For example, NIST SP 800-56Ar2 section 5.8 describes how to derive keys from Diffie-Hellman output.
B) Implement the following simple key derivation function: 1) Call .
Also, some additional effort may be required to enforce key size restrictions like the ones in Table 2 of NIST SP 800-57pt1r4. This solution should only be used as a last resort if the application code cannot be modified, or if the application must interoperate with a system that cannot be modified.
Each entry consists of a case-insensitive algorithm name and the corresponding default key size (in decimal) separated by ":". By default, this property will not have a value, and JDK providers will use their own default values.
Entries containing an unrecognized algorithm name will be ignored.
Key Pair Generator class or by the "jdk.security.default Key Size" system property if set.
RSA public key validation In 6u181, the RSA implementation in the Sun Rsa Sign provider will reject any RSA public key that has an exponent that is not in the valid range as defined by PKCS#1 version 2.2.
This change will affect JSSE connections as well as applications built on JCE.