Merge branches 'feature_16582' and 'feature_16581'

diff --cc src/or/routerkeys.c
index d075c67e6a715f589adaf71b8494f6a0da8efc00,c9afad9b6b40b135f383fa08d4aa2059f4508697,d38b5a3ba3a6d5caaedbfdf26abd5a0ec106acae..955cb9ce23103f0f08a2ec8d125470c47a8db1d8
--- 1/src/or/routerkeys.c
--- 2/src/or/routerkeys.c
--- 3/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@@@ -178,10 -191,15 -187,13 +191,17 @@@@ ed_key_init_from_file(const char *fname
     char *encrypted_secret_fname = NULL;
     char *public_fname = NULL;
     char *cert_fname = NULL;
++   const char *loaded_secret_fname = NULL;
     int created_pk = 0, created_sk = 0, created_cert = 0;
     const int try_to_load = ! (flags & INIT_ED_KEY_REPLACE);
--   const int encrypt_key = (flags & INIT_ED_KEY_TRY_ENCRYPTED);
 -   const int norepair = (flags & INIT_ED_KEY_NO_REPAIR);
++   const int encrypt_key = !! (flags & INIT_ED_KEY_TRY_ENCRYPTED);
++   const int norepair = !! (flags & INIT_ED_KEY_NO_REPAIR);
++   const int split = !! (flags & INIT_ED_KEY_SPLIT);
+  
+ +  /* we don't support setting both of these flags at once. */
+ +  tor_assert((flags & (INIT_ED_KEY_NO_REPAIR|INIT_ED_KEY_NEEDCERT)) !=
+ +                      (INIT_ED_KEY_NO_REPAIR|INIT_ED_KEY_NEEDCERT));
  +
     char tag[8];
     tor_snprintf(tag, sizeof(tag), "type%d", (int)cert_type);
   
@@@@ -195,10 -213,21 -207,22 +215,22 @@@@
     tor_asprintf(&cert_fname, "%s_cert", fname);
   
     /* Try to read the secret key. */
-    int have_secret = try_to_load &&
-      !(flags & INIT_ED_KEY_OMIT_SECRET) &&
-      ed25519_seckey_read_from_file(&keypair->seckey,
-                                    &got_tag, secret_fname) == 0;
+    int have_secret = 0;
+    if (try_to_load &&
+        !(flags & INIT_ED_KEY_OMIT_SECRET)) {
+      int rv = ed25519_seckey_read_from_file(&keypair->seckey,
+                                             &got_tag, secret_fname);
+      if (rv == 0) {
+        have_secret = 1;
++       loaded_secret_fname = secret_fname;
+      } else {
+        if (errno != ENOENT && norepair) {
+          tor_log(severity, LD_OR, "Unable to read %s: %s", secret_fname,
+                  strerror(errno));
+          goto err;
+        }
+      }
+    }
   
     /* Should we try for an encrypted key? */
     if (!have_secret && try_to_load && encrypt_key) {
@@@@ -207,6 -236,10 -231,11 +239,11 @@@@
       if (r > 0) {
         have_secret = 1;
         got_tag = tor_strdup(tag);
++       loaded_secret_fname = encrypted_secret_fname;
+      } else if (errno != ENOENT && norepair) {
+        tor_log(severity, LD_OR, "Unable to read %s: %s", encrypted_secret_fname,
+                strerror(errno));
+        goto err;
       }
     }
   
@@@@ -222,12 -255,17 -252,19 +260,19 @@@@
       }
     }
   
--   /* If it's absent and that's okay, try to read the pubkey. */
++   /* If it's absent and that's okay, or if we do split keys here, try to re
++    * the pubkey. */
     int found_public = 0;
--   if (!have_secret && try_to_load) {
++   if ((!have_secret && try_to_load) || (have_secret && split)) {
++     ed25519_public_key_t pubkey_tmp;
       tor_free(got_tag);
--     found_public = ed25519_pubkey_read_from_file(&keypair->pubkey,
++     found_public = ed25519_pubkey_read_from_file(&pubkey_tmp,
                                                    &got_tag, public_fname) == 0;
+      if (!found_public && errno != ENOENT && norepair) {
+        tor_log(severity, LD_OR, "Unable to read %s: %s", public_fname,
+                strerror(errno));
+        goto err;
+      }
       if (found_public && strcmp(got_tag, tag)) {
         tor_log(severity, LD_OR, "%s has wrong tag", public_fname);
         goto err;