2 files changed, 6 insertions, 2 deletions

diff --git a/lib/libsecureboot/openpgp/opgp_key.c b/lib/libsecureboot/openpgp/opgp_key.c
index 0a064b5a008e..dc0d8fa2934d 100644
--- a/lib/libsecureboot/openpgp/opgp_key.c
+++ b/lib/libsecureboot/openpgp/opgp_key.c
@@ -168,6 +168,7 @@ load_key_buf(unsigned char *buf, size_t nbytes)
 	initialize();
 
 	if (!(buf[0] & OPENPGP_TAG_ISTAG)) {
+		/* Note: we do *not* free data */
 		data = dearmor((char *)buf, nbytes, &nbytes);
 		ptr = data;
 	} else
@@ -190,7 +191,6 @@ load_key_buf(unsigned char *buf, size_t nbytes)
 			}
 		}
 	}
-	free(data);
 	return (key);
 }
 
@@ -209,8 +209,10 @@ openpgp_trust_add(OpenPGP_key *key)
 
 		LIST_INIT(&trust_list);
 	}
-	if (key)
+	if (key) {
+		DEBUG_PRINTF(2, ("openpgp_trust_add(%s)\n", key->id));
 		LIST_INSERT_HEAD(&trust_list, key, entries);
+	}
 }
 
 /**
@@ -296,6 +298,7 @@ load_key_id(const char *keyID)
 	if (!key)
 		key = load_trusted_key_id(keyID);
 #endif
+	DEBUG_PRINTF(2, ("load_key_id(%s): %s\n", keyID, key ? "found" : "nope"));
 	return (key);
 }
 
diff --git a/lib/libsecureboot/openpgp/opgp_sig.c b/lib/libsecureboot/openpgp/opgp_sig.c
index 804e2c83ce45..df4c33e6405d 100644
--- a/lib/libsecureboot/openpgp/opgp_sig.c
+++ b/lib/libsecureboot/openpgp/opgp_sig.c
@@ -318,6 +318,7 @@ openpgp_verify(const char *filename,
 		sdata = ddata = dearmor((char *)sdata, sbytes, &sbytes);
 	ptr = sdata;
 	rc = decode_packet(2, &ptr, sbytes, (decoder_t)decode_sig, sig);
+	DEBUG_PRINTF(2, ("rc=%d keyID=%s\n", rc, sig->key_id ? sig->key_id : "?"));
 	if (rc == 0 && sig->key_id) {
 		key = load_key_id(sig->key_id);
 		if (!key) {