Make our openssl-RNG calling code less scary.
crypto_rand() returns even when RAND_bytes fails. That's bad!
It's not actually a security bug though, since RAND_bytes can't fail given how we set it up. But we should change the warning in RAND_bytes() to an assertion. Then we can make crypto_rand() return void.
Similarly, in crypto_seed_rng(), we should check RAND_status() or something, and flip out or assert if the openssl RNG is not fully initialized and seeded.