PKCS#11 openssl provider does not work

**Describe the bug**
I tried to create a CSR with the Openssl 3.x provider with an ATECC608B, which was provisioned with the cryptoauthtools for testing purposes. The Openssl CSR creation fails (details see below). I am not sure if this is a provider problem or in the lib. I will try the OpenSC provider also and add a comment if that works.

Versions:
- cryptoauthlib v3.7.9
- [pkcs11-provider](https://github.com/latchset/pkcs11-provider) v1.1
- Debian trixie
- OpenSSL 3.5.4

Details (I have activated the debug logging for the provider and the lib):
```
openssl req -provider pkcs11 -key "pkcs11:token=00ABC;type=private;object=device" -new -out new_device.csr -subj "/CN=NEW CSR EXAMPLE"
[2025-12-17 12:53:09.963] [../src/provider.c:1809] OSSL_provider_init(): Starting provider pkcs11-provider 1.1
[2025-12-17 12:53:09.963] [../src/provider.c:1839] OSSL_provider_init(): Provided config params:
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-path: /usr/lib/aarch64-linux-gnu/libcryptoauth.so
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-init-args: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-token-pin: [****]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-allow-export: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-login-behavior: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-load-behavior: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-cache-pins: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-cache-keys: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-quirks: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-cache-sessions: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-encode-provider-uri-to-pem: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-block-operations: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1849] OSSL_provider_init():   pkcs11-module-assume-fips: [none]
[2025-12-17 12:53:09.963] [../src/provider.c:1868] OSSL_provider_init(): PIN not available
[2025-12-17 12:53:09.963] [../src/provider.c:1882] OSSL_provider_init(): Export allowed
[2025-12-17 12:53:09.963] [../src/provider.c:1901] OSSL_provider_init(): Login behavior: auto
[2025-12-17 12:53:09.963] [../src/provider.c:1918] OSSL_provider_init(): PINs will not be cached
[2025-12-17 12:53:09.963] [../src/provider.c:1935] OSSL_provider_init(): Key caching: in session object
[2025-12-17 12:53:09.963] [../src/provider.c:1990] OSSL_provider_init(): No quirks
[2025-12-17 12:53:09.963] [../src/provider.c:2009] OSSL_provider_init(): Cache Sessions: 5
[2025-12-17 12:53:09.963] [../src/provider.c:2017] OSSL_provider_init(): Assuming FIPS token is not used
[2025-12-17 12:53:09.963] [../src/provider.c:2026] OSSL_provider_init(): PK11-URI will not be written instead of PrivateKeyInfo
[2025-12-17 12:53:09.963] [../src/provider.c:2068] OSSL_provider_init(): Blocked Operations: None
[2025-12-17 12:53:09.963] [../src/provider.c:2091] OSSL_provider_init(): Load behavior: default
[2025-12-17 12:53:09.964] [../src/store.c:199] p11prov_store_open(): object open (0x5555a62b8ad0, pkcs11:token=00ABC;type=private;object=device)
[2025-12-17 12:53:09.964] [../src/interface.c:312] p11prov_module_init(): PKCS#11: Initializing the module: /usr/lib/aarch64-linux-gnu/libcryptoauth.so
[2025-12-17 12:53:09.965] [../src/interface.c:193] p11prov_interface_init(): C_GetInterface() not available. Falling back to C_GetFunctionList(): /usr/lib/aarch64-linux-gnu/libcryptoauth.so: undefined symbol: C_GetInterface
[2025-12-17 12:53:09.965] [../src/interface.c:110] populate_interface(): Populating Interfaces with 'Internal defaults', version 2.40
[2025-12-17 12:53:09.965] [../src/interface.gen.c:20] p11prov_Initialize(): Calling C_Initialize
13:13:C_Initialize:141:
