Tag Length Value (TLV)

Table of contents

1. Definition
2. Reference
3. Deep Dive

---

Definition

Tag Length Value (TLV) is the encoding rule proposed by X.509 organization. The data that should be included in a certificate have to be encrypted with the format of TLV. TLV is a byte array that has tag indicating what the data is, length specifying its length, and value itself. The TLV allows groups of variable-length data elements to be combined into one buffer. ASN.1 (Abstract Syntax Notation One) specifies TLV standard. TLVs are the subsets of DER (Distinguished Encoding Rules) / BER (Basic Encoding Rules) format certificate. A simple TLV example is shown at [Pic.1]. For thoese who want to learn what is certificate, DER, and BER, please check the reference below. In this topic, we will just focus on TLV.

[Pic.1] Tag-Length-Value Format

Reference

Please refer to the listed reference below. That help you understand what is TLV in deatil.

• Tag Length Value Explanation
• ASN.1 Tag Type
• ASN.1 and BER and DER
• Certificate Introduction
• Value in TVL format

Deep Dive

1. TLV format
   
   • TLV format is described by X.609 as show in [Pic.2]

   
   [Pic.2] Tag-Length-Value Format by X.609

   • Tag: Tag has variable size (1 to 4 byte). It is included in Identifier Octets field. The formate of Tag field is shown in [Pic.3]. Let’s dive into each bit field.

     
     [Pic.3] Identifier (Tag) format

     • bit8 -7: Class field
       • Universal (00h): for types whose meaning is the same in all applications, these types are only defined in X.208.
       • Application (01h): for types whose meaning is specific to an application, such as X.500 directory services, types in two different applications may have the same application-specific tag and different meanings.
       • Context-specific (02h): for types whose meaning is specific to a given structured type, context-specific tags are used to distinguish between component types with the same underlying tag within the context of a given structured type, and component types in two different structured types may have the same tag and different meanings.
       • Private (03h): for types whose meaning is specific to a given enterprise.

         
         [Pic.4] TLV First Byte Format

     • bit6: Set the structure of TLV
       • Primitive (00h): Only single T-L-V format.
       • Constructed (01h): TLV is constructed with the form of netested structure as shown in [Pic.5] picture below.

         
         [Pic.5] Constructed TLV

     • bit5-1: This field indicates the tag number. When they are set to 11111, it means that there are subsequent tag bytes. bit8 of the subsequent byte indicates whether or not it is the last byte as shown in [Pic.6]
       • 0h: the last byte
       • 1h: there are more follwing bytes

         
         [Pic.6] TLV Subsequent Byte Format

   • Length: This field is constructed by following the DER standard as shown in [Pic.6].

     
     [Pic.6] DER Length Format

   • Value: This field is binary byte array of the specified length, which shall represent recursive sub-tree.