Well, for one, ECDSA is not an encryption scheme, but a digital signature algorithm.
The generic purpose of a crypto API like window.crypto is to give you access to implementations of some cryptographic algorithms. These implementations may be based on software or hardware. In particular, an implementation may be a piece of tamper resistant hardware (a HSM or a smart card) that can generate keys for some algorithm, and store them, without ever letting the key exist outside of the hardware. generateKey()
handles such cases. With getRandomValues()
, you can only generate a bunch of bytes in the RAM of the computer.
Moreover, private keys often need some mathematical structure. In the case of a ECDSA, a private key is a big integer in a definite range (1 to n-1, where n is the order of the curve subgroup generator); if you want to produce such a key yourself, with getRandomValues()
, then you must use some big-integer arithmetics to make sure that your value will fit in the proper range. There again, generateKey()
will produce a key with the right structure for the algorithm at hand.