TR-31 optional block data

Edit online

A TR-31 key block can contain standard defined optional blocks and optional blocks with IBM-defined data.

See ANSI X9.143-2022: Retail Financial Services Interoperable Secure Key Block Specification for the definition of a TR-31 key block and for a full list of standard defined optional blocks. A TR-31 key block can contain one or more optional blocks. A TR-31 key block contains at least one optional block when byte numbers 12 - 13 are a value other than ASCII string "00".

DA optional block

The DA optional block is a standard optional block used to define derivations allowed for derivation keys. That is to say, it allows the user to set which types of keys a derivation key can create. The DA optional block can only be set in a TR-31 key block with TR-31 key usage B3, otherwise it is not allowed. This block will contain one or more sets of key attributes, up to a maximum of 49 sets, contained in 5 byte ASCII strings. Each string will contain key usage, algorithm, TR-31 mode of key use, and exportability. For example, imagine you want to limit your B3 TR-31 key token to only generate PIN encryption keys, that use the TDEA algorithm, and that are only allowed to encrypt, and that are exportable. For these attributes and purposes, you would place the following string into your DA optional block: 

P0TEE

Here are a few other examples and their breakdowns:

P0TDE (P0, T, D, E)

  • Only the following derivation is allowed: PIN Encryption key usage P0, TDEA algorithm, Decrypt only TR-31 mode of key use, Exportable

P0TEED0AEN (P0, T, E, E, D0, A, E, N)

  • First Derivation allowed: PIN Encryption key usage P0, TDEA algorithm, Encrypt only mode of use, Exportable
  • Second Derivation allowed: Symmetric Data Encryption key usage D0, AES algorithm, Encrypt Only mode of use, Not Exportable
Note: When using a B3 key token containing a DA optional block, the key attributes of the key being derived must be an exact match of one of the derivations in the DA optional block. For example, if the DA optional block contains D0TEED0TDN, but the key that is being derived requires D0TEN, it is rejected.

IBM-defined optional block

The data of an IBM-defined optional block contains ASCII string 10 (X'3130') in the first two bytes, and contains ASCII string IBMC (X'49424D43') beginning at offset 4 of the data. CCA treats an optional block with these characteristics as a proprietary container for a CCA control vector. See Table 1. An optional block with different characteristics is ignored by CCA.
If a TR-31 key block contains an optional block as defined by Table 1, the data contains a copy of the control vector, or the IBM internal controls. If offset 8 of the optional block is set to 0x3031, then the optional block contains an 8-byte or 16-byte DES control vector that was in the CCA key-token of the key being exported. The copied control vector is in hex-ASCII format.

The control vector is only copied from the CCA key-token when the user of the TR31 Translate verb specifies a control vector transport control keyword (INCL-CV or ATTR-CV):

  1. If the optional block contains a control vector as the result of specifying the INCL-CV keyword during export, the key usage and mode of use fields indicate the key attributes, and these attributes are verified during export to be compatible with the ones in the included control vector.
  2. If the optional block contains a control vector as the result of specifying the ATTR-CV keyword during export, the key usage field (byte number 5 - 6 of the TR-31 key block) is set to the proprietary value 10 (X'3130'), and the mode of use field (byte number 8) is set to the proprietary value 1 (X'31'). These proprietary values indicate that the key attributes are specified in the included control vector.
If offset 8 of the optional block is set to 0x3032, then the optional block contains an IBM internal controls structure as described in Table 2. See Introduction to TR-31 symmetric key management for additional information on how CCA uses an IBM-defined optional block in a TR-31 key block.
Table 1. IBM optional block data in a TR-31 key block
Offset (bytes) Length (bytes) Description
00 02 Proprietary ID of TR-31 optional block (alphanumeric-ASCII):
X'3130'
IBM proprietary optional block (ASCII string 10)
02 02 Length of optional block (hex-ASCII):
For TLV valued to 01:
X'3143'
"1C" for 8-byte (single-length) control vector.
X'3243'
"2C" for 16-byte (double-length) control vector.
For TLV valued to 02:
X'3243'
"24" for 12-byte IBM internal controls.
04 04 Magic value (alphanumeric-ASCII):
X'49424D43'
A constant value ("IBMC") used to reduce ambiguity and the chance for false interpretation of the proprietary optional blocks of non-IBM vendors.

