Add crypto GenerateEntropy() and GenerateHexNonce()

crypto/entropy.go

@@ -0,0 +1,36 @@
+package crypto
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"errors"
+)
+
+func GenerateEntropy(n int) ([]byte, error) {
+	if n <= 0 {
+		return nil, errors.New("entropy byte size must be > 0")
+	}
+
+	bytes := make([]byte, n)
+	size, err := rand.Read(bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	if size != n {
+		return nil, errors.New("random generation failed to match expected size")
+	}
+
+	return bytes, nil
+}
+
+func GenerateHexNonce() (string, error) {
+	// 16 bytes was chosen because 16 bytes = 128 bits which is considered minimally sufficient
+	//		https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf
+	bytes, err := GenerateEntropy(16)
+	if err != nil {
+		return "", err
+	}
+
+	return hex.EncodeToString(bytes), nil
+}

crypto/entropy_test.go

@@ -0,0 +1,40 @@
+package crypto_test
+
+import (
+	"testing"
+
+	"github.com/alecthomas/assert/v2"
+	"github.com/tbd54566975/web5-go/crypto"
+)
+
+func Test_GenerateEntropy(t *testing.T) {
+	size := 16
+	bytes, err := crypto.GenerateEntropy(size)
+	assert.NoError(t, err)
+	assert.Equal(t, size, len(bytes))
+}
+
+func Test_GenerateEntropy_InvalidSize(t *testing.T) {
+	bytes, err := crypto.GenerateEntropy(0)
+	assert.Error(t, err)
+	assert.Equal(t, nil, bytes)
+
+	bytes, err = crypto.GenerateEntropy(-1)
+	assert.Error(t, err)
+	assert.Equal(t, nil, bytes)
+}
+
+func Test_GenerateHexNonce(t *testing.T) {
+	nonceMap := make(map[string]bool)
+
+	for i := 0; i < 1000000; i++ {
+		nonce, err := crypto.GenerateHexNonce()
+		assert.NoError(t, err)
+		assert.Equal(t, 32, len(nonce))
+
+		nonceMap[nonce] = true
+	}
+
+	// Assert that we have 1000000 unique nonces
+	assert.Equal(t, 1000000, len(nonceMap))
+}