From patchwork Tue Oct 8 18:14:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kusztal, ArkadiuszX" X-Patchwork-Id: 145504 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id CB7D045AE9; Tue, 8 Oct 2024 21:29:38 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id EA2AB40BA2; Tue, 8 Oct 2024 21:29:35 +0200 (CEST) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mails.dpdk.org (Postfix) with ESMTP id 6EA7840695 for ; Tue, 8 Oct 2024 21:29:34 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1728415774; x=1759951774; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=UOwWtiwGQf+HNv+azj4scXfslXaBMxymda/iUSg0+jk=; b=D7w69BYWhXfQ+B1rsW7TDfXxkdsOyUOH22/MVQWkwJMHIH4OzVzHDY0t RDhOS8zXqWnZjAaJYMmyObXC166i1mU1LELQ1aFB/N5FVGV5IPIsY4mZz 7J5U/5hEo8AiXOem6BK+xj0NxWp+A9//L5Y563cAbIwYBme1zhRQDMJqQ 6m1afEumGIfGad6DvF5YwYMvsVuc3tfc3rNYh6HTtyt1N/FF/V5LPE9+M 7H6xWuIMHuZmyGmEEGBsjgZ0biLlkkjftcV+MccCJ2xPpCbHQzaivUUGq 5Cxcv8b2TooPpss2bght9fdDl+e2neM175EHYwagzDf9q8GxFCsgfMnGo w==; X-CSE-ConnectionGUID: 9h8jwWPFRq2wCPcHMrI7fQ== X-CSE-MsgGUID: ITNQJwvAQk++26CpbWJ3rw== X-IronPort-AV: E=McAfee;i="6700,10204,11219"; a="27808841" X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="27808841" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Oct 2024 12:29:34 -0700 X-CSE-ConnectionGUID: blon5TMMQ9u5ciuztrDf8g== X-CSE-MsgGUID: nZx81yGJRdW48GgoFSGcAg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="80540582" Received: from silpixa00399302.ir.intel.com ([10.237.214.22]) by fmviesa004.fm.intel.com with ESMTP; 08 Oct 2024 12:29:32 -0700 From: Arkadiusz Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, brian.dooley@intel.com, Arkadiusz Kusztal Subject: [PATCH v4 1/4] cryptodev: reorder structures in asym crypto header Date: Tue, 8 Oct 2024 19:14:30 +0100 Message-Id: <20241008181433.57591-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> References: <20241008062845.11071-1-arkadiuszx.kusztal@intel.com> <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Asymmetric-crypto header has a simple structure that allows to keep logically separate blocks together. Therefore, xforms, ops, and generic structs may be appropriately ordered. This patch moves sm2-op structs to be placed along other algorithms-op structs. Signed-off-by: Arkadiusz Kusztal --- lib/cryptodev/rte_crypto_asym.h | 68 ++++++++++++++++++++--------------------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 157f597d5d..1b54774fee 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -600,40 +600,6 @@ struct rte_crypto_ecpm_op_param { }; /** - * Asymmetric crypto transform data - * - * Structure describing asym xforms. - */ -struct rte_crypto_asym_xform { - struct rte_crypto_asym_xform *next; - /**< Pointer to next xform to set up xform chain.*/ - enum rte_crypto_asym_xform_type xform_type; - /**< Asymmetric crypto transform */ - - union { - struct rte_crypto_rsa_xform rsa; - /**< RSA xform parameters */ - - struct rte_crypto_modex_xform modex; - /**< Modular Exponentiation xform parameters */ - - struct rte_crypto_modinv_xform modinv; - /**< Modular Multiplicative Inverse xform parameters */ - - struct rte_crypto_dh_xform dh; - /**< DH xform parameters */ - - struct rte_crypto_dsa_xform dsa; - /**< DSA xform parameters */ - - struct rte_crypto_ec_xform ec; - /**< EC xform parameters, used by elliptic curve based - * operations. - */ - }; -}; - -/** * SM2 operation capabilities */ enum rte_crypto_sm2_op_capa { @@ -710,6 +676,40 @@ struct rte_crypto_sm2_op_param { }; /** + * Asymmetric crypto transform data + * + * Structure describing asym xforms. + */ +struct rte_crypto_asym_xform { + struct rte_crypto_asym_xform *next; + /**< Pointer to next xform to set up xform chain.