When I am using HSM with 1 DKEK I received a pbe-file and sc-hsm-tool is showing a “DKEK key check value” . When I have a given pbe-file how could I use the “DKEK key check value” to understand that this file/DKEK is the right one for this HSM ?
Or maybe simpler : For what will I use “DKEK key check value” ?
Hi!
I think it could be used at least as a visual confirmation that the key was imported correctly, since this is a kind of fingerprint. In one of the vendor’s articles it was used as such during recovery process:
Other related:
1 Like
Thanks for the suggestions and links. Will read them !