Since SHA256 distills randomness, we know that hash points to 32 bytes with as much randomness in it as in the initial string the user types, which can be up to 1000 bytes. Since it is generally safe to assume that every byte the user types has one bit of entropy in it, if the user hits 256 keys before hitting enter, then hash points to 256 bits of randomness. this goes through the output hash 4 bytes at a time and prints the 4 bytes as an unsigned int. Since the hash value is 256 bits of randomness, each of the printed numbers are random and up to 32 bits. If you want to make more than sha256 bytesize / sizeof(unsigned int) random numbers with the same seed material you would do something like this: note that the original input is hashed to determine the original hash, and then from there the input is hashed together with the previous hash in order to determine the next hash. Without knowing the original input, which is the seed, an attacker can not determine what numbers will come next by knowing any of the given numbers.