rand_core v0.9 support

[tarcieri]

I tried bumping this repo to rand_core v0.9.0-alpha.2 and ran into the following problem:

This release gets rid of CryptoRngCore and instead changes CryptoRng to have RngCore as a supertrait.

It also splits out TryRngCore into a separate trait, so we can't simply replace CryptoRngCore with CryptoRng and still have access to try_fill_bytes.

What should we do?

1. Request upstream change to CryptoRng to have a supertrait bound on TryRngCore
2. Switch to CryptoRng and fill_bytes and get rid of fallible errors when using rand_core-based APIs (we still have fallibility for getrandom-based APIs)
3. Switch from CryptoRngCore to bounds of CryptoRng + TryRngCore

[tarcieri]

I think option 2 is probably the most straightforward. It's pretty much where we were before, and we have also added getrandom-based fallible APIs.

[newpavlov]

I think we can have two sets of methods: one set based on CryptoRng and another set of try_* methods based on TryCryptoRng. Note that fallible RNGs should implement the Try* traits, while potentially fallible ones can be converted to "infallible" using the UnwrapErr wrapper. Users then can decide what to use by themselves.