From 8f8939d9bbe932f49dbc08b6b3555ac9e0234e85 Mon Sep 17 00:00:00 2001
From: James Bottomley <jbottomley@parallels.com>
Date: Tue, 26 Jun 2012 13:57:03 +0000
Subject: [PATCH] sbsign: fix failure to sign when key is password protected

The current incarnation of sbsign doesn't all all ciphers to OpenSSL
meaning that if the private key is encrypted, it can't decrypt it and
instead it returns the unhelpful error message

error reading private key ../certs/PK.key

Fix this by adding all ciphers before trying to read the private key.

Signed-off-by: James Bottomley <JBottomley@Parallels.com>
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
---
 sbsign.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sbsign.c b/sbsign.c
index 24bc759..da47e90 100644
--- a/sbsign.c
+++ b/sbsign.c
@@ -170,6 +170,7 @@ int main(int argc, char **argv)
 
 	ERR_load_crypto_strings();
 	OpenSSL_add_all_digests();
+	OpenSSL_add_all_ciphers();
 
 	BIO *privkey_bio = BIO_new_file(keyfilename, "r");
 	EVP_PKEY *pkey = PEM_read_bio_PrivateKey(privkey_bio, NULL, NULL, NULL);