13:13:pkcs11_config_load_objects:1270:Opening Configuration: /var/lib/cryptoauthlib/0.conf
13:13:pkcs11_config_load_objects:1315:Load conf file status [0] slot_id [2139062143]
13:13:pkcs11_slot_fill_list:392:Slot Id: 0
13:13:C_Initialize:142:CKR_OK(0)
[2025-12-17 12:53:09.998] [../src/interface.gen.c:74] p11prov_GetInfo(): Calling C_GetInfo
13:13:C_GetInfo:159:
13:13:C_GetInfo:160:CKR_OK(0)
[2025-12-17 12:53:09.998] [../src/interface.c:342] p11prov_module_init(): Module Info: ck_ver:2.40 lib: 'Microchip Technology Inc' 'Cryptoauthlib PKCS11 Interface' ver:3.7
[2025-12-17 12:53:09.998] [../src/interface.gen.c:159] p11prov_GetSlotList(): Calling C_GetSlotList
13:13:C_GetSlotList:184:
13:13:C_GetSlotList:185:CKR_OK(0)
[2025-12-17 12:53:09.998] [../src/interface.gen.c:159] p11prov_GetSlotList(): Calling C_GetSlotList
13:13:C_GetSlotList:184:
13:13:C_GetSlotList:185:CKR_OK(0)
[2025-12-17 12:53:09.998] [../src/interface.gen.c:187] p11prov_GetSlotInfo(): Calling C_GetSlotInfo
13:13:C_GetSlotInfo:193:
13:13:C_GetSlotInfo:194:CKR_OK(0)
[2025-12-17 12:53:10.003] [../src/interface.gen.c:215] p11prov_GetTokenInfo(): Calling C_GetTokenInfo
13:13:C_GetTokenInfo:202:
13:13:pkcs11_token_get_info:518:Token Info: 2
13:13:pkcs11_token_get_info:569:Token Locked
13:13:C_GetTokenInfo:203:CKR_OK(0)
[2025-12-17 12:53:10.022] [../src/session.c:126] p11prov_session_pool_init(): Creating new session pool
[2025-12-17 12:53:10.022] [../src/provider.c:635] p11prov_ctx_cache_sessions(): cache_sessions = 5
[2025-12-17 12:53:10.022] [../src/session.c:153] p11prov_session_pool_init(): New session pool 0x5555a62d7b00 created
[2025-12-17 12:53:10.022] [../src/obj/pool.c:24] p11prov_obj_pool_init(): Creating new object pool
[2025-12-17 12:53:10.022] [../src/obj/pool.c:39] p11prov_obj_pool_init(): New object pool 0x5555a62d75a0 created
[2025-12-17 12:53:10.022] [../src/interface.gen.c:244] p11prov_GetMechanismList(): Calling C_GetMechanismList
13:13:C_GetMechanismList:211:
13:13:C_GetMechanismList:212:CKR_OK(0)
[2025-12-17 12:53:10.022] [../src/slot.c:104] get_slot_mechanisms(): Slot(0) mechs found: 15
[2025-12-17 12:53:10.022] [../src/interface.gen.c:244] p11prov_GetMechanismList(): Calling C_GetMechanismList
13:13:C_GetMechanismList:211:
13:13:C_GetMechanismList:212:CKR_OK(0)
[2025-12-17 12:53:10.022] Slot Info:
  ID: 0
  Description:      [0_3_0]
  Manufacturer ID:  [Microchip Technology Inc]
  Flags (0x000005):

[2025-12-17 12:53:10.022]     CKF_TOKEN_PRESENT         (0x000001)
[2025-12-17 12:53:10.022]     CKF_HW_SLOT               (0x000004)
[2025-12-17 12:53:10.022]   Hardware Version: 0.3
  Firmware Version: 255.255

[2025-12-17 12:53:10.022] Token Info:
  Label:            [00ABC]
  Manufacturer ID:  [Microchip Technology Inc]
  Model:            [ATECC608B]
  Serial Number:    [23FCD1CF0D2587EE]
  Flags (0x000401):

[2025-12-17 12:53:10.022]     CKF_RNG                             (0x000001)
[2025-12-17 12:53:10.022]     CKF_TOKEN_INITIALIZED               (0x000400)
[2025-12-17 12:53:10.022]   Session Count      Max:   1  Current:   0
  R/W Session Count  Max:   1  Current:   0
  Pin Len Range: 0-128
  Public  Memory  Total: 18446744073709551615  Free: 18446744073709551615
  Private Memory  Total: 18446744073709551615  Free: 18446744073709551615
  Hardware Version: 0.3
  Firmware Version: 255.255
  UTC Time: []

[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_SHA256 (592):
  min key length: 256
  max key length: 256
  flags (0x000401):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_DIGEST                (0x000400)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_SHA256_HMAC (593):
  min key length: 256
  max key length: 256
  flags (0x002801):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_SIGN                  (0x000800)
