[PATCH v2 14/19] keytoc: clarify error messages

[Sascha Hauer]

When we can't open the given path as certificate, we try reading it
as a public key. Clarify the error message accordingly and add a
comment about this.

Signed-off-by: Sascha Hauer <s.hauer at pengutronix.de>
---
 scripts/keytoc.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/scripts/keytoc.c b/scripts/keytoc.c
index aa36ba02e1..6c5ff9403d 100644
--- a/scripts/keytoc.c
+++ b/scripts/keytoc.c
@@ -57,7 +57,7 @@ static int pem_get_pub_key(const char *path, EVP_PKEY **pkey)
 	*pkey = NULL;
 	f = fopen(path, "r");
 	if (!f) {
-		fprintf(stderr, "Couldn't open certificate: '%s': %s\n",
+		fprintf(stderr, "Couldn't open certificate '%s': %s\n",
 			path, strerror(errno));
 		return -EACCES;
 	}
@@ -65,10 +65,11 @@ static int pem_get_pub_key(const char *path, EVP_PKEY **pkey)
 	/* Read the certificate */
 	cert = NULL;
 	if (!PEM_read_X509(f, &cert, NULL, NULL)) {
+		/* Can't open certificate, maybe it's a pubkey */
 		rewind(f);
 		key = PEM_read_PUBKEY(f, NULL, NULL, NULL);
 		if (!key) {
-			openssl_error("Couldn't read certificate");
+			openssl_error("Couldn't read certificate/pubkey %s\n", path);
 			ret = -EINVAL;
 			goto err_cert;
 		}
@@ -76,7 +77,7 @@ static int pem_get_pub_key(const char *path, EVP_PKEY **pkey)
 		/* Get the public key from the certificate. */
 		key = X509_get_pubkey(cert);
 		if (!key) {
-			openssl_error("Couldn't read public key\n");
+			openssl_error("Couldn't read public key from certificate\n");
 			ret = -EINVAL;
 			goto err_pubkey;
 		}
-- 
2.39.2