xref: /illumos-gate/usr/src/test/zfs-tests/tests/functional/cli_root/zpool_create/zpool_create_crypt_combos.ksh (revision 4e5ef1cee66fbfbbd2b3e56b81e2bb5700f4a59e) 
1#!/bin/ksh -p
2#
3# CDDL HEADER START
4#
5# This file and its contents are supplied under the terms of the
6# Common Development and Distribution License ("CDDL"), version 1.0.
7# You may only use this file in accordance with the terms of version
8# 1.0 of the CDDL.
9#
10# A full copy of the text of the CDDL should have accompanied this
11# source.  A copy of the CDDL is also available via the Internet at
12# http://www.illumos.org/license/CDDL.
13#
14# CDDL HEADER END
15#
16
17#
18# Copyright (c) 2017, Datto, Inc. All rights reserved.
19# Copyright (c) 2019, DilOS
20#
21
22. $STF_SUITE/include/libtest.shlib
23. $STF_SUITE/tests/functional/cli_root/zfs_create/zfs_create_common.kshlib
24
25#
26# DESCRIPTION:
27# 'zpool create' should create encrypted pools when using a valid encryption
28# algorithm, key format, key location, and key.
29#
30# STRATEGY:
31# 1. Create a pool for each combination of encryption type and key format
32# 2. Verify that each filesystem has the correct properties set
33#
34
35verify_runnable "global"
36
37function cleanup
38{
39	poolexists $TESTPOOL && destroy_pool $TESTPOOL
40}
41log_onexit cleanup
42
43set -A ENCRYPTION_ALGS "encryption=on" \
44	"encryption=aes-128-ccm" \
45	"encryption=aes-192-ccm" \
46	"encryption=aes-256-ccm" \
47	"encryption=aes-128-gcm" \
48	"encryption=aes-192-gcm" \
49	"encryption=aes-256-gcm"
50
51set -A ENCRYPTION_PROPS "encryption=aes-256-ccm" \
52	"encryption=aes-128-ccm" \
53	"encryption=aes-192-ccm" \
54	"encryption=aes-256-ccm" \
55	"encryption=aes-128-gcm" \
56	"encryption=aes-192-gcm" \
57	"encryption=aes-256-gcm"
58
59set -A KEYFORMATS "keyformat=raw" \
60	"keyformat=hex" \
61	"keyformat=passphrase"
62
63set -A USER_KEYS "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz" \
64	"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" \
65	"abcdefgh"
66
67log_assert "'zpool create' should create encrypted pools when using a valid" \
68	"encryption algorithm, key format, key location, and key."
69
70typeset -i i=0
71while (( i < ${#ENCRYPTION_ALGS[*]} )); do
72	typeset -i j=0
73	while (( j < ${#KEYFORMATS[*]} )); do
74		log_must eval "printf '%s' ${USER_KEYS[j]} | zpool create" \
75		"-O ${ENCRYPTION_ALGS[i]} -O ${KEYFORMATS[j]}" \
76		"$TESTPOOL $DISKS"
77
78		propertycheck $TESTPOOL ${ENCRYPTION_PROPS[i]} || \
79			log_fail "failed to set ${ENCRYPTION_ALGS[i]}"
80		propertycheck $TESTPOOL ${KEYFORMATS[j]} || \
81			log_fail "failed to set ${KEYFORMATS[j]}"
82
83		log_must zpool destroy $TESTPOOL
84		(( j = j + 1 ))
85	done
86	(( i = i + 1 ))
87done
88
89log_pass "'zpool create' creates encrypted pools when using a valid" \
90	"encryption algorithm, key format, key location, and key."
91