xref: /illumos-gate/usr/src/test/zfs-tests/tests/functional/cli_root/zfs_create/zfs_create_crypt_combos.ksh (revision 508a0e8cf1600b06c1f7361ad76e736710d3fdf8) 
1#!/bin/ksh -p
2#
3# CDDL HEADER START
4#
5# This file and its contents are supplied under the terms of the
6# Common Development and Distribution License ("CDDL"), version 1.0.
7# You may only use this file in accordance with the terms of version
8# 1.0 of the CDDL.
9#
10# A full copy of the text of the CDDL should have accompanied this
11# source.  A copy of the CDDL is also available via the Internet at
12# http://www.illumos.org/license/CDDL.
13#
14# CDDL HEADER END
15#
16
17#
18# Copyright (c) 2017, Datto, Inc. All rights reserved.
19# Copyright (c) 2019, DilOS
20#
21
22. $STF_SUITE/include/libtest.shlib
23. $STF_SUITE/tests/functional/cli_root/zfs_create/zfs_create_common.kshlib
24. $STF_SUITE/tests/functional/cli_root/zfs_create/properties.kshlib
25
26#
27# DESCRIPTION:
28# 'zfs create' should create an encrypted dataset with a valid encryption
29# algorithm, key format, key location, and key.
30#
31# STRATEGY:
32# 1. Create a filesystem for each combination of encryption type and key format
33# 2. Verify that each filesystem has the correct properties set
34#
35
36verify_runnable "both"
37
38function cleanup
39{
40	datasetexists $TESTPOOL/$TESTFS1 && \
41		log_must zfs destroy -f $TESTPOOL/$TESTFS1
42}
43
44log_onexit cleanup
45
46set -A ENCRYPTION_ALGS \
47	"encryption=on" \
48	"encryption=aes-128-ccm" \
49	"encryption=aes-192-ccm" \
50	"encryption=aes-256-ccm" \
51	"encryption=aes-128-gcm" \
52	"encryption=aes-192-gcm" \
53	"encryption=aes-256-gcm"
54
55set -A ENCRYPTION_PROPS \
56	"encryption=aes-256-ccm" \
57	"encryption=aes-128-ccm" \
58	"encryption=aes-192-ccm" \
59	"encryption=aes-256-ccm" \
60	"encryption=aes-128-gcm" \
61	"encryption=aes-192-gcm" \
62	"encryption=aes-256-gcm"
63
64set -A KEYFORMATS "keyformat=raw" \
65	"keyformat=hex" \
66	"keyformat=passphrase"
67
68set -A USER_KEYS "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz" \
69	"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" \
70	"abcdefgh"
71
72log_assert "'zfs create' should create encrypted datasets using all" \
73	"combinations of supported properties"
74
75typeset -i i=0
76while (( i < ${#ENCRYPTION_ALGS[*]} )); do
77	typeset -i j=0
78	while (( j < ${#KEYFORMATS[*]} )); do
79		log_must eval "echo ${USER_KEYS[j]} | tr -d '\n' | zfs create" \
80			"-o ${ENCRYPTION_ALGS[i]} -o ${KEYFORMATS[j]}" \
81			"$TESTPOOL/$TESTFS1"
82
83		datasetexists $TESTPOOL/$TESTFS1 || \
84			log_fail "Failed to create dataset using" \
85			"${ENCRYPTION_ALGS[i]} and ${KEYFORMATS[j]}"
86
87		propertycheck $TESTPOOL/$TESTFS1 ${ENCRYPTION_PROPS[i]} || \
88			log_fail "failed to set ${ENCRYPTION_ALGS[i]}"
89		propertycheck $TESTPOOL/$TESTFS1 ${KEYFORMATS[j]} || \
90			log_fail "failed to set ${KEYFORMATS[j]}"
91
92		log_must zfs destroy -f $TESTPOOL/$TESTFS1
93		(( j = j + 1 ))
94	done
95	(( i = i + 1 ))
96done
97
98log_pass "'zfs create' creates encrypted datasets using all combinations of" \
99	"supported properties"
100