As I ask upon https://security.stackexchange.com/q/258228/168285 Should I use openssl_random_pseudo_bytes or not?