[2025-12-17 12:53:10.022]     CKF_VERIFY                (0x002000)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_SHA256_HMAC_GENERAL (594):
  min key length: 256
  max key length: 256
  flags (0x002801):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_SIGN                  (0x000800)
[2025-12-17 12:53:10.022]     CKF_VERIFY                (0x002000)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_EC_KEY_PAIR_GEN (4160):
  min key length: 256
  max key length: 256
  flags (0x1918001):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_GENERATE              (0x008000)
[2025-12-17 12:53:10.022]     CKF_GENERATE_KEY_PAIR     (0x010000)
[2025-12-17 12:53:10.022]     CKF_EC_F_P                (0x100000)
[2025-12-17 12:53:10.022]     CKF_EC_OID                (0x800000)
[2025-12-17 12:53:10.022]     CKF_EC_UNCOMPRESS         (0x1000000)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_ECDSA (4161):
  min key length: 256
  max key length: 256
  flags (0x1902801):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_SIGN                  (0x000800)
[2025-12-17 12:53:10.022]     CKF_VERIFY                (0x002000)
[2025-12-17 12:53:10.022]     CKF_EC_F_P                (0x100000)
[2025-12-17 12:53:10.022]     CKF_EC_OID                (0x800000)
[2025-12-17 12:53:10.022]     CKF_EC_UNCOMPRESS         (0x1000000)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_ECB (4225):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_CBC (4226):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_CBC_PAD (4229):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_CTR (4230):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_GCM (4231):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_CCM (4232):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_CMAC (4234):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_CMAC_GENERAL (4235):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_ECB_ENCRYPT_DATA (4356):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:273] p11prov_GetMechanismInfo(): Calling C_GetMechanismInfo
13:13:C_GetMechanismInfo:220:
13:13:C_GetMechanismInfo:221:CKR_OK(0)
[2025-12-17 12:53:10.022] Mechanism Info:
  name: CKM_AES_CBC_ENCRYPT_DATA (4357):
  min key length: 128
  max key length: 128
  flags (0x000301):

[2025-12-17 12:53:10.022]     CKF_HW                    (0x000001)
[2025-12-17 12:53:10.022]     CKF_ENCRYPT               (0x000100)
[2025-12-17 12:53:10.022]     CKF_DECRYPT               (0x000200)
[2025-12-17 12:53:10.022]   No profiles specified

[2025-12-17 12:53:10.022] [../src/random.c:85] p11prov_rand_generate(): rand: generate (add bytes: 0)
[2025-12-17 12:53:10.022] [../src/session.c:979] p11prov_get_session(): Get session on slot 18446744073709551615, reqlogin=false, rw=false
[2025-12-17 12:53:10.022] [../src/session.c:1013] p11prov_get_session(): cycle through available slots
[2025-12-17 12:53:10.022] [../src/session.c:666] check_slot(): Checking Slot id=0, uri=(nil), mechtype=ffffffffffffffff, rw=false)
[2025-12-17 12:53:10.022] [../src/provider.c:617] p11prov_ctx_login_behavior(): login_behavior = 0
[2025-12-17 12:53:10.022] [../src/session.c:1050] p11prov_get_session(): Found a slot 0
[2025-12-17 12:53:10.022] [../src/session.c:275] session_new(): Creating new P11PROV_SESSION session on pool 0x5555a62d7b00
[2025-12-17 12:53:10.022] [../src/session.c:309] session_new(): Total sessions: 1
[2025-12-17 12:53:10.022] [../src/session.c:333] session_check(): Checked session 0 handle invalid
[2025-12-17 12:53:10.022] [../src/interface.gen.c:302] p11prov_OpenSession(): Calling C_OpenSession
13:13:C_OpenSession:271:
13:13:C_OpenSession:272:CKR_OK(0)
