DKEK key check value - further usage

When I am using HSM with 1 DKEK I received a pbe-file and sc-hsm-tool is showing a “DKEK key check value” . When I have a given pbe-file how could I use the “DKEK key check value” to understand that this file/DKEK is the right one for this HSM ?
Or maybe simpler : For what will I use “DKEK key check value” ?

Hi!

I think it could be used at least as a visual confirmation that the key was imported correctly, since this is a kind of fingerprint. In one of the vendor’s articles it was used as such during recovery process:

• https://www.smartcard-hsm.com/2014/09/25/Desaster_Recovery_for_your_SmartCard-HSM.html

Other related:

• https://raymii.org/s/articles/Decrypt_NitroKey_HSM_or_SmartCard-HSM_private_keys.html
• https://caffinc.github.io/2018/04/key-check-value/ (general)

Thanks for the suggestions and links. Will read them !