*/ + enum rte_crypto_asym_xform_type xform_type; + /**< Asymmetric crypto transform */ + + union { + struct rte_crypto_rsa_xform rsa; + /**< RSA xform parameters */ + + struct rte_crypto_modex_xform modex; + /**< Modular Exponentiation xform parameters */ + + struct rte_crypto_modinv_xform modinv; + /**< Modular Multiplicative Inverse xform parameters */ + + struct rte_crypto_dh_xform dh; + /**< DH xform parameters */ + + struct rte_crypto_dsa_xform dsa; + /**< DSA xform parameters */ + + struct rte_crypto_ec_xform ec; + /**< EC xform parameters, used by elliptic curve based + * operations. + */ + }; +}; + +/** * Asymmetric Cryptographic Operation. * * Structure describing asymmetric crypto operation params. From patchwork Tue Oct 8 18:14:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kusztal, ArkadiuszX" X-Patchwork-Id: 145505 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 243D345AE9; Tue, 8 Oct 2024 21:29:45 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 1DFAC40DD5; Tue, 8 Oct 2024 21:29:39 +0200 (CEST) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mails.dpdk.org (Postfix) with ESMTP id 312F340DD5 for ; Tue, 8 Oct 2024 21:29:36 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1728415777; x=1759951777; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=AS+wV+NnqP7/V0/J+vGhxPmsQZ6od3bTcjUz7TXb/LE=; b=NR1g7egeYwoYtfykU1nlUpss7tKK4H++NAhh5ZM6hIPjnyithKS8YVx9 aUTrcCVe88BSsrZXzBmOBW71cMzMLYtcvgfSrqnILlf/tY00QrHvqa+/v LTAo/DZvsI+oxGrgGhXs9s3gNHNnfOiOynWR9uPqfSLIPq9EoTNQUXA2h WY6f3YIJ061ComUsUK4JRPHiPnEFl8e+4GaZP7Zpx9SR11fklhx9BNpXg 7lY08ybLVlISrcI5gmPmYDpa9Af8/oeLfQ4cUeiTUIFPVB/KgxjesOKOg Cs1UrsOA8E4pgsBKSFly8EquyY4/tgwYtx+JFV2R+bjrJHI8KcUmbY7he w==; X-CSE-ConnectionGUID: 1QtjKf5FTkuzYNzdfIdsBw== X-CSE-MsgGUID: WrUiNYOJSZSgdXVGhk5zsg== X-IronPort-AV: E=McAfee;i="6700,10204,11219"; a="27808855" X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="27808855" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Oct 2024 12:29:36 -0700 X-CSE-ConnectionGUID: jSabq8AKQr2Sso9aRfYyNQ== X-CSE-MsgGUID: P+dooLpQTiqgtH2tFK1lPA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="80540589" Received: from silpixa00399302.ir.intel.com ([10.237.214.22]) by fmviesa004.fm.intel.com with ESMTP; 08 Oct 2024 12:29:35 -0700 From: Arkadiusz Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, brian.dooley@intel.com, Arkadiusz Kusztal Subject: [PATCH v4 2/4] cryptodev: add ec points to sm2 op Date: Tue, 8 Oct 2024 19:14:31 +0100 Message-Id: <20241008181433.57591-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> References: <20241008062845.11071-1-arkadiuszx.kusztal@intel.com> <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org In the case when PMD cannot support the full process of the SM2, but elliptic curve computation only, additional fields are needed to handle such a case. Points C1, kP therefore were added to the SM2 crypto operation struct. Signed-off-by: Arkadiusz Kusztal --- lib/cryptodev/rte_crypto_asym.h | 57 +++++++++++++++++++++++++++++++---------- 1 file changed, 43 insertions(+), 14 deletions(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 1b54774fee..4fb8ca813c 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -609,6 +609,12 @@ enum rte_crypto_sm2_op_capa { /**< Prehash message before crypto op. */ RTE_CRYPTO_SM2_PKE_KDF, /**< KDF support in SM2 public key encryption */ + RTE_CRYPTO_SM2_PARTIAL, + /**< + * PMD does not support the full process of the + * SM2 encryption/decryption, but the elliptic + * curve part only + */ }; /** @@ -636,20 +642,43 @@ struct rte_crypto_sm2_op_param { * will be overwritten by the PMD with the decrypted length. */ - rte_crypto_param cipher; - /**< - * Pointer to input data - * - to be decrypted for SM2 private decrypt. - * - * Pointer to output data - * - for SM2 public encrypt. - * In this case the underlying array should have been allocated - * with enough memory to hold ciphertext output (at least X bytes - * for prime field curve of N bytes and for message M bytes, - * where X = (C1 || C2 || C3) and computed based on SM2 RFC as - * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will - * be overwritten by the PMD with