android - Spongey Castle の自己署名証明書と Android KeyStore の比較?

Question

自己署名証明書を作成しようとしています。Spongey Castle KeyPair を「AndroidKeyStore」に保存するために、これを実行したいと考えています。署名は、SHA-256 ダイジェストを使用した P-256 の ECDSA である必要があります。

// see http://www.programcreek.com/java-api-examples/index.php?class=org.spongycastle.cert.X509v3CertificateBuilder&method=addExtension
X509Certificate genSelfSignedCert(KeyPair kp, String CN){
    X509Certificate certificate;

    try{
        X500Name x500Name = new X500NameBuilder(BCStyle.INSTANCE)
                            .addRDN(BCStyle.CN, CN)
                            .build();

        SecureRandom rand = new SecureRandom();
        PrivateKey privKey = kp.getPrivate();
        PublicKey pubKey = kp.getPublic();

        SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(pubKey.getEncoded()));

        Date startDate = new Date(); // now

        Calendar c = Calendar.getInstance();
        c.setTime(startDate);
        c.add(Calendar.YEAR, 1);
        Date endDate = c.getTime();

        X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(
                         x500Name,
                         BigInteger.valueOf(rand.nextLong()),
                         startDate, endDate,
                         x500Name,
                         subPubKeyInfo);


        ContentSigner sigGen = new JcaContentSignerBuilder("SHA256withECDSA").build(privKey);
        X509CertificateHolder certHolder = v3CertGen.build(sigGen);
        certificate = new JcaX509CertificateConverter().getCertificate(certHolder);
    }//try
    catch( OperatorCreationException| CertificateException X ) {;}

    mLog.debug( "kp.getPublic().getAlgorithm(): \t" + kp.getPublic().getAlgorithm() );
    mLog.debug("certificate.getPublicKey().getAlgorithm():\t" + certificate.getPublicKey().getAlgorithm());

    return certificate;
}//genSelfSignedCert()

上記のメソッド genSelfSignedCert() を使用すると (ProgramCreek.com から取得)

X509Certificate[] selfSignedCert = new X509Certificate[1];
selfSignedCert[0] = genSelfSignedCert(keyPair, "MyAwesomeAlias");
KeyStore.Entry privateKey = new PrivateKeyEntry(keyPair.getPrivate(), selfSignedCert );

私は得る：

kp.getPrivate().getAlgorithm(): ECDSA
kp.getPublic().getAlgorithm():  ECDSA
certificate.getPublicKey().getAlgorithm(): EC   <--MISMATCH!? Why not ECDSA?

IllegalArgumentException: 
 Algorithm of private key does not match algorithm of public key in end certificate of entry (with index number: 0)

この方法で、アルゴリズムが鍵ペアと一致しない証明書が作成されるのはなぜですか?