CKM_ECIES
Firmware 7.7.3 and Newer Summary
| FIPS approved? | Yes |
| Supported functions | Encrypt | Decrypt |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 105 |
| Minimum key length for FIPS use (bits) | 224 |
| Minimum legacy key length for FIPS use (bits) | 160 |
| Maximum key length (bits) | 571 |
| Block size | 0 |
| Digest size | 0 |
| Key types | ECDSA | EC_MONT | BIP32 |
| Algorithms | None |
| Modes | None |
| Flags | Accumulating | FIPS-approved curves only |
NOTE Using Luna USB HSM 7 Firmware 7.7.3 or newer, this mechanism now verifies that the specified EC curve is FIPS-approved, and rejects operations that specify non-approved curves.
Firmware 7.7.2 Summary
| FIPS approved? | Yes |
| Supported functions | Encrypt | Decrypt |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 105 |
| Minimum key length for FIPS use (bits) | 224 |
| Minimum legacy key length for FIPS use (bits) | 160 |
| Maximum key length (bits) | 571 |
| Block size | 0 |
| Digest size | 0 |
| Key types | ECDSA | EC_MONT | BIP32 |
| Algorithms | None |
| Modes | None |
| Flags | Accumulating |
NOTE This is a single part operation, so even if it is called using multi-part API, we accumulate the data (up to a maximum) and return data only on the “final” operation. That is the meaning of "Accumulating" in the tables, above.
