This TR-31 Key Block Web Tool is based on the paysec Rust library and a WebAssembly (Wasm) binding, providing a test interface for handling cryptographic keys according to the TR-31 key block format, specifically version 'D'. This format is consistent with ANS X9.24 Retail Financial Services Symmetric Key Management Part 1, ensuring secure exchange and storage of keys between devices sharing a symmetric key exchange key.
The Key Block structure comprises three parts: a non-encrypted Key Block Header (KBH) detailing key and block attributes, the confidential data / payload (the key or sensitive data, including padding), and a 16-byte MAC for integrity and authentication. This tool currently supports only version 'D' for wrapping and unwrapping key blocks, which utilizes AES-CMAC for the derivation of encryption and authentication key.
This tool serves as an educational and testing resource, demonstrating the principles of key wrapping and unwrapping in line with TR-31 standards. For copyright and license information, refer to the paysec GitHub repository.
window.crypto.getRandomValues
. The seed must be at
least as long as the calculated padding length.
This tool is designed for ease of use and flexibility, accommodating both simple header generation and key wrapping use cases. It allows comprehensive testing and experimentation with TR-31 key block formats. For feedback or issues, please contact David Schmid at mail@join.tech.