From 4786afd48cc19533b4232bca2519ec6ad2853e5c Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Fri, 17 Jul 2015 16:21:57 +0200
Subject: Don't insist that both keys in a pair must be token objects if either
 one is.  Apparently making the public key be a session object is a standard
 hack for conserving space on the token.

---
 pkcs11.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/pkcs11.c b/pkcs11.c
index 9997768..2cf704f 100644
--- a/pkcs11.c
+++ b/pkcs11.c
@@ -1796,10 +1796,9 @@ static CK_RV generate_keypair_rsa_pkcs(p11_session_t *session,
   }
 
   /*
-   * We require a key size, and if either key is a token object, the
-   * other must be too.
+   * We require a key size.
    */
-  if (keysize == 0 || public_handle_flavor != private_handle_flavor)
+  if (keysize == 0)
     return CKR_TEMPLATE_INCOMPLETE;
 
   /*
-- 
cgit v1.2.3