#27 Some PKCS-11 CSPs don't support combo signing ops.

[Michelle M. Manning]

The CL SPI that supports cert creation and signing assumes that the caller will pass in a single combo signing alg ID (e.g. RSAwithMD5), and the CL uses that alg when signing the cert. Some smart card csps, data key for one, do not support combo algorithms, but require that the hash and encrypt be done separately.

This means that one cannot currently use keys from these cards to sign certs.

### 312_1106 ###