[2025-12-17 12:53:10.022] [../src/session.c:81] token_session_open(): C_OpenSession ret:0 (session: 93826348580528)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:357] p11prov_GetSessionInfo(): Calling C_GetSessionInfo
13:13:C_GetSessionInfo:298:
13:13:C_GetSessionInfo:299:CKR_OK(0)
[2025-12-17 12:53:10.022] [../src/interface.gen.c:1377] p11prov_GenerateRandom(): Calling C_GenerateRandom
13:13:C_GenerateRandom:923:
13:13:C_GenerateRandom:924:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/session.c:110] token_session_close(): Closing session 93826348580528
[2025-12-17 12:53:10.037] [../src/interface.gen.c:329] p11prov_CloseSession(): Calling C_CloseSession
13:13:C_CloseSession:280:
13:13:C_CloseSession:281:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/util.c:574] p11prov_parse_uri(): ctx=0x5555a62b8ad0 uri=pkcs11:token=00ABC;type=private;object=device)
[2025-12-17 12:53:10.037] [../src/util.c:380] parse_utf8str(): String [00ABC] -> [00ABC]
[2025-12-17 12:53:10.037] [../src/util.c:380] parse_utf8str(): String [private] -> [private]
[2025-12-17 12:53:10.037] [../src/util.c:380] parse_utf8str(): String [device] -> [device]
[2025-12-17 12:53:10.037] [../src/store.c:572] p11prov_store_set_ctx_params(): set ctx params (0x5555a62d80b0, 0x7fffea21feb8)
[2025-12-17 12:53:10.037] [../src/store.c:491] p11prov_store_eof(): store eof (0x5555a62d80b0)
[2025-12-17 12:53:10.037] [../src/store.c:491] p11prov_store_eof(): store eof (0x5555a62d80b0)
[2025-12-17 12:53:10.037] [../src/store.c:252] p11prov_store_load(): store load (0x5555a62d80b0)
[2025-12-17 12:53:10.037] [../src/store.c:93] store_fetch(): called (store_ctx=0x5555a62d80b0)
[2025-12-17 12:53:10.037] [../src/provider.c:617] p11prov_ctx_login_behavior(): login_behavior = 0
[2025-12-17 12:53:10.037] [../src/session.c:979] p11prov_get_session(): Get session on slot 18446744073709551615, reqlogin=true, rw=false
[2025-12-17 12:53:10.037] [../src/session.c:1013] p11prov_get_session(): cycle through available slots
[2025-12-17 12:53:10.037] [../src/session.c:666] check_slot(): Checking Slot id=0, uri=0x5555a62d8160, mechtype=ffffffffffffffff, rw=false)
[2025-12-17 12:53:10.037] [../src/provider.c:617] p11prov_ctx_login_behavior(): login_behavior = 0
[2025-12-17 12:53:10.037] [../src/provider.c:617] p11prov_ctx_login_behavior(): login_behavior = 0
[2025-12-17 12:53:10.037] [../src/session.c:1050] p11prov_get_session(): Found a slot 0
[2025-12-17 12:53:10.037] [../src/session.c:333] session_check(): Checked session 0 handle invalid
[2025-12-17 12:53:10.037] [../src/interface.gen.c:302] p11prov_OpenSession(): Calling C_OpenSession
13:13:C_OpenSession:271:
13:13:C_OpenSession:272:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/session.c:81] token_session_open(): C_OpenSession ret:0 (session: 93826348580528)
[2025-12-17 12:53:10.037] [../src/interface.gen.c:357] p11prov_GetSessionInfo(): Calling C_GetSessionInfo
13:13:C_GetSessionInfo:298:
13:13:C_GetSessionInfo:299:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/obj/fetch.c:490] p11prov_obj_find(): Find objects [class=3, id-len=0, label=device]
[2025-12-17 12:53:10.037] [../src/interface.gen.c:621] p11prov_FindObjectsInit(): Calling C_FindObjectsInit
13:13:C_FindObjectsInit:434:
13:13:CKA_CLASS(0):8:CKO_PRIVATE_KEY(3)
13:13:CKA_LABEL(3):6:device
13:13:C_FindObjectsInit:435:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/interface.gen.c:651] p11prov_FindObjects(): Calling C_FindObjects
13:13:C_FindObjects:443:
13:13:C_FindObjects:444:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/interface.gen.c:651] p11prov_FindObjects(): Calling C_FindObjects
13:13:C_FindObjects:443:
13:13:C_FindObjects:444:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/interface.gen.c:679] p11prov_FindObjectsFinal(): Calling C_FindObjectsFinal
13:13:C_FindObjectsFinal:452:
