RAND_pseudo_bytes is good enough for encryption IVs,

we should not need RAND_bytes (and we cannot use the latter
unless we load a seed file)