CKM_BIP32_MASTER_DERIVE
This mechanism is used to derive the master key pair from a seed. The input key must have the type CKK_GENERIC_SECRET (size between 128 and 512 bits).
Only curve secp256k1 is supported. Key type CKK_BIP32 is introduced; existing ECDSA keys cannot be used with the BIP32 mechanisms. All mechanisms supported by ECDSA keys are supported for BIP32 keys.
Cloning (or backup) of BIP32 keys can be performed only between Luna HSMs containing firmware versions that support BIP32.
See BIP32 Mechanism Support and Implementation.
Firmware 7.3.0 and Newer Summary
| FIPS approved? | No |
| Supported functions | Derive |
| Functions restricted from FIPS use | N/A |
| Minimum key length (bits) | 128 |
| Minimum key length for FIPS use (bits) | N/A |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 512 |
| Block size | 0 |
| Digest size | 0 |
| Key types | GENERIC_SECRET |
| Algorithms | None |
| Modes | None |
| Flags | Extractable |
