CKM_ECDH1_DERIVE
Elliptic Curve Diffie-Hellman is an anonymous key-agreement protocol. CKM_ECDH1_DERIVE is the derive function for that protocol.
NOTE To enhance performance, we have created a proprietary call CA_DeriveKeyAndWrap, which is an optimization of C_DeriveKey with C_Wrap, merging the two functions into one (the in and out constraints are the same as for the individual functions). A further optimization is applied when mechanism CKM_ECDH1_DERIVE is used with CA_DeriveKeyAndWrap.
If CA_DeriveKeyAndWrap is called with other mechanisms, those would not be optimized.
Firmware 7.3.0 and Newer Summary
| FIPS approved? | Yes |
| Supported functions | Derive |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 105 |
| Minimum key length for FIPS use (bits) | 224 |
| Minimum legacy key length for FIPS use (bits) | 160 |
| Maximum key length (bits) | 571 |
| Block size | 0 |
| Digest size | 0 |
| Key types | ECDSA | EC_MONT | BIP32 |
| Algorithms | None |
| Modes | None |
| Flags | None |
Firmware 7.2.0 and Older Summary
| FIPS approved? | Yes |
| Supported functions | Derive |
| Minimum key length (bits) | 105 |
| Minimum key length for FIPS use (bits) | 224 |
| Minimum legacy key length for FIPS use (bits) | 160 |
| Maximum key length (bits) | 571 |
| Block size | 0 |
| Digest size | 0 |
| Key types | ECDSA | EC_MONT |
| Algorithms | None |
| Modes | None |
| Flags | None |
