Encrypt src with XChaCha20 stream generated for the given 32-byte key and
8-byte (as in original implementation) or 12-byte (as in RFC7539) nonce and
write the result into dst and return it.
dst and src may be the same, but otherwise must not overlap.
Nonce length is set in such a way that given it's generated via a CSPRNG
then there's little concern of collision for roughly 2^96 messages while
reusing a secret key and not encountering nonce reuse vulnerabilities.
Encrypt src with XChaCha20 stream generated for the given 32-byte key and 8-byte (as in original implementation) or 12-byte (as in RFC7539) nonce and write the result into dst and return it.
dst and src may be the same, but otherwise must not overlap.
Nonce length is set in such a way that given it's generated via a CSPRNG then there's little concern of collision for roughly 2^96 messages while reusing a secret key and not encountering nonce reuse vulnerabilities.