the encrypted length. - */ + union { + rte_crypto_param cipher; + /**< + * Pointer to input data + * - to be decrypted for SM2 private decrypt. + * + * Pointer to output data + * - for SM2 public encrypt. + * In this case the underlying array should have been allocated + * with enough memory to hold ciphertext output (at least X bytes + * for prime field curve of N bytes and for message M bytes, + * where X = (C1 || C2 || C3) and computed based on SM2 RFC as + * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will + * be overwritten by the PMD with the encrypted length. + */ + struct { + struct rte_crypto_ec_point C1; + /**< + * This field is used only when PMD does not support the full + * process of the SM2 encryption/decryption, but the elliptic + * curve part only. + * + * In the case of encryption, it is an output - point C1 = (x1,y1). + * In the case of decryption, if is an input - point C1 = (x1,y1) + * + */ + struct rte_crypto_ec_point kP; + /**< + * This field is used only when PMD does not support the full + * process of the SM2 encryption/decryption, but the elliptic + * curve part only. + * + * It is an output in the encryption case, it is a point + * [k]P = (x2,y2) + */ + }; + }; rte_crypto_uint id; /**< The SM2 id used by signer and verifier. */ From patchwork Tue Oct 8 18:14:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kusztal, ArkadiuszX" X-Patchwork-Id: 145506 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8FBCA45AE9; Tue, 8 Oct 2024 21:29:53 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id E9CD640E2C; Tue, 8 Oct 2024 21:29:41 +0200 (CEST) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mails.dpdk.org (Postfix) with ESMTP id 7E15640E2C for ; Tue, 8 Oct 2024 21:29:40 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1728415780; x=1759951780; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=SC7qIAF4sB5yMruccXrYF34El0r+Aa7EiiM26CrUQOM=; b=hFNEeZjWH5k+xqNfIYLF2LbE9g2JsCdwPBTLYmLRS4FOyNqebZj0nEjz ebwiJeR4Uz8q+X1bScAJky4+3JibA8ulCX29Gr+nTXEbCz2+a6wzIoO8I SJIb5pc7mCAONH8cBJ2we7MQKWutgYQBuT6vIq3pDKZfVgEczGGB8kPac QQshrqmfkRbbuFikN+PZoF6dMyeuGWnghHCxN1ENUooK7UVwi2ZwZTVxo a2LwY/RjN8v3xE3H/W3HkD7iZwDueL4GVwQdbviRSqVpyMkyWE98Vs9mH PjOUOhLV/0Ja8vfjtLTwiP92MNSYeNdSVQAKpxdTAJVOw9pVHxfSszvTy A==; X-CSE-ConnectionGUID: rXJaYcnMROqIOT3XdJMb1g== X-CSE-MsgGUID: ynrvvTfeS7Op8PneM4n5nA== X-IronPort-AV: E=McAfee;i="6700,10204,11219"; a="27808864" X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="27808864" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Oct 2024 12:29:39 -0700 X-CSE-ConnectionGUID: TVFyV99PRZ+jG0K4W8Cfmg== X-CSE-MsgGUID: RsgcKbl6T86Mj5QeXhiuuQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="80540592" Received: from silpixa00399302.ir.intel.com ([10.237.214.22]) by fmviesa004.fm.intel.com with ESMTP; 08 Oct 2024 12:29:37 -0700 From: Arkadiusz Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, brian.dooley@intel.com, Arkadiusz Kusztal Subject: [PATCH v4 3/4] crypto/qat: add sm2 encryption/decryption function Date: Tue, 8 Oct 2024 19:14:32 +0100 Message-Id: <20241008181433.57591-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> References: <20241008062845.11071-1-arkadiuszx.kusztal@intel.com> <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit adds SM2 elliptic curve based asymmetric encryption and decryption to the Intel QuickAssist Technology PMD. Signed-off-by: Arkadiusz Kusztal --- doc/guides/cryptodevs/features/qat.ini | 1 + doc/guides/rel_notes/release_24_11.rst | 4 + drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h | 3 + drivers/common/qat/qat_adf/qat_pke.h | 20 ++++ drivers/crypto/qat/qat_asym.c | 140 +++++++++++++++++++++++- 5 files changed, 162 insertions(+), 6 deletions(-) diff --git a/doc/guides/cryptodevs/features/qat.ini b/doc/guides/cryptodevs/features/qat.ini index f41d29158f..219dd1e011 100644 --- a/doc/guides/cryptodevs/features/qat.ini +++ b/doc/guides/cryptodevs/features/qat.ini @@ -71,6 +71,7 @@ ZUC EIA3 = Y AES CMAC (128) = Y SM3 = Y SM3 HMAC = Y +SM2 = Y ; ; Supported AEAD algorithms of the 'qat' crypto driver. diff --git a/doc/guides/rel_notes/release_24_11.rst b/doc/guides/rel_notes/release_24_11.rst index e0a9aa55a1..e56824310b 100644 --- a/doc/guides/rel_notes/release_24_11.rst +++ b/doc/guides/rel_notes/release_24_11.rst @@ -67,6 +67,10 @@ New Features The new statistics are useful for debugging and profiling. +* **Updated the QuickAssist Technology (QAT) Crypto PMD.