Same input and output buffer for libsodium crypto_stream_salsa20_xor

Question

I am wondering whether it is safe to provide the same buffer as plaintext and ciphertext for crypto_stream_salsa20_xor. I have tried to look into source files. crypto_stream_salsa20_xor uses crypto_core_salsa20, but this function appears only in a header file:

grep -r "int crypto_core_salsa" libsodium-1.0.5
libsodium-1.0.5/src/libsodium/include/sodium/crypto_core_salsa2012.h:int crypto_core_salsa2012(unsigned char *out, const unsigned char *in,
libsodium-1.0.5/src/libsodium/include/sodium/crypto_core_salsa208.h:int crypto_core_salsa208(unsigned char *out, const unsigned char *in,
libsodium-1.0.5/src/libsodium/include/sodium/crypto_core_salsa20.h:int crypto_core_salsa20(unsigned char *out, const unsigned char *in,

score 1 · Accepted Answer · answered Dec 05 '15 at 03:33

1

Yes, it is safe to do so. This also applies to other ciphers provided by the library. Input and output buffers can be identical.

answered Dec 05 '15 at 03:33

Frank Denis

1,475
9
12

I remember reading about this somewhere (documentation? source code?), but can't find it now. Where is it mentioned? _Edit_: Searching for "overlap" in [doc.libsodium.org](https://doc.libsodium.org/) and in the changelog brings up some mentions. – nishanthshanmugham Dec 05 '21 at 16:34

Same input and output buffer for libsodium crypto_stream_salsa20_xor

1 Answers1