<p>在Java中有两个有趣的类-<a href="https://docs.oracle.com/javase/7/docs/api/java/security/spec/ECGenParameterSpec.html" rel="nofollow noreferrer">ECGenParameterSpec</a>和<a href="https://docs.oracle.com/javase/7/docs/api/java/security/KeyPairGenerator.html" rel="nofollow noreferrer">KeyPairGenerator</a><em>ECGenParameterSpec</em>指定用于生成椭圆曲线域参数的参数,<em>KeyPairGenerator</em>用于生成公钥和私钥对</p>
<p>在Nokilay Elenkov的书<a href="https://rads.stackoverflow.com/amzn/click/com/1593275811" rel="nofollow noreferrer">Android Security Internals</a>中,有一个很好的代码示例,说明了它们的组合可以生成密钥对</p>
<pre><code>KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDH");
ECGenParameterSpec ecParamSpec = new ECGenParameterSpec("secp256r1");
kpg.initialize(ecParamSpec);
KeyPair keyPair = kpg.generateKeyPair();
</code></pre>
<p>这是对前面代码的解释</p>
<blockquote>
<p>There are two ways to initialize a KeyPairGenerator: by specifying the
desired key size and by specifying algorithm-specific parameters. In
both cases, you can optionally pass a SecureRandom instance to be used
for key generation. If only a key size is specified, key generation
will use default parameters (if any). To specify additional
parameters, you must instantiate and configure an
AlgorithmParameterSpec instance appropriate for the asymmetric
algorithm you are using and pass it to the initialize() method, as
shown in Example 5-15. In this example, the ECGenParameterSpec
initialized in <strong>line 2</strong> is an AlgorithmParameterSpec that allows you to
specify the curve name used when generating Elliptic Curve (EC)
cryptography keys. After it is passed to the initialize() method in <strong>line 3</strong>,
the subsequent generateKeyPair() call in <strong>line 4</strong> will use the specified
curve (secp256r1) to generate the key pair.</p>
</blockquote>