ZTS: ICP encryption tests

This commit adds tests that ensure that the ICP crypto_encrypt() and
crypto_decrypt() produce the correct results for all implementations
available on this platform.

The actual ZTS scripts are simple drivers for the crypto_test program in
it's "correctness" mode. This mode takes a file full of test vectors
(inputs and expected outputs), runs them, and checks that the results
are expected. It will run the tests for each implementation of the
algorithm provided by the ICP.

The test vectors are taken from Project Wycheproof, which provides a
huge number of tests, including exercising many edge cases and common
implementation mistakes. These tests are provided are JSON files, so a
program is included here to convert them into a simpler line-based
format for crypto_test to consume.

crypto_test also has a "performance" mode, which will run simple
benchmarks against all implementations provded by the ICP and output
them for comparison. This is not used by ZTS, but is available to assist
with development of new implementations of the underlying primitives.

Thanks-to: Joel Low <joel@joelsplace.sg>
Sponsored-by: https://despairlabs.com/sponsor/
Signed-off-by: Rob Norris <robn@despairlabs.com>
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Reviewed-by: Tino Reichardt <milky-zfs@mcmilk.de>
Reviewed-by: Attila Fülöp <attila@fueloep.org>

tests/zfs-tests/cmd/.gitignore

@@ -4,6 +4,7 @@
 /clonefile
 /clone_mmap_cached
 /clone_mmap_write
+/crypto_test
 /devname2devid
 /dir_rd_update
 /draid

tests/zfs-tests/cmd/Makefile.am

@@ -30,6 +30,11 @@ scripts_zfs_tests_bin_PROGRAMS += %D%/btree_test
 	libzfs_core.la
 
 
+scripts_zfs_tests_bin_PROGRAMS += %D%/crypto_test
+%C%_crypto_test_SOURCES = %D%/crypto_test.c
+%C%_crypto_test_LDADD = libzpool.la
+
+
 if WANT_DEVNAME2DEVID
 scripts_zfs_tests_bin_PROGRAMS += %D%/devname2devid
 %C%_devname2devid_CFLAGS = $(AM_CFLAGS) $(LIBUDEV_CFLAGS)

tests/zfs-tests/include/commands.cfg

@@ -186,6 +186,7 @@ export ZFSTEST_FILES='badsend
     clonefile
     clone_mmap_cached
     clone_mmap_write
+    crypto_test
     devname2devid
     dir_rd_update
     draid

tests/zfs-tests/tests/Makefile.am

@@ -139,6 +139,10 @@ nobase_dist_datadir_zfs_tests_tests_DATA += \
 	functional/checksum/default.cfg \
 	functional/clean_mirror/clean_mirror_common.kshlib \
 	functional/clean_mirror/default.cfg \
+	functional/crypto/aes_ccm_test.json \
+	functional/crypto/aes_ccm_test.txt \
+	functional/crypto/aes_gcm_test.json \
+	functional/crypto/aes_gcm_test.txt \
 	functional/cli_root/cli_common.kshlib \
 	functional/cli_root/zfs_copies/zfs_copies.cfg \
 	functional/cli_root/zfs_copies/zfs_copies.kshlib \
@@ -1426,9 +1430,8 @@ nobase_dist_datadir_zfs_tests_tests_SCRIPTS += \
 	functional/crtime/cleanup.ksh \
 	functional/crtime/crtime_001_pos.ksh \
 	functional/crtime/setup.ksh \
-	functional/ctime/cleanup.ksh \
-	functional/ctime/ctime_001_pos.ksh \
-	functional/ctime/setup.ksh \
+	functional/crypto/icp_aes_ccm.ksh \
+	functional/crypto/icp_aes_gcm.ksh \
 	functional/deadman/deadman_ratelimit.ksh \
 	functional/deadman/deadman_sync.ksh \
 	functional/deadman/deadman_zio.ksh \

tests/zfs-tests/tests/functional/crypto/README

@@ -0,0 +1,7 @@
+.json test vectors taken from Project Wycheproof:
+
+  https://github.com/c2sp/wycheproof
+
+Licensed under the Apache License, Version 2.0
+
+.txt files generated with scripts/convert_wycheproof.pl

tests/zfs-tests/tests/functional/crypto/icp_aes_ccm.ksh

@@ -0,0 +1,27 @@
+#!/bin/ksh -p
+#
+# CDDL HEADER START
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2025, Rob Norris <robn@despairlabs.com>
+#
+
+. $STF_SUITE/include/libtest.shlib
+
+log_assert "ICP passes test vectors for AES-CCM"
+
+log_must crypto_test -c $STF_SUITE/tests/functional/crypto/aes_ccm_test.txt
+
+log_pass "ICP passes test vectors for AES-CCM"

tests/zfs-tests/tests/functional/crypto/icp_aes_gcm.ksh

@@ -0,0 +1,27 @@
+#!/bin/ksh -p
+#
+# CDDL HEADER START
+#
+# This file and its contents are supplied under the terms of the
+# Common Development and Distribution License ("CDDL"), version 1.0.
+# You may only use this file in accordance with the terms of version
+# 1.0 of the CDDL.
+#
+# A full copy of the text of the CDDL should have accompanied this
+# source.  A copy of the CDDL is also available via the Internet at
+# http://www.illumos.org/license/CDDL.
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright (c) 2025, Rob Norris <robn@despairlabs.com>
+#
+
+. $STF_SUITE/include/libtest.shlib
+
+log_assert "ICP passes test vectors for AES-GCM"
+
+log_must crypto_test -c $STF_SUITE/tests/functional/crypto/aes_gcm_test.txt
+
+log_pass "ICP passes test vectors for AES-GCM"