PKCS12_parse leaks meaningless error from X509_check_private_key

[Tomasz Sawicki]

Hi,

PKCS12_parse uses X509_check_private_key to distinguish the certificate 
which matches the private key from extra certificates. When extra 
certificates are checked first, X509_check_private_key puts 
X509_R_KEY_VALUES_MISMATCH error on error stack which is not cleared by 
PKCS12_parse and can trigger weird behaviour in libraries using 
PKCS12_parse.

Bad effect seen in PHP bug #69882[1].

[1] https://bugs.php.net/bug.php?id=69882

-- 
Tomasz Sawicki