13:13:C_FindObjectsFinal:453:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/obj/pool.c:163] obj_add_to_pool(): Object added to pool (idx=0, obj=0x5555a62d8200)
[2025-12-17 12:53:10.037] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (0): 0x00000000
[2025-12-17 12:53:10.037] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (1): 0x00000100
[2025-12-17 12:53:10.037] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (2): 0x00000171
[2025-12-17 12:53:10.037] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (3): 0x00000001
[2025-12-17 12:53:10.037] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (4): 0x0000061d
[2025-12-17 12:53:10.037] [../src/interface.gen.c:564] p11prov_GetAttributeValue(): Calling C_GetAttributeValue
13:13:C_GetAttributeValue:412:
13:13:CKA_CLASS(0):8:(ffffffff)
13:13:CKA_KEY_TYPE(100):8:FF FF FF FF FF FF FF FF:
13:13:CKA_COPYABLE(171):1:00:
13:13:CKA_TOKEN(1):1:00:
13:13:(61D):8:00 00 00 00 00 00 00 00:
13:13:C_GetAttributeValue:413:CKR_ATTRIBUTE_TYPE_INVALID(12)
[2025-12-17 12:53:10.037] [../src/interface.gen.c:568] p11prov_GetAttributeValue(): Error 18 returned by C_GetAttributeValue
[2025-12-17 12:53:10.037] [../src/util.c:75] p11prov_fetch_attributes(): Querying attributes one by one
[2025-12-17 12:53:10.037] [../src/interface.gen.c:564] p11prov_GetAttributeValue(): Calling C_GetAttributeValue
13:13:C_GetAttributeValue:412:
13:13:CKA_CLASS(0):8:CKO_PRIVATE_KEY(3)
13:13:C_GetAttributeValue:413:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/util.c:117] p11prov_fetch_attributes(): Attribute| type:0x00000000 value:0x5555a62d8220, len:8
[2025-12-17 12:53:10.037] [../src/interface.gen.c:564] p11prov_GetAttributeValue(): Calling C_GetAttributeValue
13:13:C_GetAttributeValue:412:
13:13:CKA_KEY_TYPE(100):8:03 00 00 00 00 00 00 00:
13:13:C_GetAttributeValue:413:CKR_OK(0)
[2025-12-17 12:53:10.037] [../src/util.c:117] p11prov_fetch_attributes(): Attribute| type:0x00000100 value:0x5555a62d8248, len:8
[2025-12-17 12:53:10.037] [../src/interface.gen.c:564] p11prov_GetAttributeValue(): Calling C_GetAttributeValue
13:13:C_GetAttributeValue:412:
13:13:CKA_COPYABLE(171):1:00:
13:13:C_GetAttributeValue:413:CKR_OK(0)
[2025-12-17 12:53:10.038] [../src/util.c:117] p11prov_fetch_attributes(): Attribute| type:0x00000171 value:0x5555a62d8230, len:1
[2025-12-17 12:53:10.038] [../src/interface.gen.c:564] p11prov_GetAttributeValue(): Calling C_GetAttributeValue
13:13:C_GetAttributeValue:412:
13:13:CKA_TOKEN(1):1:01:
13:13:C_GetAttributeValue:413:CKR_OK(0)
[2025-12-17 12:53:10.038] [../src/util.c:117] p11prov_fetch_attributes(): Attribute| type:0x00000001 value:0x5555a62d8231, len:1
[2025-12-17 12:53:10.038] [../src/interface.gen.c:564] p11prov_GetAttributeValue(): Calling C_GetAttributeValue
13:13:C_GetAttributeValue:412:
13:13:(61D):8:00 00 00 00 00 00 00 00:
13:13:C_GetAttributeValue:413:CKR_ATTRIBUTE_TYPE_INVALID(12)
[2025-12-17 12:53:10.038] [../src/interface.gen.c:568] p11prov_GetAttributeValue(): Error 18 returned by C_GetAttributeValue
[2025-12-17 12:53:10.038] [../src/util.c:117] p11prov_fetch_attributes(): Attribute| type:0x0000061D value:0x5555a62d8268, len:18446744073709551615
[2025-12-17 12:53:10.038] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (0): 0x00000102
[2025-12-17 12:53:10.038] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (1): 0x00000003
[2025-12-17 12:53:10.038] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (2): 0x00000129
[2025-12-17 12:53:10.038] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (3): 0x00000180
[2025-12-17 12:53:10.038] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (4): 0x00000181
[2025-12-17 12:53:10.038] [../src/util.c:23] p11prov_fetch_attributes(): Fetching attributes (5): 0x00000202
