An implementation of the SecureRandomSpi that uses a PKCS#11 token to gereate seed bytes. For
random data it uses a software implementation. If this object is created using the default
constructor, and this is always the case when instantiated through the JCA mechanism, this
implementation always links to the first instance of IAIKPkcs11. The only way to link to a
different instance is to instantiate the PKCS11Random class directly and to specify the provider.
This implementation gets random data from a software implementation and gets seed bytes directly
from the token. It does not send any seed bytes to the token. Moreover, it automatically gets
1024 bits of seed from the token upon the first request for random data. If more seed data is
required, the application can get more seed data from this object and subsequently set it to this
engine object. If there is no token present at creation time of this object, or if the present
token does not support random number generation, this implementation uses a software delegate to
process all requests. Per default, the SHA1PRNG algorithm is used for the software delegate.