Make sure the signature key verification checks get ran if the key can

do signing.

security/nss/lib/pk11wrap/pk11skey.c

@@ -1495,7 +1495,7 @@ pk11_PairwiseConsistencyCheck(SECKEYPublicKey *pubKey,
     /**********************************************/
 
     canSignVerify = PK11_HasAttributeSet ( privKey->pkcs11Slot, 
-					  privKey->pkcs11ID, CKA_VERIFY);
+					  privKey->pkcs11ID, CKA_SIGN);
     
     if (canSignVerify)
       {