Home > |
---|
The "SRK resplit required" flag is set only in the event that a failure occurred during a re-split operation, leaving the HSM in an intermediate state. An example might be the user pressing cancel at the wrong time, or a power failure or disconnection during a re-split.
Secure Recovery State flags:
===============================
External split enabled: yes
SRK resplit required: yes
Hardware tampered: no
Transport mode: no
After an incomplete hsm srk resplit, an attempt to login or to perform other HSM operations would yield an error message about the MTK state. The HSM would process only view/show commands while in that state.
In that situation, it is operationally urgent to issue the command:
hsm srk keys resplit
which creates a new split of the SRK and places the external portion on a new purple PED Key (or keys, if you choose to invoke MofN).
The HSM is once more usable.
An attacker lacking the proper purple key cannot place the HSM into "SRK resplit required" state. Only the holder of the legitimate purple PED Key can start an hsm srk resplit operation, and is therefore entitled to resume/restart that operation if it is interrupted.