CKM_BIP32_CHILD_DERIVE
This mechanism is used to derive child keys from a parent key, and can generate both the private and public part of the key pair, accepting a BIP32 public or private key as input.
Cloning (or backup) of BIP32 keys can be performed only between PCIe and/or Network HSMs containing firmware versions that support BIP32.
See BIP32 Mechanism Support and Implementation.
NA FIPS
FIPS approved? |
No |
Supported functions |
Derive |
Functions restricted from FIPS use |
N/A |
Minimum key length (bits) |
256 |
Minimum key length for FIPS use (bits) |
N/A |
Minimum legacy key length for FIPS use (bits) |
N/A |
Maximum key length (bits) |
256 |
Block size |
0 |
Digest size |
0 |
Key types |
BIP32 |
Algorithms |
None |
Modes |
None |
Flags |
Extractable |
NA non-FIPS
FIPS approved? |
No |
Supported functions |
Derive |
Functions restricted from FIPS use |
N/A |
Minimum key length (bits) |
256 |
Minimum key length for FIPS use (bits) |
N/A |
Minimum legacy key length for FIPS use (bits) |
N/A |
Maximum key length (bits) |
256 |
Block size |
0 |
Digest size |
0 |
Key types |
BIP32 |
Algorithms |
None |
Modes |
None |
Flags |
Extractable |
EU FIPS
FIPS approved? |
No |
Supported functions |
Derive |
Functions restricted from FIPS use |
N/A |
Minimum key length (bits) |
256 |
Minimum key length for FIPS use (bits) |
N/A |
Minimum legacy key length for FIPS use (bits) |
N/A |
Maximum key length (bits) |
256 |
Block size |
0 |
Digest size |
0 |
Key types |
BIP32 |
Algorithms |
None |
Modes |
None |
Flags |
Extractable |
EU non-FIPS
FIPS approved? |
No |
Supported functions |
Derive |
Functions restricted from FIPS use |
N/A |
Minimum key length (bits) |
256 |
Minimum key length for FIPS use (bits) |
N/A |
Minimum legacy key length for FIPS use (bits) |
N/A |
Maximum key length (bits) |
256 |
Block size |
0 |
Digest size |
0 |
Key types |
BIP32 |
Algorithms |
None |
Modes |
None |
Flags |
Extractable |