commit e013f1b87807b7c0eb7440cec41e568ef288b499
author Serge Bazanski <serge@monogon.tech> Tue Mar 21 11:49:54 2023 +0100
committer Serge Bazanski <serge@monogon.tech> Wed Mar 22 11:33:51 2023 +0000
tree 14fee72b90e222cd7ad2b4b865bf8c7637a4fd5e
parent 6fdca3f2e8b60f53f69c8cd39a02109cc47059ac

m/n/core/localstorage: add helper functions for PKIDirectory

Change-Id: I2798b9d6fcaedcf7a5e8e01e322797ebb8a1389d
Reviewed-on: https://review.monogon.dev/c/monogon/+/1376
Tested-by: Jenkins CI
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

metropolis/node/core/identity/identity.go

diff --git a/metropolis/node/core/identity/identity.go b/metropolis/node/core/identity/identity.go
index 8749b6d..a08bd6f 100644
--- a/metropolis/node/core/identity/identity.go
+++ b/metropolis/node/core/identity/identity.go
@@ -112,44 +112,19 @@
 
 // Save stores the given node credentials in local storage.
 func (n *NodeCredentials) Save(d *localstorage.PKIDirectory) error {
-	if err := d.CACertificate.Write(n.ca.Raw, 0400); err != nil {
-		return fmt.Errorf("when writing CA certificate: %w", err)
-	}
-	if err := d.Certificate.Write(n.node.Raw, 0400); err != nil {
-		return fmt.Errorf("when writing node certificate: %w", err)
-	}
-	if err := d.Key.Write(n.private, 0400); err != nil {
-		return fmt.Errorf("when writing node private key: %w", err)
-	}
-	return nil
+	return d.WriteAll(n.node.Raw, n.private, n.ca.Raw)
 }
 
 // Read initializes NodeCredentials' contents with the data stored in the
 // PKIDirectory d. It may return an I/O error, or a parsing error.
 func (n *NodeCredentials) Read(d *localstorage.PKIDirectory) error {
-	if car, err := d.CACertificate.Read(); err != nil {
-		return fmt.Errorf("while reading CA certificate: %w", err)
-	} else {
-		cert, err := x509.ParseCertificate(car)
-		if err != nil {
-			return fmt.Errorf("while parsing CA certificate: %w", err)
-		}
-		n.ca = cert
+	ca, cert, key, err := d.ReadAll()
+	if err != nil {
+		return err
 	}
-	if nr, err := d.Certificate.Read(); err != nil {
-		return fmt.Errorf("while reading node certificate: %w", err)
-	} else {
-		cert, err := x509.ParseCertificate(nr)
-		if err != nil {
-			return fmt.Errorf("while parsing node certificate: %w", err)
-		}
-		n.node = cert
-	}
-	if npr, err := d.Key.Read(); err != nil {
-		return fmt.Errorf("while reading node private key: %w", err)
-	} else {
-		n.private = npr
-	}
+	n.ca = ca
+	n.node = cert
+	n.private = key
 	return nil
 }