add cryptsetup wrapper to core

Signed-off-by: Malte Poll <mp@edgeless.systems>
2025-07-26 00:35:19 -04:00 · 2022-04-20 11:38:56 +02:00 · 2022-04-20 11:38:56 +02:00 · 1b6ecf27ee
commit 1b6ecf27ee
parent bb56b46e21
13 changed files with 215 additions and 18 deletions
--- a/coordinator/core/diskencryption.go
+++ b/coordinator/core/diskencryption.go
@ -0,0 +1,57 @@
+package core
+
+import (
+	"fmt"
+)
+
+// GetDiskUUID gets the disk's UUID.
+func (c *Core) GetDiskUUID() (string, error) {
+	if err := c.encryptedDisk.Open(); err != nil {
+		return "", fmt.Errorf("retrieving uuid of encrypted disk failed: cannot open disk: %w", err)
+	}
+	defer c.encryptedDisk.Close()
+	uuid, err := c.encryptedDisk.UUID()
+	if err != nil {
+		return "", fmt.Errorf("cannot retrieve uuid of disk: %w", err)
+	}
+	return uuid, nil
+}
+
+// UpdateDiskPassphrase switches the initial random passphrase of the encrypted disk to a permanent passphrase.
+func (c *Core) UpdateDiskPassphrase(passphrase string) error {
+	if err := c.encryptedDisk.Open(); err != nil {
+		return fmt.Errorf("updating passphrase of encrypted disk failed: cannot open disk: %w", err)
+	}
+	defer c.encryptedDisk.Close()
+	return c.encryptedDisk.UpdatePassphrase(passphrase)
+}
+
+// EncryptedDisk manages the encrypted state disk.
+type EncryptedDisk interface {
+	// Open prepares the underlying device for disk operations.
+	Open() error
+	// Close closes the underlying device.
+	Close() error
+	// UUID gets the device's UUID.
+	UUID() (string, error)
+	// UpdatePassphrase switches the initial random passphrase of the encrypted disk to a permanent passphrase.
+	UpdatePassphrase(passphrase string) error
+}
+
+type EncryptedDiskFake struct{}
+
+func (f *EncryptedDiskFake) UUID() (string, error) {
+	return "fake-disk-uuid", nil
+}
+
+func (f *EncryptedDiskFake) UpdatePassphrase(passphrase string) error {
+	return nil
+}
+
+func (f *EncryptedDiskFake) Open() error {
+	return nil
+}
+
+func (f *EncryptedDiskFake) Close() error {
+	return nil
+}