** + + * Added SM2 encryption and decryption algorithms. + Removed Items ------------- diff --git a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h index 630c6e1a9b..aa49612ca1 100644 --- a/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h +++ b/drivers/common/qat/qat_adf/icp_qat_fw_mmp_ids.h @@ -1542,6 +1542,9 @@ icp_qat_fw_mmp_ecdsa_verify_gfp_521_input::in in @endlink * @li no output parameters */ +#define PKE_ECSM2_ENCRYPTION 0x25221720 +#define PKE_ECSM2_DECRYPTION 0x201716e6 + #define PKE_LIVENESS 0x00000001 /**< Functionality ID for PKE_LIVENESS * @li 0 input parameter(s) diff --git a/drivers/common/qat/qat_adf/qat_pke.h b/drivers/common/qat/qat_adf/qat_pke.h index f88932a275..ac051e965d 100644 --- a/drivers/common/qat/qat_adf/qat_pke.h +++ b/drivers/common/qat/qat_adf/qat_pke.h @@ -334,4 +334,24 @@ get_sm2_ecdsa_verify_function(void) return qat_function; } +static struct qat_asym_function +get_sm2_encryption_function(void) +{ + struct qat_asym_function qat_function = { + PKE_ECSM2_ENCRYPTION, 32 + }; + + return qat_function; +} + +static struct qat_asym_function +get_sm2_decryption_function(void) +{ + struct qat_asym_function qat_function = { + PKE_ECSM2_DECRYPTION, 32 + }; + + return qat_function; +} + #endif diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c index e43884e69b..3ce48a1486 100644 --- a/drivers/crypto/qat/qat_asym.c +++ b/drivers/crypto/qat/qat_asym.c @@ -932,6 +932,15 @@ sm2_ecdsa_sign_set_input(struct icp_qat_fw_pke_request *qat_req, qat_req->input_param_count = 3; qat_req->output_param_count = 2; + HEXDUMP("SM2 K test", asym_op->sm2.k.data, + cookie->alg_bytesize); + HEXDUMP("SM2 K", cookie->input_array[0], + cookie->alg_bytesize); + HEXDUMP("SM2 msg", cookie->input_array[1], + cookie->alg_bytesize); + HEXDUMP("SM2 pkey", cookie->input_array[2], + cookie->alg_bytesize); + return RTE_CRYPTO_OP_STATUS_SUCCESS; } @@ -983,6 +992,114 @@ sm2_ecdsa_sign_collect(struct rte_crypto_asym_op *asym_op, } static int +sm2_encryption_set_input(struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) +{ + const struct qat_asym_function qat_function = + get_sm2_encryption_function(); + const uint32_t qat_func_alignsize = + qat_function.bytesize; + + SET_PKE_LN(asym_op->sm2.k, qat_func_alignsize, 0); + SET_PKE_LN(xform->ec.q.x, qat_func_alignsize, 1); + SET_PKE_LN(xform->ec.q.y, qat_func_alignsize, 2); + + cookie->alg_bytesize = qat_function.bytesize; + cookie->qat_func_alignsize = qat_function.bytesize; + qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id; + qat_req->input_param_count = 3; + qat_req->output_param_count = 4; + + HEXDUMP("SM2 K", cookie->input_array[0], + qat_func_alignsize); + HEXDUMP("SM2 Q.x", cookie->input_array[1], + qat_func_alignsize); + HEXDUMP("SM2 Q.y", cookie->input_array[2], + qat_func_alignsize); + + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + +static uint8_t +sm2_encryption_collect(struct rte_crypto_asym_op *asym_op, + const struct qat_asym_op_cookie *cookie) +{ + uint32_t alg_bytesize = cookie->alg_bytesize; + + rte_memcpy(asym_op->sm2.C1.x.data, cookie->output_array[0], alg_bytesize); + rte_memcpy(asym_op->sm2.C1.y.data, cookie->output_array[1], alg_bytesize); + rte_memcpy(asym_op->sm2.kP.x.data, cookie->output_array[2], alg_bytesize); + rte_memcpy(asym_op->sm2.kP.y.data, cookie->output_array[3], alg_bytesize); + asym_op->sm2.C1.x.length = alg_bytesize; + asym_op->sm2.C1.y.length = alg_bytesize; + asym_op->sm2.kP.x.length = alg_bytesize; + asym_op->sm2.kP.y.length = alg_bytesize; + + HEXDUMP("C1[x1]", cookie->output_array[0], + alg_bytesize); + HEXDUMP("C1[y]", cookie->output_array[1], + alg_bytesize); + HEXDUMP("kP[x]", cookie->output_array[2], + alg_bytesize); + HEXDUMP("kP[y]", cookie->output_array[3], + alg_bytesize); + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + + +static int +sm2_decryption_set_input(struct icp_qat_fw_pke_request *qat_req, + struct qat_asym_op_cookie *cookie, + const struct rte_crypto_asym_op *asym_op, + const struct rte_crypto_asym_xform *xform) +{ + const struct qat_asym_function qat_function = + get_sm2_decryption_function(); + const uint32_t qat_func_alignsize = + qat_function.bytesize; + + SET_PKE_LN(xform->ec.pkey, qat_func_alignsize, 0); + SET_PKE_LN(asym_op->sm2.C1.x, qat_func_alignsize, 1); + SET_PKE_LN(asym_op->sm2.C1.y, qat_func_alignsize, 2); + + cookie->alg_bytesize = qat_function.bytesize; + cookie->qat_func_alignsize = qat_function.bytesize; + qat_req->pke_hdr.cd_pars.func_id = qat_function.func_id; + qat_req->input_param_count = 3; + qat_req->output_param_count = 2; + + HEXDUMP("d", cookie->input_array[0], + qat_func_alignsize); + HEXDUMP("C1[x]", cookie->input_array[1], + qat_func_alignsize); + HEXDUMP("C1[y]", cookie->input_array[2], + qat_func_alignsize); + + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + + +static uint8_t +sm2_decryption_collect(struct rte_crypto_asym_op *asym_op, + const struct qat_asym_op_cookie *cookie) +{ + uint32_t alg_bytesize = cookie->alg_bytesize; + + rte_memcpy(asym_op->sm2.kP.x.data, cookie->output_array[0], alg_bytesize); + rte_memcpy(asym_op->sm2.kP.y.data, cookie->output_array[1], alg_bytesize); + asym_op->sm2.kP.x.length = alg_bytesize; + asym_op->sm2.kP.y.length = alg_bytesize; + + HEXDUMP("kP[x]", cookie->output_array[0], + alg_bytesize); + HEXDUMP("kP[y]", cookie->output_array[1], + alg_bytesize); + return RTE_CRYPTO_OP_STATUS_SUCCESS; +} + +static int asym_set_input(struct icp_qat_fw_pke_request *qat_req, struct qat_asym_op_cookie *cookie, const struct rte_crypto_asym_op *asym_op, @@ -1014,14 +1131,20 @@ asym_set_input(struct icp_qat_fw_pke_request *qat_req, asym_op, xform); } case RTE_CRYPTO_ASYM_XFORM_SM2: - if (asym_op->sm2.op_type == - RTE_CRYPTO_ASYM_OP_VERIFY) { + if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) { + return sm2_encryption_set_input(qat_req, cookie, + asym_op, xform); + } else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) { + return sm2_decryption_set_input(qat_req, cookie, + asym_op, xform); + } else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_VERIFY) { return sm2_ecdsa_verify_set_input(qat_req, cookie, asym_op, xform); - } else { + } else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_SIGN) { return sm2_ecdsa_sign_set_input(qat_req, cookie, asym_op, xform); } + break; default: QAT_LOG(ERR, "Invalid/unsupported asymmetric crypto xform"); return -EINVAL; @@ -1113,7 +1236,13 @@ qat_asym_collect_response(struct rte_crypto_op *op, case RTE_CRYPTO_ASYM_XFORM_ECDH: return ecdh_collect(asym_op, cookie); case RTE_CRYPTO_ASYM_XFORM_SM2: - return sm2_ecdsa_sign_collect(asym_op, cookie); + if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) + return sm2_encryption_collect(asym_op, cookie); + else if (asym_op->sm2.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) + return sm2_decryption_collect(asym_op, cookie); + else + return sm2_ecdsa_sign_collect(asym_op, cookie); + default: QAT_LOG(ERR, "Not supported xform type"); return RTE_CRYPTO_OP_STATUS_ERROR; @@ -1385,9 +1514,8 @@ qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused, case RTE_CRYPTO_ASYM_XFORM_ECDSA: case RTE_CRYPTO_ASYM_XFORM_ECPM: case RTE_CRYPTO_ASYM_XFORM_ECDH: - session_set_ec(qat_session, xform); - break; case RTE_CRYPTO_ASYM_XFORM_SM2: + session_set_ec(qat_session, xform); break; default: ret = -ENOTSUP; From patchwork Tue Oct 8 