_hwsim)
The certificate key is protected by tpm2. No pin.

Modifications done to  libnm-core/nm-setting-8021x.c :
o verify_tls() to make sure that if engine_id/engine2_id are specified
  key_id/key2_id are specified too. If engine_id/engine2_id not specified, behaves
  as before.
o need_secrets_tls() modified to not look for a passphrase for a certificate if
  an engine id is set for phase 1 or phase 2.
o verify_ttls() to work in my phase 2 peap-tls case. Could have used a new fonction
  but was a little bit easier to adapt verify_ttls(). The function nows check:
  - we're using phase2 auth or autheap
  - there's an identity set
  - in case of ttls(), check that anonymous identity is set.

Example of 802-1x section for ethernet eap-tls case:
[802-1x]
ca-cert=/home/rtp/ca.pem
client-cert=/home/rtp/tpm2/csr2/client-tpm-qemu.crt
eap=tls;
identity=nm-tpm2
phase1-engine-id=tpm2tss
phase1-key-id=/home/rtp/tpm2/csr2/pri_pub_blob.key

Signed-off-by: Arnaud Patard <apatard@hupstream.com>