Add fixes to cryptoauthlib to support Java PKCS11 requirements, to support Greengrass V2

[JamieHunter]

Please describe the purpose of this pull request

This PR fixes a number of issues that prevents Greengrass V2 using cryptoauthlib as a PKCS11 HSM provider. Note that for anyone browsing this PR, this also depends on a pending PR to add PKCS11 EC support to aws-c-io.

Greengrass V2 uses Java, which demands certain functionality of compliant PKCS11 libraries. In particular:

1. Java honors the maximum session limits, and needs at least two sessions (really three when taking into account aws-c-io).
2. Java requires the private key and certificate to have the same ID, which requires ID support
3. Java queries certain attributes such as CKA_EXTRACTABLE, which are supposed to be visible even on a private key

Additionally aws-c-io takes advantage of the ability to call C_Sign to determine size of buffer. This code path was unimplemented.

Checklist

• I have reviewed the CONTRIBUTING.md and agree to it's terms

[JamieHunter]

Note, fixed bug here, as argc = (int)sizeof(argv) sets 6sizeof(char) and not 6.

[JamieHunter]

Based on bug reports, there is risk that setting this to PKCS11_MAX_SESSIONS_ALLOWED might break something?

[bryan-hunt]

CKA_ID needs to match the subject key id in the certificate

[JamieHunter]

CKA_ID needs to match the subject key id in the certificate

Hi Bryan, per v2.4 spec, I read that it's recommended for interoperability, but "Cryptoki does not enforce this association, or even the uniqueness of the key identifier for a given subject". I don't think there's any possible way to enforce this in code, but maybe could be called out in documentation as a recommended practice? Conversely not having a mechanism to set the ID in the config precludes this library working with Java. Of course, I'm open to other suggestions.

[JamieHunter]

I have backed out the ID support from this PR