18:14:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kusztal, ArkadiuszX" X-Patchwork-Id: 145507 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A3ED945AE9; Tue, 8 Oct 2024 21:30:00 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2E1DB40E64; Tue, 8 Oct 2024 21:29:44 +0200 (CEST) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mails.dpdk.org (Postfix) with ESMTP id 4808B40E64 for ; Tue, 8 Oct 2024 21:29:42 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1728415782; x=1759951782; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=0zdG+76vY0BeqlqBwNvgnLphkt2Ji1eF0DDcQ0XWV6I=; b=PiW9KPRijH8fS0kqEtD50+/l/kX2T6GP+fSdFKe9zjpYEiK1AwrnxJtZ ankgwkSWC5eaQM6znY4C1YB7OGoxZ4vpQL8e3JnNk4vDVC1J3E+Wf3xLW yoJvr7I/s5KgK1jc46AnKzxr+GX6CQt3jj/OnKLJJkJny5c/zmisHGgw5 yxFs/zQBAyyvMMhia9uUnGcHTzu3wF/frMKYMJ+dCVWF57zIQnvNS0KUr N6HpKWtglL10MwIaTZfMALcvo0/JKNVFmnaJIJz4d+Ta9bY/fqt0nM5Al VS3UBf/j3LJjVUmJ/S2FgUdftBaauVHZHX7c4wMUd+Z0bFXFeqUJjhss1 w==; X-CSE-ConnectionGUID: A2iioxjvQ3+igZhdH6Vt3A== X-CSE-MsgGUID: 7mgr3zx8TKyRgrJhDe9KfA== X-IronPort-AV: E=McAfee;i="6700,10204,11219"; a="27808873" X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="27808873" Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Oct 2024 12:29:42 -0700 X-CSE-ConnectionGUID: ruonekDlTMGUg16h2evWnQ== X-CSE-MsgGUID: 1z/PauNtQJmlhFoJe8u15Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,187,1725346800"; d="scan'208";a="80540599" Received: from silpixa00399302.ir.intel.com ([10.237.214.22]) by fmviesa004.fm.intel.com with ESMTP; 08 Oct 2024 12:29:40 -0700 From: Arkadiusz Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, brian.dooley@intel.com, Arkadiusz Kusztal Subject: [PATCH v4 4/4] app/test: add test sm2 C1/Kp test cases Date: Tue, 8 Oct 2024 19:14:33 +0100 Message-Id: <20241008181433.57591-5-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> References: <20241008062845.11071-1-arkadiuszx.kusztal@intel.com> <20241008181433.57591-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit adds tests cases to be used when C1 or kP elliptic curve points need to be computed. Signed-off-by: Arkadiusz Kusztal --- app/test/test_cryptodev_asym.c | 138 ++++++++++++++++++++++++++++- app/test/test_cryptodev_sm2_test_vectors.h | 112 ++++++++++++++++++++++- 2 files changed, 246 insertions(+), 4 deletions(-) diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c index d9b260d50e..c1437b52f6 100644 --- a/app/test/test_cryptodev_asym.c +++ b/app/test/test_cryptodev_asym.c @@ -2637,6 +2637,8 @@ test_sm2_sign(void) asym_op->sm2.k.data = input_params.k.data; asym_op->sm2.k.length = input_params.k.length; } + asym_op->sm2.k.data = input_params.k.data; + asym_op->sm2.k.length = input_params.k.length; /* Init out buf */ asym_op->sm2.r.data = output_buf_r; @@ -3192,7 +3194,7 @@ static int send_one(void) ticks++; if (ticks >= DEQ_TIMEOUT) { RTE_LOG(ERR, USER1, - "line %u FAILED: Cannot dequeue the crypto op on device %d", + "line %u FAILED: Cannot dequeue the crypto op on device, timeout %d", __LINE__, params->valid_devs[0]); return TEST_FAILED; } @@ -3497,6 +3499,132 @@ kat_rsa_decrypt_crt(const void *data) return 0; } +static int +test_sm2_partial_encryption(const void *data) +{ + struct rte_crypto_asym_xform xform = { 0 }; + const uint8_t dev_id = params->valid_devs[0]; + const struct crypto_testsuite_sm2_params *test_vector = data; + uint8_t result_C1_x1[TEST_DATA_SIZE] = { 0 }; + uint8_t result_C1_y1[TEST_DATA_SIZE] = { 0 }; + uint8_t result_kP_x1[TEST_DATA_SIZE] = { 0 }; + uint8_t result_kP_y1[TEST_DATA_SIZE] = { 0 }; + struct rte_cryptodev_asym_capability_idx idx; + const struct rte_cryptodev_asymmetric_xform_capability *capa; + + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return TEST_SKIPPED; + if (!rte_cryptodev_asym_xform_capability_check_opcap(capa, + RTE_CRYPTO_ASYM_OP_ENCRYPT, RTE_CRYPTO_SM2_PARTIAL)) { + return TEST_SKIPPED; + } + + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; + xform.ec.curve_id = RTE_CRYPTO_EC_GROUP_SM2; + xform.ec.q = test_vector->pubkey; + self->op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT; + self->op->asym->sm2.k = test_vector->k; + if (rte_cryptodev_asym_session_create(dev_id, &xform, + params->session_mpool, &self->sess) < 0) { + RTE_LOG(ERR, USER1, "line %u FAILED: Session creation failed", + __LINE__); + return TEST_FAILED; + } + rte_crypto_op_attach_asym_session(self->op, self->sess); + + self->op->asym->sm2.C1.x.data = result_C1_x1; + self->op->asym->sm2.C1.y.data = result_C1_y1; + self->op->asym->sm2.kP.x.data = result_kP_x1; + self->op->asym->sm2.kP.y.data = result_kP_y1; + TEST_ASSERT_SUCCESS(send_one(), + "Failed to process crypto op"); + + debug_hexdump(stdout, "C1[x]", self->op->asym->sm2.C1.x.data, + self->op->asym->sm2.C1.x.length); + debug_hexdump(stdout, "C1[y]", self->op->asym->sm2.C1.y.data, + self->op->asym->sm2.C1.y.length); + debug_hexdump(stdout, "kP[x]", self->op->asym->sm2.kP.x.data, + self->op->asym->sm2.kP.x.length); + debug_hexdump(stdout, "kP[y]", self->op->asym->sm2.kP.y.data, + self->op->asym->sm2.kP.y.length); + + TEST_ASSERT_BUFFERS_ARE_EQUAL(test_vector->C1.x.data, + self->op->asym->sm2.C1.x.data, + test_vector->C1.x.length, + "Incorrect value of C1[x]\n"); + TEST_ASSERT_BUFFERS_ARE_EQUAL(test_vector->C1.y.data, + self->op->asym->sm2.C1.y.data, + test_vector->C1.y.length, + "Incorrect value of C1[y]\n"); + TEST_ASSERT_BUFFERS_ARE_EQUAL(test_vector->kP.x.data, + self->op->asym->sm2.kP.x.data, + test_vector->kP.x.length, + "Incorrect value of kP[x]\n"); + TEST_ASSERT_BUFFERS_ARE_EQUAL(test_vector->kP.y.data, + self->op->asym->sm2.kP.y.data, + test_vector->kP.y.length, + "Incorrect value of kP[y]\n"); + + return TEST_SUCCESS; +} + +static int +test_sm2_partial_decryption(const void *data) +{ + struct rte_crypto_asym_xform xform = {}; + const uint8_t dev_id = params->valid_devs[0]; + const struct crypto_testsuite_sm2_params *test_vector = data; + uint8_t result_kP_x1[TEST_DATA_SIZE] = { 0 }; + uint8_t result_kP_y1[TEST_DATA_SIZE] = { 0 }; + struct rte_cryptodev_asym_capability_idx idx; + const struct rte_cryptodev_asymmetric_xform_capability *capa; + + idx.type = RTE_CRYPTO_ASYM_XFORM_SM2; + capa = rte_cryptodev_asym_capability_get(dev_id, &idx); + if (capa == NULL) + return TEST_SKIPPED; + if (!rte_cryptodev_asym_xform_capability_check_opcap(capa, + RTE_CRYPTO_ASYM_OP_DECRYPT, RTE_CRYPTO_SM2_PARTIAL)) { + return TEST_SKIPPED; + } + + xform.xform_type = RTE_CRYPTO_ASYM_XFORM_SM2; + xform.ec.pkey = test_vector->pkey; + self->op->asym->sm2.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT; + self->op->asym->sm2.C1 = test_vector->C1; + + if (rte_cryptodev_asym_session_create(dev_id, &xform, + params->session_mpool, &self->sess) < 0) { + RTE_LOG(ERR, USER1, "line %u FAILED: Session creation failed", + __LINE__); + return TEST_FAILED; + } + rte_crypto_op_attach_asym_session(self->op, self->sess); + + self->op->asym->sm2.kP.x.data = result_kP_x1; + self->op->asym->sm2.kP.y.data = result_kP_y1; + TEST_ASSERT_SUCCESS(send_one(), + "Failed to process crypto op"); + + debug_hexdump(stdout, "kP[x]", self->op->asym->sm2.kP.x.data, + self->op->asym->sm2.C1.x.length); + debug_hexdump(stdout, "kP[y]", self->op->asym->sm2.kP.y.data, + self->op->asym->sm2.C1.y.length); + + TEST_ASSERT_BUFFERS_ARE_EQUAL(test_vector->kP.x.data, + self->op->asym->sm2.kP.x.data, + test_vector->kP.x.length, + "Incorrect value of kP[x]\n"); + TEST_ASSERT_BUFFERS_ARE_EQUAL(test_vector->kP.y.data, + self->op->asym->sm2.kP.y.data, + test_vector->kP.y.length, + "Incorrect value of kP[y]\n"); + + return 0; +} + static struct unit_test_suite cryptodev_openssl_asym_testsuite = { .suite_name = "Crypto Device OPENSSL ASYM Unit Test Suite", .setup = testsuite_setup, @@ -3561,6 +3689,14 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = { .teardown = testsuite_teardown, .unit_test_cases = { TEST_CASE_NAMED_WITH_DATA( + "SM2 