The KeyPairGenerator Class
The KeyPairGenerator
class is an engine class used to generate
pairs of public and private keys.
There are two ways to generate a key pair: in an algorithmindependent manner, and in an algorithmspecific manner. The only difference between the two is the initialization of the object.
Please see the Examples section for examples of calls to the methods documented here.
 Creating a
KeyPairGenerator
 All key pair generation starts with a
KeyPairGenerator
. This generation is done using one of the factory methods onKeyPairGenerator
:static KeyPairGenerator getInstance(String algorithm) static KeyPairGenerator getInstance(String algorithm, String provider) static KeyPairGenerator getInstance(String algorithm, Provider provider)
Note: The algorithm name is not casesensitive.  Initializing a
KeyPairGenerator

A key pair generator for a particular algorithm creates a public/private key pair that can be used with this algorithm. It also associates algorithmspecific parameters with each of the generated keys.
A key pair generator needs to be initialized before it can generate keys. In most cases, algorithmindependent initialization is sufficient. But in other cases, algorithmspecific initialization is used.
 AlgorithmIndependent Initialization

All key pair generators share the concepts of a key size and a source of randomness. The key size is interpreted differently for different algorithms. For example, in the case of the DSA algorithm, the key size corresponds to the length of the modulus. (See Appendix B: Algorithms for information about the key sizes for specific algorithms.)
Aninitialize
method takes two universally shared types of arguments:void initialize(int keysize, SecureRandom random)
Anotherinitialize
method takes only akeysize
argument; it uses a systemprovided source of randomness:void initialize(int keysize)
Because no other parameters are specified when you call these algorithmindependent
initialize
methods, it is up to the provider what to do about the algorithmspecific parameters (if any) to be associated with each of the keys.If the algorithm is a DSA algorithm, and the modulus size (key size) is 512, 768, or 1024, then the IBMJCE provider uses a set of precomputed values for the
p
,q
, andg
parameters. If the modulus size is not one of these values, the IBMJCE provider creates a new set of parameters. Other providers might have precomputed parameter sets for more than just the three modulus sizes mentioned. Yet others might not have a list of precomputed parameters at all and instead always create new parameter sets.  AlgorithmSpecific Initialization
 For situations where a set of algorithmspecific parameters already exists (such as community parameters in DSA), there are two
initialize
methods that have anAlgorithmParameterSpec
argument. One also has aSecureRandom
argument, while the source of randomness is systemprovided for the other:void initialize(AlgorithmParameterSpec params, SecureRandom random) void initialize(AlgorithmParameterSpec params)
See the Examples section for more details.
 Generating a Key Pair
 The procedure for generating a key pair is always the same, regardless of initialization (and of the algorithm). You always call the following method from
KeyPairGenerator
:KeyPair generateKeyPair()
Multiple calls to
generateKeyPair
will yield different key pairs.