diff --git a/src/main/java/org/jruby/ext/openssl/PKeyEC.java b/src/main/java/org/jruby/ext/openssl/PKeyEC.java
index fb051fb0..3352d095 100644
--- a/src/main/java/org/jruby/ext/openssl/PKeyEC.java
+++ b/src/main/java/org/jruby/ext/openssl/PKeyEC.java
@@ -17,13 +17,10 @@
 import java.security.KeyFactory;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 
-import java.security.SecureRandom;
-import java.security.SignatureException;
 import java.security.interfaces.ECPrivateKey;
 import java.security.interfaces.ECPublicKey;
 import java.security.spec.ECGenParameterSpec;
@@ -427,7 +424,7 @@ public PKeyEC generate_key(final ThreadContext context) {
         try {
             ECGenParameterSpec genSpec = new ECGenParameterSpec(getCurveName());
             KeyPairGenerator gen = SecurityHelper.getKeyPairGenerator("EC"); // "BC"
-            gen.initialize(genSpec, new SecureRandom());
+            gen.initialize(genSpec, OpenSSL.getSecureRandom(context));
             KeyPair pair = gen.generateKeyPair();
             this.publicKey = (ECPublicKey) pair.getPublic();
             this.privateKey = pair.getPrivate();
@@ -537,11 +534,8 @@ public IRubyObject dh_compute_key(final ThreadContext context, final IRubyObject
             final byte[] secret = agreement.generateSecret();
             return StringHelper.newString(context.runtime, secret);
         }
-        catch (NoSuchAlgorithmException ex) {
-            throw newECError(context.runtime, ex.toString());
-        }
         catch (InvalidKeyException ex) {
-            throw newECError(context.runtime, ex.toString());
+            throw newECError(context.runtime, "invalid key: " + ex.getMessage());
         }
         catch (GeneralSecurityException ex) {
             throw newECError(context.runtime, ex.toString());