CKM_BIP32_CHILD_DERIVE
This mechanism is used to derive child keys from a parent key, and can generate both the private and public part of the key pair, accepting a BIP32 public or private key as input.
Cloning (or backup) of BIP32 keys can be performed only between PCIe and/or Network HSMs containing firmware versions that support BIP32.
See BIP32 Mechanism Support and Implementation.
NA FIPS
| FIPS approved? | No |
| Supported functions | Derive |
| Functions restricted from FIPS use | N/A |
| Minimum key length (bits) | 256 |
| Minimum key length for FIPS use (bits) | N/A |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 256 |
| Block size | 0 |
| Digest size | 0 |
| Key types | BIP32 |
| Algorithms | None |
| Modes | None |
| Flags | Extractable |
NA non-FIPS
| FIPS approved? | No |
| Supported functions | Derive |
| Functions restricted from FIPS use | N/A |
| Minimum key length (bits) | 256 |
| Minimum key length for FIPS use (bits) | N/A |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 256 |
| Block size | 0 |
| Digest size | 0 |
| Key types | BIP32 |
| Algorithms | None |
| Modes | None |
| Flags | Extractable |
EU FIPS
| FIPS approved? | No |
| Supported functions | Derive |
| Functions restricted from FIPS use | N/A |
| Minimum key length (bits) | 256 |
| Minimum key length for FIPS use (bits) | N/A |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 256 |
| Block size | 0 |
| Digest size | 0 |
| Key types | BIP32 |
| Algorithms | None |
| Modes | None |
| Flags | Extractable |
EU non-FIPS
| FIPS approved? | No |
| Supported functions | Derive |
| Functions restricted from FIPS use | N/A |
| Minimum key length (bits) | 256 |
| Minimum key length for FIPS use (bits) | N/A |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 256 |
| Block size | 0 |
| Digest size | 0 |
| Key types | BIP32 |
| Algorithms | None |
| Modes | None |
| Flags | Extractable |
