There is a trace statement printed to stdout in the PKCS11SecureRandom constructor.
This is only a problem in one place. Michelle can workaround as follows:
Instead of calling:
SecureRandom rng = SecureRandom.getInstance("pkcs11prng");
JSSSecureRandom rng = CryptoManager.getSecureRNG();
JSSSecureRandom supports the nextByte() method, just like SecureRandom.
This is already fixed on the trunk, but it should be fixed for 3.1.1 as well.
Fixed on JSS_3_1_BRANCH.
new revision: 22.214.171.124; previous revision: 1.2