chacha: Chacha20 and XChacha20 stream cipher support

crypto::chacha provides an implementation of the Chacha20 and XChacha20 stream
ciphers.

Use [[chacha20]] to create a [[crypto::cipher::xorstream]] and either
[[chacha20_init]] or [[xchacha20_init]] to set the handle, key and nonce of the
appropriate size, [[NONCESZ]] for chacha20 or [[XNONCESZ]] for XChacha20. After
calling the appropriate init function, [[io::write]] may be used to encrypt
blocks to the handle or [[io::read]] to decrypt blocks from the handle. The
stream must be closed with [[io::close]] to wipe sensitive data from memory.

Writing blocks of length [[BLOCKSZ]] is not required. However, seeking the key
stream with [[setctr]] only operates in units of [[BLOCKSZ]].

This is a low-level module which implements cryptographic primitives. Direct
use of cryptographic primitives is not recommended for non-experts, as
incorrect use of these primitives can easily lead to the introduction of
security vulnerabilities. Non-experts are advised to use the high-level
operations available in the top-level [[crypto::]] module.

Be advised that Hare's cryptography implementations have not been audited.