From 7cf51a56ade59b8aafe6b3c138e97f1f0e26e542 Mon Sep 17 00:00:00 2001
From: "S.J.R. van Schaik" <stephan@synkhronix.com>
Date: Tue, 5 Sep 2017 14:13:26 +0100
Subject: [PATCH] rots-util: show error messages from OpenSSL

---
 source/sign.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/source/sign.c b/source/sign.c
index 1225192..55098e5 100644
--- a/source/sign.c
+++ b/source/sign.c
@@ -5,6 +5,7 @@
 
 #include <getopt.h>
 
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
@@ -175,24 +176,28 @@ int do_sign(int argc, char *argv[])
 
 	if (!(key = open_priv_key(args.key))) {
 		fprintf(stderr, "error: unable to read the private key.\n");
+		ERR_print_errors_fp(stderr);
 		return -1;
 	}
 
 	if (!(cert = X509_open_cert(args.cert))) {
 		fprintf(stderr, "error: unable to read the X509 certificate.\n");
+		ERR_print_errors_fp(stderr);
 		OPENSSL_free(key);
 		return -1;
 	}
 
 	if (!(cn = X509_get_common_name(cert))) {
 		fprintf(stderr, "error: unable to get the common name.\n");
+		ERR_print_errors_fp(stderr);
 		OPENSSL_free(cert);
 		OPENSSL_free(key);
 		return -1;
 	}
-
+	
 	if (sign(args.image, cn, args.digest, key) < 0) {
 		fprintf(stderr, "error: unable to sign the payload.\n");
+		ERR_print_errors_fp(stderr);
 		OPENSSL_free(cn);
 		OPENSSL_free(cert);
 		OPENSSL_free(key);