DES external key token

The format for a DES external key token. DES key tokens are almost always in a fixed-length token, except for a DESUSECV key type in a variable-length symmetric key token.

Table 1 shows the format for a DES external key token.
Table 1. DES external key token format

DES external key token format

Bytes Description
0 X'02' (flag indicating an external key token)
1 Reserved (X'00')
2 - 3 Implementation-dependent bytes (X'0000' for CCA)
4 Key token version number (X'00' or X'01')
5 Reserved (X'00')
6 Flag byte
Bit
Meaning When Set On
0
Encrypted key is present.
1
Control vector (CV) value has been applied to the key.

Other bits are reserved and are binary zeros.

7 Flag byte
Bit
Meaning When Set On
0-2
Key value encryption method.
  • 000 - The key is encrypted by using the original CCA method (ECB).
  • 001 - The encrypted key is wrapped using the enhanced method and SHA-1 (WRAP-ENH).
  • 010 - The encrypted key is wrapped using the enhanced method and SHA-256 (WRAPENH2). Requires CV bit ENH-ONLY to be enabled. Only valid with version X’00’ tokens.
  • 011 - The encrypted key is wrapped using the enhanced method 3 and SHA-256 (WRAPENH3). Requires CV bit ENH-ONLY to be enabled. Only valid with version X’00’ tokens.

All other bit combinations are reserved and undefined and must be zero.

These bits are ignored if the token contains no key or a clear key.

3-7
Reserved.
8 - 15 Reserved (X'0000000000000000')
16 - 23 Single-length key or left half of a double-length key, or Part A of a triple-length key. The value is encrypted under a transport key.
24 - 31 X'0000000000000000' if a single-length key or right half of a double-length key, or Part B of a triple-length key. The right half of a double-length key or Part B of a triple-length key is encrypted under a transport (key-encrypting key) for export or import. For WRAPENH3, this field always holds ciphertext in order to obfuscate the length of a single or double-length key. The CCA coprocessor uses the effective length (determined by the number of repeated 56-bit sections, if any) of the key to determine key strength for wrapping of other keys or other key strength comparisons.
32 - 39 The control vector (CV) for single-length key or the left half of CV for double-length key. For WRAPENH3, this field has an update to the key form bits (bits 41-42). These bits always have the value '11', which indicates a triple-length key.
40 - 47 X'0000000000000000' if a single-length key or the right half of the control vector for a double-length operational key. For WRAPENH3, this field holds an 8 byte TDES-CMAC over the entire key block, with this field set to 0x00 bytes before calculation of the TDES-CMAC.
48 - 55 X'0000000000000000' if a single-length key, double-length key, or Part C of a triple-length key. This key part is encrypted under a transport key-encrypting key when flag bit 0 is on. Otherwise, it is in the clear. For WRAPENH3, this field always holds ciphertext in order to obfuscate the length of a single or double-length key.
56 - 58 Reserved (X'000000')
59 Key length for zero CV DATA keys.
Value
Description
B'00000000'
Single-length key (version 0 only).
B'00010000'
Double-length key (version 1 only).
B'00100000'
Triple-length key (version 1 only).
All other values are reserved and undefined.
60 - 63 Token validation value (see Token validation value and record-validation value for a description).