The token should populate CKA_PUBLIC_KEY_INFO

[simo5]

We currently do not really do anything with this attribute but...

For public keys the spec says:

DER-encoding of the SubjectPublicKeyInfo for this public key. (MAY be empty, DEFAULT derived from the underlying public key data)

For private keys the spec says:

DER-encoding of the SubjectPublicKeyInfo for the associated public key (MAY be empty; DEFAULT derived from the underlying private key data; MAY be manually set for specific key types; if set; MUST be consistent with the underlying private key data)

For certificates the spec says:

DER-encoding of the SubjectPublicKeyInfo for the public key contained in this certificate (default empty)

This may actually come handy to implement #359 without having to add any custom attribute or any other hack, and will make the token more spec compliant and compatible with applications that may expect to be able to use this attribute.

[Jakuje]

This solution sounds to me cleaner than doing #359. I realized it just now during implementing something in the pkcs11-tool that this attribute exists and it solves the problem better than the ad-hoc solutions we discussed last week.