ChaCha20: allow in-place en/decryption All other ciphers so far allow this. In particular, the TLS layer depends on this, despite what's documented in the Cipher layer, see https://github.com/ARMmbed/mbedtls/issues/1085 https://github.com/ARMmbed/mbedtls/issues/1087 Also, this can be useful for implementing chachapoly without depending on the semi-internal function keystream_block(), see next commit.

commit: 02969bf882f9027dd9a596aa7a9e2934611380a8 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon May 07 11:57:05 2018 +0200
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu May 10 13:23:02 2018 +0200
tree: 138a74394b091a65db205494fb1407d36dfefff5
parent: d4bd8569d4f14915fbc82961a6cf12cca9baac82 [diff]
diff --git a/include/mbedtls/chacha20.h b/include/mbedtls/chacha20.h
index f88bd28..7999702 100644
--- a/include/mbedtls/chacha20.h
+++ b/include/mbedtls/chacha20.h

@@ -133,9 +133,8 @@
  *
  *                  This function is used to both encrypt and decrypt data.
  *
- * \note            The \p input and \p output buffers may overlap, but only
- *                  if input >= output (i.e. only if input points ahead of
- *                  the output pointer).
+ * \note            The \p input and \p output pointers must either be equal or
+ *                  point to non-overlapping buffers.
  *
  * \note            mbedtls_chacha20_setkey and mbedtls_chacha20_starts must be
  *                  called at least once to setup the context before this function
commit	02969bf882f9027dd9a596aa7a9e2934611380a8	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon May 07 11:57:05 2018 +0200
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu May 10 13:23:02 2018 +0200
tree	138a74394b091a65db205494fb1407d36dfefff5
parent	d4bd8569d4f14915fbc82961a6cf12cca9baac82 [diff]