Include monotonic counter values in sealed data

[ajpaverd]

When the enclave's data is sealed, it should include an SGX monotonic counter to prevent old sealed data being replayed.

An SGX monotonic counter should be initialized when the enclave is first initialized.

When data is sealed the current counter value should be included with the sealed data.

When data is unsealed, the included value should be checked against the current counter value: if the value match, increment the current counter value and continue operation; if there is a mismatch, abort and raise an error.