encryption - test case 1", + ut_setup_asym, ut_teardown_asym, + test_sm2_partial_encryption, &sm2_enc_hw_t1), + TEST_CASE_NAMED_WITH_DATA( + "SM2 decryption - test case 1", + ut_setup_asym, ut_teardown_asym, + test_sm2_partial_decryption, &sm2_enc_hw_t1), + TEST_CASE_NAMED_WITH_DATA( "Modular Exponentiation (mod=128, base=20, exp=3, res=128)", ut_setup_asym, ut_teardown_asym, modular_exponentiation, &modex_test_case_m128_b20_e3), diff --git a/app/test/test_cryptodev_sm2_test_vectors.h b/app/test/test_cryptodev_sm2_test_vectors.h index 41f5f7074a..92f7e77671 100644 --- a/app/test/test_cryptodev_sm2_test_vectors.h +++ b/app/test/test_cryptodev_sm2_test_vectors.h @@ -8,19 +8,125 @@ #include "rte_crypto_asym.h" struct crypto_testsuite_sm2_params { - rte_crypto_param pubkey_qx; - rte_crypto_param pubkey_qy; + union { + struct { + rte_crypto_param pubkey_qx; + rte_crypto_param pubkey_qy; + }; + struct rte_crypto_ec_point pubkey; + }; rte_crypto_param pkey; rte_crypto_param k; rte_crypto_param sign_r; rte_crypto_param sign_s; rte_crypto_param id; - rte_crypto_param cipher; + union { + rte_crypto_param cipher; + struct { + struct rte_crypto_ec_point C1; + struct rte_crypto_ec_point kP; + }; + }; rte_crypto_param message; rte_crypto_param digest; int curve; }; +uint8_t sm2_enc_pub_x_t1[] = { + 0x26, 0xf1, 0xf3, 0xef, 0x12, 0x27, 0x85, 0xd1, + 0x7d, 0x38, 0x70, 0xc2, 0x43, 0x46, 0x50, 0x36, + 0x3f, 0xdf, 0x4b, 0x2f, 0x45, 0x0e, 0x8e, 0xd1, + 0xb6, 0x0f, 0xdc, 0x1f, 0xc6, 0xf0, 0x19, 0xab +}; +uint8_t sm2_enc_pub_y_t1[] = { + 0xd9, 0x19, 0x8b, 0xdb, 0xef, 0xa5, 0x84, 0x76, + 0xec, 0x82, 0x25, 0x12, 0x5b, 0x8c, 0xe3, 0xe1, + 0x0a, 0x10, 0x0d, 0xc6, 0x97, 0x6c, 0xc1, 0x89, + 0xd9, 0x6d, 0xa6, 0x88, 0x9e, 0xbc, 0xd3, 0x7a +}; +uint8_t sm2_k_t1[] = { + 0x12, 0x34, 0x56, 0x78, 0xB9, 0x6E, 0x5A, 0xF7, + 0x0B, 0xD4, 0x80, 0xB4, 0x72, 0x40, 0x9A, 0x9A, + 0x32, 0x72, 0x57, 0xF1, 0xEB, 0xB7, 0x3F, 0x5B, + 0x07, 0x33, 0x54, 0xB2, 0x48, 0x66, 0x85, 0x63 +}; + +uint8_t sm2_C1_x_t1[] = { + 0x15, 0xf6, 0xb7, 0x49, 0x00, 0x39, 0x73, 0x9d, + 0x5b, 0xb3, 0xd3, 0xe9, 0x1d, 0xe4, 0xc8, 0xbd, + 0x08, 0xe3, 0x6a, 0x22, 0xff, 0x1a, 0xbf, 0xdc, + 0x75, 0x6b, 0x12, 0x85, 0x81, 0xc5, 0x8b, 0xcf +}; + +uint8_t sm2_C1_y_t1[] = { + 0x6a, 0x92, 0xd4, 0xd8, 0x13, 0xec, 0x8f, 0x9a, + 0x9d, 0xbe, 0x51, 0x47, 0x6f, 0x54, 0xc5, 0x41, + 0x98, 0xf5, 0x5f, 0x83, 0xce, 0x1c, 0x18, 0x1a, + 0x48, 0xbd, 0xeb, 0x38, 0x13, 0x67, 0x0d, 0x06 +}; + +uint8_t sm2_kP_x_t1[] = { + 0x6b, 0xfb, 0x9a, 0xcb, 0xc6, 0xb6, 0x36, 0x31, + 0x0f, 0xd1, 0xdd, 0x9c, 0x9f, 0x17, 0x5f, 0x3f, + 0x68, 0x13, 0x96, 0xd2, 0x54, 0x5b, 0xa6, 0x19, + 0x78, 0x1f, 0x87, 0x3d, 0x81, 0xc3, 0x21, 0x01 +}; + +uint8_t sm2_kP_y_t1[] = { + 0xa4, 0x08, 0xf3, 0x74, 0x35, 0x51, 0x8c, 0x81, + 0x06, 0x4c, 0x8f, 0x31, 0x49, 0xe3, 0x5b, 0x4d, + 0xfc, 0x3d, 0x19, 0xac, 0x7d, 0x07, 0xd0, 0x9a, + 0x99, 0x5a, 0x25, 0x16, 0x66, 0xff, 0x41, 0x3c +}; + +uint8_t sm2_kP_d_t1[] = { + 0x6F, 0xCB, 0xA2, 0xEF, 0x9A, 0xE0, 0xAB, 0x90, + 0x2B, 0xC3, 0xBD, 0xE3, 0xFF, 0x91, 0x5D, 0x44, + 0xBA, 0x4C, 0xC7, 0x8F, 0x88, 0xE2, 0xF8, 0xE7, + 0xF8, 0x99, 0x6D, 0x3B, 0x8C, 0xCE, 0xED, 0xEE +}; + +struct crypto_testsuite_sm2_params sm2_enc_hw_t1 = { + .k = { + .data = sm2_k_t1, + .length = sizeof(sm2_k_t1) + }, + .pubkey = { + .x = { + .data = sm2_enc_pub_x_t1, + .length = sizeof(sm2_enc_pub_x_t1) + }, + .y = { + .data = sm2_enc_pub_y_t1, + .length = sizeof(sm2_enc_pub_y_t1) + } + }, + .C1 = { + .x = { + .data = sm2_C1_x_t1, + .length = sizeof(sm2_C1_x_t1) + }, + .y = { + .data = sm2_C1_y_t1, + .length = sizeof(sm2_C1_y_t1) + } + }, + .kP = { + .x = { + .data = sm2_kP_x_t1, + .length = sizeof(sm2_kP_x_t1) + }, + .y = { + .data = sm2_kP_y_t1, + .length = sizeof(sm2_kP_y_t1) + } + }, + .pkey = { + .data = sm2_kP_d_t1, + .length = sizeof(sm2_kP_d_t1) + } +}; + static uint8_t fp256_pkey[] = { 0x77, 0x84, 0x35, 0x65, 0x4c, 0x7a, 0x6d, 0xb1, 0x1e, 0x63, 0x0b, 0x41, 0x97, 0x36, 0x04, 0xf4,