security: return a span from Certificate::getPublicKey()

Also, tighten the FreshnessPeriod check in the constructor
and expand test coverage of various functions

Change-Id: I70837e20bbea8f1174baf2b252f39894e5346c34
diff --git a/tests/unit/security/detail/certificate-bundle-decoder.t.cpp b/tests/unit/security/detail/certificate-bundle-decoder.t.cpp
index 1199994..a9fe998 100644
--- a/tests/unit/security/detail/certificate-bundle-decoder.t.cpp
+++ b/tests/unit/security/detail/certificate-bundle-decoder.t.cpp
@@ -156,7 +156,7 @@
   BOOST_CHECK_EQUAL(nCertsCompleted, 1);
 
   BOOST_CHECK_EXCEPTION(cbd.append(d2.getContent()), tlv::Error, [] (const auto& e) {
-    return e.what() == "Name does not follow the naming convention for certificate"s;
+    return e.what() == "Certificate name does not follow the naming conventions"s;
   });
   BOOST_CHECK_EQUAL(cbd.hasError(), true);
   BOOST_CHECK_EQUAL(nCertsCompleted, 1);