crypto_strongest_rand() failures should be fatal(?)
Follow up from #17686 (moved).
We either trust OpenSSL's RAND_bytes()
, or we don't. The existence/use of the call hints at the latter, so failing crypto_strongest_rand()
should be fatal especially when doing Ed25519/Curve25519 key generation.