An optional block that uses the same proprietary ID but does not include this magic value will be ignored.
08 02 Tag-length-value (TLV) ID (numeric-ASCII):
X'3031'
IBM CCA control vector (01)
X'3032'
IBM internal X9-SWKB controls (02)
10 02 Length of TLV (hex-ASCII)
For TLV valued to 01:
X'3134'
"14" (decimal 20) TLV of 8-byte control vector
X'3234'
"24" (decimal 36) TLV of 16-byte control vector
For TLV valued to 02:
X'3143'
"1C" (decimal 28) TLV of 12-byte (24 byte ASCII hex) IBM internal controls
12 16, 24, or 32 For TLV ID X’3031’: This should be 16 or 32 bytes long and contain the control vector (hex- ASCII)
For TLV ID X’3032’: This should be 24 bytes long and contain the IBM Internal X9- SWKB controls as defined in Table 2. The 12 bytes in Table 2 are represented as a 24 byte hex ASCII string.

IBM optional block internal controls

The IBM optional block with TLV ID ’02’ (X’3032’) consists of 12 bytes that are represented using 24 hex ASCII bytes. The 12 bytes are built as follows:

  • The first four bytes are general bytes applicable to all optional blocks.
  • The second four bytes are type specific and only used for certain TR-31 key usages. Currently only the first byte of this set is used. These bytes will be set to zero if they are unused.
    Note: For CCA 8.1, these controls (the controls specified in the second four bytes) are not added, and the first bit of this byte (bit 32) is set to 1 to indicate that there are NO CONTROLS ADDED YET. Anything else that is in the byte is ignored if bit 32 is set to 1. When further controls are added, this should be set to 0 to indicate that this byte information should be used.
  • The last four bytes are reserved for future use and should be set to 0.

The first byte (offset 12) with bit fields 0 through 7 set as 00000ceD is a general flag byte applicable for all optional blocks. The flags are as follows:

  • Bit 0: reserved, 0
  • Bit 1: reserved, 0
  • Bit 2: reserved, 0
  • Bit 3: reserved, 0
  • Bit 4: reserved, 0
  • Bit 5: 1 = Compliance Tag (see c in 00000ceD)
  • Bit 6: 1 = CPACF export bit control (see e in 00000ceD)
  • Bit 7: 1 = Only usable in DK services, DKPINOP/KUF equivalent (see D in 00000ceD)

The following three bytes are used as the KDF indicator and should be set as follows:

  • Second byte (offset 13): 0x00
  • Third byte (offset 14): 0x00
  • Fourth byte (offset 15), KDF indicator:
    • 0x00: No KDF / comp-tag indicator
    • 0x04: Comp-tag KDF for TR-31
The fifth byte (offset 16), contains type-specific flags.
Note: These controls (starting with the fifth byte) are for future purposes and are not yet supported. The first bit of this byte (bit 32) is set to 1 to indicate that there are no controls added yet and the rest of the bits are set to 0 (that means: 10000000). Everything else in this byte is ignored if bit 32 is set to 1.
Table 2. IBM optional block internal controls bytes
Key Usage <00...07> <08...15> <16...23> <24...31> <32...39> <40...95>
All Types 00000ceD 00000000 00000000 00000K00 x0000000 reserved
B0 00000ceD 00000000 00000000 00000K00 x00000xx reserved
B1 00000ceD 00000000 00000000 00000K00 x00000xx reserved
B3 00000ceD 00000000 00000000 00000K00 x0000xxx reserved
C0 00000ceD 00000000 00000000 00000K00 x00000xx reserved
E0 00000ceD 00000000 00000000 00000K00 x0000xxx reserved
E1 00000ceD 00000000 00000000 00000K00 x0000xxx reserved
E2 00000ceD 00000000 00000000 00000K00 x0000xxx reserved
E3 00000ceD 00000000 00000000 00000K00 x0000xxx reserved
E4 00000ceD 00000000 00000000 00000K00 x0000xxx reserved
E5 00000ceD 00000000 00000000 00000K00 x0000xxx reserved
F1 00000ceD 00000000 00000000 00000K00 x00000xx reserved
K0 00000ceD 00000000 00000000 00000K00 x000000x reserved
M0 00000ceD 00000000 00000000 00000K00 x000000x reserved
V0 00000ceD 00000000 00000000 00000K00 x000xxxx reserved
V1 00000ceD 00000000 00000000 00000K00 x000000x reserved