Reduce key duplication by enabling hardware RNG

[Komzpa]

Summary

• add portable HardwareRNG helper that taps NRF52 crypto RNG, ESP32/TRNG, RP2040 hwrand, Portduino host RNG, and modem-provided entropy as available
• stir hardware bytes into CryptRNG during key generation to avoid repeated keys on NRF devices
• route NRF52, Portduino, and RP2040 platform setup through the new helper so runtime random seeds also benefit
• expose RadioLibInterface::randomBytes so modem entropy can be mixed in when radios are initialized

🤝 Attestations

• I have tested that my proposed changes behave as described.
• I have tested that my proposed changes do not cause any obvious regressions on the following devices:
  • Heltec (Lora32) V3
  • LilyGo T-Deck
  • LilyGo T-Beam
  • RAK WisBlock 4631
  • Seeed Studio T-1000E tracker card
  • Other (please specify below)

[Copilot]

Pull request overview

This PR introduces a portable HardwareRNG helper to improve random number generation across platforms by tapping into hardware RNG sources (NRF52 crypto RNG, ESP32 TRNG, RP2040 hwrand, Portduino host RNG) and optionally mixing in modem-provided entropy. The goal is to reduce key duplication issues on NRF devices by stirring hardware bytes into CryptRNG during key generation.

Key changes:

• Added HardwareRNG namespace with fill() and seed() functions for platform-agnostic hardware entropy access
• Integrated hardware entropy into CryptoEngine::generateKeyPair() to strengthen key generation
• Exposed RadioLibInterface::randomBytes() to allow modem entropy mixing when radios are initialized
• Updated NRF52, RP2040, and Portduino platform initialization to use the new HardwareRNG::seed() helper

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
src/mesh/HardwareRNG.h	New header defining the HardwareRNG interface with fill() and seed() functions
src/mesh/HardwareRNG.cpp	Implementation providing platform-specific hardware RNG access with optional radio entropy mixing
src/mesh/RadioLibInterface.h	Added public randomBytes() method declaration for exposing modem entropy
src/mesh/RadioLibInterface.cpp	Implemented randomBytes() to fetch entropy from LoRa modem via RadioLib API
src/mesh/CryptoEngine.cpp	Integrated HardwareRNG to stir 64 bytes of hardware entropy into CryptRNG during key generation
src/platform/nrf52/main-nrf52.cpp	Replaced direct nRFCrypto RNG calls with HardwareRNG::seed()
src/platform/rp2xx0/main-rp2xx0.cpp	Added HardwareRNG::seed() call alongside existing hwrand32 usage
src/platform/portduino/PortduinoGlue.cpp	Added HardwareRNG::seed() calls in both simulated and native modes

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jp-bennett]

I particularly like that this is just stirring in another potential randomness source. Will go through it in more detail as I am able.

[Komzpa]

I'll be happy if someone can take over this and get it live - we've got three new same-pubkey NRFs in the town nowadays

[jp-bennett]

I'll be happy if someone can take over this and get it live - we've got three new same-pubkey NRFs in the town nowadays

I like basically about this approach, and it's clearly needed. I'll take over and get it pushed across the line. Thanks!