+Key *
+key_load_private(const char *filename, const char *passphrase,
+ char **commentp)
+{
+ Key *pub, *prv;
+ int fd;
+
+ fd = open(filename, O_RDONLY);
+ if (fd < 0)
+ return NULL;
+ if (!key_perm_ok(fd, filename)) {
+ error("bad permissions: ignore key: %s", filename);
+ close(fd);
+ return NULL;
+ }
+ pub = key_load_public_rsa1(fd, filename, commentp);
+ lseek(fd, (off_t) 0, SEEK_SET); /* rewind */
+ if (pub == NULL) {
+ /* closes fd */
+ prv = key_load_private_pem(fd, KEY_UNSPEC, passphrase, NULL);
+ /* use the filename as a comment for PEM */
+ if (commentp && prv)
+ *commentp = xstrdup(filename);
+ } else {
+ /* it's a SSH v1 key if the public key part is readable */
+ key_free(pub);
+ /* closes fd */
+ prv = key_load_private_rsa1(fd, filename, passphrase, NULL);
+ }
+ return prv;
+}
+
+static int
+key_try_load_public(Key *k, const char *filename, char **commentp)