crypto: Add BLAKE3 hashing algorithm

[jayschwa]

This is a translation of the official reference implementation with few changes. The bad news is that the reference implementation is designed for simplicity and not speed, so there's a lot of room for performance improvement. The good news is that, according to the crypto benchmark, the implementation is still fast relative to the other hashing algorithms:

         md5: 442 MiB/s
        sha1: 387 MiB/s
      sha256: 192 MiB/s
      sha512: 277 MiB/s
    sha3-256: 217 MiB/s
    sha3-512: 127 MiB/s
     blake2s: 471 MiB/s
     blake2b: 537 MiB/s
      blake3: 588 MiB/s
    poly1305: 1492 MiB/s
    hmac-md5: 655 MiB/s
   hmac-sha1: 554 MiB/s
 hmac-sha256: 222 MiB/s
      x25519: 8753 exchanges/s

[jayschwa]

Something about my test data is causing Zig to segfault in CI and local non-release builds. The test succeeds if I use a release build from my package manager (0.5.0+4f2652d50). The following is enough to cause a segfault; it doesn't even engage the Blake3 code.

test "BLAKE3 reference test cases" {
    for (reference_test.cases) |t| {
        _ = t;
    }
}

[LemonBoy]

I've opened #4373 for that problem, you can side-step it by declaring reference_test initializer type explicitly.

[jayschwa]

Style question: When passing an array into a slice parameter, is it preferable to use &array or array[0..]?

[andrewrk]

Style question: When passing an array into a slice parameter, is it preferable to use &array or array[0..]?

I've been using &array.

[andrewrk]

Nice work!

[jayschwa]

I think this algorithm is a great candidate for use in #4311, especially with more potential performance wins. In addition to the simple reference implementation, the BLAKE3 repo also has a super-charged (but more complex) SIMD implementation that could be translated.