Nitrokey HSM2 derivation AES-CMAC


Is the Nitrokey HSM2 capable of performing the derivation of an AES key via simple AES-CMAC as explained by NXP in this document:

This corresponds to NIST:
Which PKCS # 11 mechanism is available CKM_AES_CMAC? CKM_AES_CMAC_GENERAL?

Thank you.

HSM2: Supported AES Modes? - looks like it does not. Just tried some other random smartcard I have and it does not seem to have it, too,

Quick Internet search reveals there are some chips and other solutions that support it. I think it cannot be added in the PKCS#11 provider (software talking to the smartcard) because K1 and K2 subkey generation needs to be done in secret, too.