I’m generating a secret key (“ECDH”) from a key pair (“EC”, “secp256r1”) and I get the following error:

java.security.InvalidKeyException: No installed provider supports this key: android.security.keystore.AndroidKeyStoreECPrivateKey

Here is some example code for generating the keys:

private val keyPairAlgo = "secp256r1" // aka "prime256v1"// We want the prime256v1 variant.

        // We want to be able to sign, verify, and generate a symmetric key
        val parameterSpec: KeyGenParameterSpec = KeyGenParameterSpec.Builder(
            alias,
            KeyProperties.PURPOSE_SIGN or KeyProperties.PURPOSE_VERIFY or
                    KeyProperties.PURPOSE_DECRYPT or KeyProperties.PURPOSE_ENCRYPT
        ).run {
            setDigests(KeyProperties.DIGEST_SHA256) //, KeyProperties.DIGEST_SHA512)
            setAlgorithmParameterSpec(ECGenParameterSpec(keyPairAlgo))
            build()
        }

        //initialize and generate the keypair
        kpg.initialize(parameterSpec)
        val kp = kpg.generateKeyPair()

Here is example code for generating the secret key:

private val keyAgreementAlgo = "ECDH" //"DH""

        // get the correct key agreement generator and generate the key
        val ka = KeyAgreement.getInstance(keyAgreementAlgo)
        ka.init(privKey) 
        ka.doPhase(ecPubKey, true)
        return ka.generateSecret(keyAgreementAlgo)