Fix corePKCS11 pal implementation (CA-204)

[chinglee-iot]

• Use nvs_get_blob instead of nvs_get_str

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[Steven35700]

Hi,

I don't understand why you want to replace "nvs_get_blob" with "nvs_get_str" in "PKCS11_PAL_FindObject" function.

In the "PKCS11_PAL_FindObject" function you modified, it allows to check the presence of a string. In the "PKCS11_PAL_GetObjectValue" function, we retrieve the value of this string. For me the whole problem comes rather from the "PKCS11_PAL_SaveObject" function which writes a blob ???

Also in the OTA example, in the CSV partition file, P11_CSK is encrypted as String.

[chinglee-iot]

Hi Steven,

I uses the nvs_get_blob to replace nvs_get_str fro the following reasons.

1. PKCS11_PAL_SaveObject uses nvs_set_blob. There will be error when I use nvs_get_str.
2. The main branch use nvs_get_blob for the implementation.

[paulbartell]

@Steven35700 corePKCS11 stores objects in DER format by default, which may contain null bytes. For this reason, nvs_get_blob is more appropriate.

[idea--list]

Is there any reason not to merge this PR? I mean it is waiting for over a year now.