hash: Adds ChaCha20 CSPRNG functions, updates TOTP generator, adds Base32

[itsmeow]

Adds to functions to hash:

• rustg_csprng_chacha20(format, n_bytes): Cryptographically-secure pseudo-random number generator seeded by the OS/hardware.
• rustg_prng_chacha20_seeded(format, n_bytes, seed): High-quality known-seed deterministic pseudo-random number generator.
• rustg_encode_base32(string, padding)
• rustg_decode_base32(string, padding)

Both functions support output into any of the following formats:

• Hex [0-9a-z]
• Alphanumeric [A-Za-z0-9]
• Base32 [A-Z2-7=]
• Base64 [A-Za-z0-9+/=]

Both functions take a parameter, n_bytes which is the number of bytes sampled by the RNG. The relation of n_bytes to string output length is not 1:1 and varies by format.

• Hex: n_bytes * 2
• Alphanumeric: n_bytes
• Base32: ceil(n_bytes / 5) * 8
• Base64: 4 * ceil(n_bytes/3)

CSPRNG seeds are provided by SeedableRng::from_os_rng which uses getrandom

On Windows 10, getrandom calls ProcessPrng
On Linux, getrandom performs a getrandom system call if available, otherwise /dev/urandom after successfully polling /dev/random

Updates TOTP generator from #76 to support SHA256 and SHA512 HMACs, as well as implements tests from the RFC rather than a private edu paper. Also allows more than 10 bytes worth of entropy for the secret key because ????????????? why?????? and stop implementing HMAC from scratch and just use a crate

Breaking Changes

• Breaking change: rustg_generate_totp and rustg_hash_generate_totp_tolerance have been updated from rustg_generate_totpXXX(seed, ...) to rustg_generate_totpXXX(algorithm, seed, ...)
• Breaking change: rustg_generate_totp now accepts seeds in Base32, not hex, as this is standard for OTP apps & QR codes

[ZeWaka]

Does this belong under hash?

[itsmeow]

imo yes, it's using almost all the same packages and the TOTP generator is already there. The only reason I added a CSPRNG is because the TOTP generator needs a cryptographically secure random seed

[itsmeow]

Why base32?

Yog is the only current user of this function indexed on GitHub, and they already convert it to Base32

Google Authenticator requires that keys be encoded as Base32 without padding: https://github.com/google/google-authenticator/wiki/Key-Uri-Format

[optimumtact]

do the calls block if there is no hardware entropy available?

[itsmeow]

do the calls block if there is no hardware entropy available?

Yes, early in the boot process. The OS will eventually give the necessary data though, from what I understand.
https://docs.rs/getrandom/latest/getrandom/#early-boot