m/n/core/identity: decouple from localstorage
Change-Id: I825bc7d71f9866b0052e550f0d113bd8bc726fdc
Reviewed-on: https://review.monogon.dev/c/monogon/+/1946
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI
diff --git a/metropolis/node/core/identity/BUILD.bazel b/metropolis/node/core/identity/BUILD.bazel
index 92e8943..ecd88df 100644
--- a/metropolis/node/core/identity/BUILD.bazel
+++ b/metropolis/node/core/identity/BUILD.bazel
@@ -8,7 +8,6 @@
],
importpath = "source.monogon.dev/metropolis/node/core/identity",
visibility = ["//visibility:public"],
- deps = ["//metropolis/node/core/localstorage"],
)
go_test(
diff --git a/metropolis/node/core/identity/identity.go b/metropolis/node/core/identity/identity.go
index a08bd6f..6663771 100644
--- a/metropolis/node/core/identity/identity.go
+++ b/metropolis/node/core/identity/identity.go
@@ -7,8 +7,6 @@
"crypto/x509"
"encoding/hex"
"fmt"
-
- "source.monogon.dev/metropolis/node/core/localstorage"
)
// Node is the public part of the credentials of a node. They are
@@ -110,14 +108,19 @@
}
}
+type PKIDirectory interface {
+ ReadAll() (ca, cert *x509.Certificate, key ed25519.PrivateKey, err error)
+ WriteAll(cert []byte, key ed25519.PrivateKey, ca []byte) error
+}
+
// Save stores the given node credentials in local storage.
-func (n *NodeCredentials) Save(d *localstorage.PKIDirectory) error {
+func (n *NodeCredentials) Save(d PKIDirectory) error {
return d.WriteAll(n.node.Raw, n.private, n.ca.Raw)
}
// Read initializes NodeCredentials' contents with the data stored in the
// PKIDirectory d. It may return an I/O error, or a parsing error.
-func (n *NodeCredentials) Read(d *localstorage.PKIDirectory) error {
+func (n *NodeCredentials) Read(d PKIDirectory) error {
ca, cert, key, err := d.ReadAll()
if err != nil {
return err