Cryptoki - CKR_ARGUMENTS_BAD connecting MQTT with pkcs11 using ATECC608B

[qcabrol]

Describe the bug When calling the aws python SDK sample script 'pkcs11_connect.py'

Samples: https://github.com/aws/aws-iot-device-sdk-python-v2/tree/main/samples Bug Also filed with AWS here: https://github.com/aws/aws-iot-device-sdk-python-v2/issues/561

the crypto element ATEC608B answers correctly and the provisioned private key is found The sample script exits with AWS_ERROR_PKCS11_CKR_ARGUMENTS_BAD awscrt.exceptions.AwsCrtError: AWS_ERROR_PKCS11_CKR_ARGUMENTS_BAD: A PKCS#11 (Cryptoki) library function failed with return value CKR_ARGUMENTS_BAD Error AWS_ERROR_PKCS11_CKR_ARGUMENTS_BAD when connecting MQTT with pkcs11 using secure element ATECC608B

aws-sdk2-edited.log

Expected Behavior The device connects (or attempts to connect) to the AWS IoT without a PKCS error.

Current Behavior See description of the bug above

Reproduction Steps ATECC608B crypto element on i2c0 bus with provisioned private key and securely booted libcryptoauth v3.4.0 from Microchip lipb11 0.4.11 aws-iot-device-sdk-python-v2 1.21.0 run (adapt parameters to the provisioned private key label, actual endpoint ...): python3 pkcs11_connect.py --endpoint a***************-ats.iot.eu-central-1.amazonaws.com --cert ~/app/prod/res/gateway_cert.crt --pkcs11_lib /usr/lib/libcryptoauth.so --token_label 00ABC --key_label device --client_id my_device_id --port 8883 --ca_file ~/app/prod/res/root.pem --pin 1234 --verbosity Debug

Environment details (OS name and version, etc.) Yocto Kirkstone on ARM: Linux sam9x60-curiosity-sd 6.1.55-linux4microchip-2023.10