Proposal Details

cipher.AEAD requires that both input and output buffers are buffers. Because of this sometimes it may be necessary to perform extra processing of data when input and/or output data has to be stored in non-continuous way. For example RFC 9335 requires to do extra processing to swap CSRC and RTP extended header type/length before and after calling AEAD functions. This assumes that RTP packet was already created; if not, before this code has to marshal RTP header to temporary buffer, copy payload to it and append padding if needed. Gather interface would allow to pass slice of byte slices as an input to Seal, and another one slice of byte slices as an output. The same for Open, it also would make things easier.

io.Reader/io.Writer instead of slice of byte slices also can be used. This also may be useful to encrypt/decrypt lots of data without having to allocate big buffers of it.