}
ERR_pop_to_mark();
+ /* if we were asked for private key, the public key is optional */
+ if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
+ selection = selection & ~OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
+
if (!evp_keymgmt_util_has(pkey, selection)) {
EVP_PKEY_free(pkey);
pkey = NULL;
EVP_PKEY *ret = NULL;
ERR_set_mark(); /* not interested in PEM read errors */
- if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) {
+ if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
if (!PEM_bytes_read_bio_secmem(&data, &len, &nm,
PEM_STRING_EVP_PKEY,
bp, cb, u)) {
} else {
const char *pem_string = PEM_STRING_PARAMETERS;
- if (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY)
+ if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
pem_string = PEM_STRING_PUBLIC;
if (!PEM_bytes_read_bio(&data, &len, &nm,
pem_string,
goto p8err;
ret = ossl_d2i_PrivateKey_legacy(ameth->pkey_id, x, &p, len, libctx,
propq);
- } else if (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) {
+ } else if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) == 0
+ && (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) {
+ /* Trying legacy PUBKEY decoding only if we do not want private key. */
ret = ossl_d2i_PUBKEY_legacy(x, &p, len);
- } else if ((slen = ossl_pem_check_suffix(nm, "PARAMETERS")) > 0) {
+ } else if ((selection & EVP_PKEY_KEYPAIR) == 0
+ && (slen = ossl_pem_check_suffix(nm, "PARAMETERS")) > 0) {
+ /* Trying legacy params decoding only if we do not want a key. */
ret = EVP_PKEY_new();
if (ret == NULL)
goto err;
OSSL_LIB_CTX *libctx, const char *propq)
{
return pem_read_bio_key(bp, x, cb, u, libctx, propq,
+ /* we also want the public key, if available */
EVP_PKEY_KEYPAIR);
}