I'd use method #1, because the Java API specifies the following for the Cipher.init()API that just takes the encryption/decryption mode and key:

我会使用方法 #1，因为 Java API 为Cipher.init()仅采用加密/解密模式和密钥的API 指定了以下内容：

If this cipher instance needs any algorithm parameters or random values that the specified key can not provide, the underlying implementation of this cipher is supposed to generate the required parameters (using its providerorrandom values).

如果此密码实例需要指定密钥无法提供的任何算法参数或随机值，则此密码的底层实现应该生成所需的参数（使用其提供程序或随机值）。

(emphasis mine).

（强调我的）。

So it is not clearwhat different providers will do when method 2is chosen. Looking at the Android source code, it seems that at least some versions (including version 21?) will not create a random IV- the random IV creation seems commented out.

因此，尚不清楚不同的提供商在选择方法2时会做的。查看Android源代码，似乎至少某些版本（包括版本21？）不会创建随机IV- 随机IV创建似乎被注释掉了。

Method 1 is also more transparent and it is - in my opinion - easier on the eyes.

方法 1 也更透明，而且 - 在我看来 - 更容易看清。

Note that it is generally better to use new SecureRandom()and let the system figure out which RNG is best. "SHA1PRNG"is not well defined, may differ across implementations and is knownto have had implementation weaknesses, especiallyon Android.

请注意，通常最好使用new SecureRandom()并让系统确定哪个 RNG 最好。"SHA1PRNG"没有明确定义，可能因实现而异，并且已知存在实现弱点，尤其是在 Android 上。

So the end result should be something like:

所以最终结果应该是这样的：

SecureRandom randomSecureRandom = new SecureRandom();
byte[] iv = new byte[cipher.getBlockSize()];
randomSecureRandom.nextBytes(iv);
IvParameterSpec ivParams = new IvParameterSpec(iv);

Beware that GCM mode works best with a 12 byte IV instead of the 16 byte IV - the block size of AES.

请注意 GCM 模式最适合使用 12 字节 IV 而不是 16 字节 IV - AES 的块大小。