[2025-12-17 12:53:10.038] [../src/interface.gen.c:564] p11prov_GetAttributeValue(): Calling C_GetAttributeValue
13:13:C_GetAttributeValue:412:
13:13:CKA_ID(102):0::
13:13:CKA_LABEL(3):0:(null)
13:13:CKA_PUBLIC_KEY_INFO(129):0::
13:13:CKA_EC_PARAMS(180):0::
13:13:CKA_EC_POINT(181):0::
13:13:CKA_ALWAYS_AUTHENTICATE(202):0::
13:13:pkcs11_key_get_public_key:732:atcab_get_pubkey_ext: 0
13:13:C_GetAttributeValue:413:CKR_ARGUMENTS_BAD(7)
[2025-12-17 12:53:10.088] [../src/interface.gen.c:568] p11prov_GetAttributeValue(): Error 7 returned by C_GetAttributeValue
[2025-12-17 12:53:10.088] [../src/obj/object.c:271] p11prov_obj_free(): Free Object: 0x5555a62d8200 (handle:2)
[2025-12-17 12:53:10.088] [../src/obj/pool.c:186] obj_rm_from_pool(): Object to be removed from pool (idx=0, obj=0x5555a62d8200)
[2025-12-17 12:53:10.088] [../src/obj/object.c:271] p11prov_obj_free(): Free Object: (nil) (handle:0)
[2025-12-17 12:53:10.088] [../src/obj/fetch.c:569] p11prov_obj_find(): Error: 0x00000007; Failed to store object
[2025-12-17 12:53:10.088] [../src/obj/fetch.c:575] p11prov_obj_find(): Find objects: found 1 objects; Returning 7
[2025-12-17 12:53:10.088] [../src/store.c:144] store_fetch(): Error: 0x00000007; Failed to load keys from slot (0)
[2025-12-17 12:53:10.088] [../src/store.c:491] p11prov_store_eof(): store eof (0x5555a62d80b0)
[2025-12-17 12:53:10.088] [../src/store.c:506] p11prov_store_close(): store close (0x5555a62d80b0)
[2025-12-17 12:53:10.088] [../src/store.c:35] p11prov_store_ctx_free(): store ctx free (0x5555a62d80b0)
[2025-12-17 12:53:10.088] [../src/session.c:110] token_session_close(): Closing session 93826348580528
[2025-12-17 12:53:10.088] [../src/interface.gen.c:329] p11prov_CloseSession(): Calling C_CloseSession
13:13:C_CloseSession:280:
13:13:C_CloseSession:281:CKR_OK(0)
Could not find private key from pkcs11:token=00ABC;type=private;object=device
A04CA8C7FE7F0000:error:40800007:pkcs11:p11prov_obj_find:Invalid or improper arguments were provided to the invoked function:../src/obj/fetch.c:569:Failed to store object
A04CA8C7FE7F0000:error:40800007:pkcs11:store_fetch:Invalid or improper arguments were provided to the invoked function:../src/store.c:144:Failed to load keys from slot (0)
[2025-12-17 12:53:10.088] [../src/session.c:163] p11prov_session_pool_free(): Freeing session pool 0x5555a62d7b00
[2025-12-17 12:53:10.088] [../src/session.c:369] session_free(): Session Free 0x5555a62d7e20
[2025-12-17 12:53:10.088] [../src/obj/pool.c:47] p11prov_obj_pool_free(): Freeing object pool 0x5555a62d75a0
[2025-12-17 12:53:10.088] [../src/interface.gen.c:47] p11prov_Finalize(): Calling C_Finalize
13:13:C_Finalize:150:
13:13:pkcs11_deinit:483:Release device_ctx  Interface:[0] Device:[3]
13:13:C_Finalize:151:CKR_OK(0)
```

**To Reproduce**
Steps to reproduce the behavior:
On Debain trixie:

1. Provision the ATECC608 with the cryptoauthtools config.py tool (with defaults)
2. Clone and build the cryptoauthlib with the following args: -DATCA_OPENSSL=ON -DATCA_HAL_I2C=ON -DATCA_PKCS11=ON -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_SYSCONFDIR=/etc -DCMAKE_INSTALL_LOCALSTATEDIR=/var
3. Configure the cryptoauthlib according to the wiki / readme (0.conf, cryptoauthlib.conf) 
4. Clone and build the pkcs11-provider according to the wiki
5. Configure openssl according the the wiki / pkcs11-provider instructions
6. Check if the provider is available -> OK
7. Aditionally verify configs with p11tool -> p11tool --test-sign succeeds for key in slot 0
8. Create a CSR with: openssl req -provider pkcs11 -key "pkcs11:token=00ABC;type=private;object=device" -new -out new_device.csr -subj "/CN=NEW CSR EXAMPLE"
9. Fails (see details above)

**Expected behavior**
A CSR is created and written to the specified file without errors.

