2 files changed, 14 insertions, 3 deletions

diff --git a/security-utils/src/main/java/com/yahoo/security/KeyAlgorithm.java b/security-utils/src/main/java/com/yahoo/security/KeyAlgorithm.java
index 3218f81f0d6..732ac2bb12c 100644
--- a/security-utils/src/main/java/com/yahoo/security/KeyAlgorithm.java
+++ b/security-utils/src/main/java/com/yahoo/security/KeyAlgorithm.java
@@ -1,20 +1,28 @@
 // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.security;
 
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.ECGenParameterSpec;
+import java.util.Optional;
+
 /**
  * @author bjorncs
  */
 public enum KeyAlgorithm {
-    RSA("RSA"),
-    EC("EC");
+    RSA("RSA", null),
+    EC("EC", new ECGenParameterSpec("prime256v1")); // TODO Make curve configurable
 
     final String algorithmName;
+    private final AlgorithmParameterSpec spec;
 
-    KeyAlgorithm(String algorithmName) {
+    KeyAlgorithm(String algorithmName, AlgorithmParameterSpec spec) {
         this.algorithmName = algorithmName;
+        this.spec = spec;
     }
 
     String getAlgorithmName() {
         return algorithmName;
     }
+
+    Optional<AlgorithmParameterSpec> getSpec() { return Optional.ofNullable(spec); }
 }
diff --git a/security-utils/src/main/java/com/yahoo/security/KeyUtils.java b/security-utils/src/main/java/com/yahoo/security/KeyUtils.java
index 0d45a62f193..76e0f5419a3 100644
--- a/security-utils/src/main/java/com/yahoo/security/KeyUtils.java
+++ b/security-utils/src/main/java/com/yahoo/security/KeyUtils.java
@@ -46,6 +46,9 @@ public class KeyUtils {
             if (keySize != -1) {
                 keyGen.initialize(keySize);
             }
+            if (algorithm.getSpec().isPresent()) {
+                keyGen.initialize(algorithm.getSpec().get());
+            }
             return keyGen.genKeyPair();
         } catch (GeneralSecurityException e) {
             throw new RuntimeException(e);