Isn't the fact that they only return the nonce a matter of the software not the hardware? The hardware itself would be specific in the fact that it is chip tuned to perform Double SHA256 hashing extremely effectively. The chip itself can't return anything out of it other than a completed full hash.

If you could recode the software/firmware to spit out a full hash from the software side, you would have a valid SHA256 hash, so long as your input is specifically 80 Bytes. I mean is it not the firmware/software that has the logic coded in it to determine what is and is not below the target?