+ if(access(host_file, R_OK)) {
+ fprintf(stderr, "WARNING: cannot read %s\n", host_file);
+ }
+
+ ecdsa_t *ec_pub = NULL;
+ read_ecdsa_public_key(&ec_pub, &config, name);
+
+ bool success = true;
+#ifndef DISABLE_LEGACY
+ rsa_t *rsa_pub = NULL;
+ read_rsa_public_key(&rsa_pub, config, name);
+
+ success = check_rsa_pubkey(rsa_priv, rsa_pub, host_file);
+ rsa_free(rsa_pub);
+#endif
+
+ if(!check_ec_pubkey(ec_priv, ec_pub, host_file)) {
+ success = false;
+ }
+
+ ecdsa_free(ec_pub);
+
+ return success;
+}
+
+static bool check_keypairs(splay_tree_t *config, const char *name) {
+ // Check private keys.
+ char *priv_keyfile = NULL;
+ ecdsa_t *ec_priv = read_ecdsa_private_key(config, &priv_keyfile);
+
+ if(priv_keyfile) {
+ check_key_file_mode(priv_keyfile);
+ free(priv_keyfile);
+ priv_keyfile = NULL;
+ }
+
+#ifdef DISABLE_LEGACY
+
+ if(!ec_priv) {
+ print_new_keys_cmd(KEY_ED25519, "ERROR: No Ed25519 private key found.");
+ return false;
+ }
+
+#else
+ rsa_t *rsa_priv = read_rsa_private_key(config, &priv_keyfile);
+
+ if(priv_keyfile) {
+ check_key_file_mode(priv_keyfile);
+ free(priv_keyfile);
+ }
+
+ if(!rsa_priv && !ec_priv) {
+ print_new_keys_cmd(KEY_BOTH, "ERROR: Neither RSA or Ed25519 private key found.");
+ return false;
+ }
+
+#endif
+
+#ifdef DISABLE_LEGACY
+ bool success = check_public_keys(config, name, ec_priv);
+#else
+ bool success = check_public_keys(config, name, rsa_priv, ec_priv);
+ rsa_free(rsa_priv);
+#endif
+ ecdsa_free(ec_priv);