On Sun, Feb 8, 2015 at 12:11 PM, Tom Worster <f...@thefsb.org> wrote: > > Thanks Damien and Daniel for the info. > > I am not concerned about running out of entropy. I am concerned about > userspace RNGs such as OpenSSL > http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
Just to be clear (as Damien also mentioned): openssl is not a userspace RNG. It uses the underlying system-specific resources. If your system's RNG is good enough (/dev/[u]random in nix-like systems) for you, openssl_random_pseudo_bytes() is good enough for you.