**Additional context**
I setup a ATECC608B with the [cryptoauthtools config.py](https://github.com/MicrochipTech/cryptoauthtools/blob/master/python/examples/config.md) tool. Because the wiki said that this provisions the device for some standard use-cases (I am just trying things).

p11tool list all succeeds:
```
p11tool --provider /usr/lib/aarch64-linux-gnu/libcryptoauth.so --list-all
Object 0:
        URL: pkcs11:model=ATECC608B;manufacturer=Microchip%20Technology%20Inc;serial=23FCD1CF0D2587EE;token=00ABC;id=%73%3F%DB%80%9B%95%3A%19%5D%30%E2%60%59%70%F4%07%2F%A3%92%2C;object=device;type=private
        Type: Private key (EC/ECDSA-SECP256R1)
        Label: device
        Flags: CKA_PRIVATE; CKA_NEVER_EXTRACTABLE; CKA_SENSITIVE; 
        ID: 73:3f:db:80:9b:95:3a:19:5d:30:e2:60:59:70:f4:07:2f:a3:92:2c

Object 1:
        URL: pkcs11:model=ATECC608B;manufacturer=Microchip%20Technology%20Inc;serial=23FCD1CF0D2587EE;token=00ABC;id=%73%3F%DB%80%9B%95%3A%19%5D%30%E2%60%59%70%F4%07%2F%A3%92%2C;object=device;type=public
        Type: Public key (EC/ECDSA-SECP256R1)
        Label: device
        ID: 73:3f:db:80:9b:95:3a:19:5d:30:e2:60:59:70:f4:07:2f:a3:92:2c

Object 2:
        URL: pkcs11:model=ATECC608B;manufacturer=Microchip%20Technology%20Inc;serial=23FCD1CF0D2587EE;token=00ABC;id=%77%62%01%60%EE%46%49%DC%3F%F2%88%B9%D7%93%8B%26%97%1B%08%C1;object=device;type=public
        Type: Public key (EC/ECDSA-SECP256R1)
        Label: device
        ID: 77:62:01:60:ee:46:49:dc:3f:f2:88:b9:d7:93:8b:26:97:1b:08:c1

Object 3:
        URL: pkcs11:model=ATECC608B;manufacturer=Microchip%20Technology%20Inc;serial=23FCD1CF0D2587EE;token=00ABC;object=root;type=public
        Type: Public key
        Label: root
        ID: 
```

Export pubkey succeeds with p11tool:
```
p11tool --provider /usr/lib/aarch64-linux-gnu/libcryptoauth.so --export-pubkey "pkcs11:token=00ABC;object=device;type=private"
warning: --login was not specified and it may be required for this operation.
warning: no --outfile was specified and the public key will be printed on screen.
-----BEGIN PUBLIC KEY-----
...base64 data here
-----END PUBLIC KEY-----
```

Signature with p11tool succeeds:
```
p11tool --provider /usr/lib/aarch64-linux-gnu/libcryptoauth.so --test-sign "pkcs11:token=00ABC;object=device;type=private"
Signing using ECDSA-SHA256... ok
Verifying against private key parameters... ok
Verifying against public key in the token... ok
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

PKCS#11 openssl provider does not work #412

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

PKCS#11 openssl provider does not work #412

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions