SecureRandom.PKCS11 from the SunPKCS11 Provider is disabled by default on Solaris because the native PKCS11 implementation has poor performance and is not recommended. If your application requires SecureRandom.PKCS11, you can re-enable it by removing "SecureRandom" from the disabledMechanisms list in conf/security/sunpkcs11-solaris.cfg Performance improvements have also been made in the java.security.SecureRandom class. Improvements in the JDK implementation has allowed for synchronization to be removed from the java.security.SecureRandom.nextBytes(byte[] bytes) method.
|