[sha3] Impl SyncStreamCipher for Sha3XofReader

[niluxv]

Since the Shake variants are considered secure PRFs (stream ciphers), it would be nice if sha3::Sha3XofReader would implement stream_cipher::SyncStreamCipher. (Or if there would be a different way to get a stream cipher out of shake.)

[newpavlov]

I think we will do it on the trait crate level, i.e. we will have a blanket (feature-gated) impl of the stream cipher traits for XOFs.

[niluxv]

Yes, that would be a lot nicer from an API perspective!
Why does it need to be feature-gated? It wouldn't be backwards incompatible, right?

[tarcieri]

@niluxv it would introduce a dependency on the cipher crate in the digest crate. Presently there is no such dependency.

Making the cipher dependency optional means it'd only be used when needed, and other users of digest would not see an additional dependency.

Edit: made a note of this in RustCrypto/traits#478

[niluxv]

it would introduce a dependency on the cipher crate in the digest crate.

Ah, yes, that makes sense. I should have known that. Thanks for answering!

[newpavlov]

Going to close it in favor of RustCrypto/traits#510.