KDSR record format

The KDSR record format is a new record format for all KDS types (CKDS, PKDS, and TKDS) that allows for reference date tracking. KDSR format records are new for HCR77A1 and the data below is for version X'02' which was introduced in that release. Version X'02' of the KDSR records have three distinct sections: a 140 byte fixed area, a variable length area containing the cryptographic key material (key token), and a variable length metadata area used to store reference dates and other data.

Format of the KDSR format record (Version X'02')

KDSR record sections:

Fixed data area – 140 bytes
Cryptographic key material (key token) – variable length
Metadata area – variable length

Table 1. Format of the KDSR record fixed data area
Offset (Decimal)	Number of bytes	Field name	Description
0	72	VSAM Key	CKDS: Bytes 0-64: Key Label Bytes 65-72: Key Type PKDS: Bytes 0-64: Key Label Bytes 65-72: Reserved TKDS: Bytes 0-31: Token name Bytes 32-39: Sequence number Byte 40: Blank for token. Character "T" for clear token object. Character "Y" for secure token object. Bytes 41-43: Blank characters Bytes 44-71: Binary zeros
72	8		Reserved
80	1	Record Version	Version of the KDSR record format
81	1	KDS Type	1=CKDS, 2=PKDS, 3=TKDS
82	2	KDS Flags	Bit Meaning When Set On 0 The key within the key material field is a partial key. (CKDS only) 1 Label must be unique. (CKDS only)
84	4	KDS Length	Length of entire KDS record including key material and metadata
88	8	Creation Date	The initial date the KDS record was created in the format yyyymmdd.
96	8	Creation Time	The initial time the KDS record was created in the format hhmmssth
104	8	Update Date	The most recent date that this record was updated, in the format yyyymmdd or binary zero if the record has not been updated since creation.
112	8	Update Time	The most recent time that this record was updated, in the format hhmmssth or binary zero if the record has not been updated since creation.
120	4	Key Material Length	Length of the key material portion of the record
124	4	Key Material Offset	Offset of the key material portion of the record, calculated from the start of the record
128	4	Metadata Length	Length of the metadata area
132	4	Metadata Offset	Offset of the metadata area in the record, calculated from the start of the record
136	4	Reserved	Reserved

Table 2. Format of KDSR metadata area
Offset (Decimal)	Number of bytes	Field name	Description
0	1	KDSR_MD_VERSION
1	7		Reserved for IBM use.
8	8	KDSR_MD_REFDATE_STCKE	Reference date in STCKE format, high 8 bytes. Low bit in Byte 5 represents one second.
16	8	KDSR_MD_REFDATE	Reference date in the format `yyyymmdd`.
24	8	KDSR_MD_STARTDATE	Key material validity start date in the format `yyyymmdd`.
32	8	KDSR_MD_ENDDATE	Key material validity end date in the format `yyyymmdd`.
40	variable		Reserved for IBM use.

Table 3. Format of KDSR variable-length metadata block
Offset (Decimal)	Number of bytes	Field name	Description
0	2	KDSR_MD_TLV_TAG	Tag for block.
2	2	KDSR_MD_TLV_LEN	Length of the block which includes the length of the tag and length fields.
4	variable	KDSR_MD_DATA	Data.