-int sc_send_bin_buffer(struct stream_cipher_context *scc, const char *buf,
- size_t len);
-int sc_send_buffer(struct stream_cipher_context *scc, const char *buf);
-__printf_2_3 int sc_send_va_buffer(struct stream_cipher_context *scc,
- const char *fmt, ...);
-int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf,
- size_t size);
-int sc_recv_buffer(struct stream_cipher_context *scc, char *buf, size_t size);
+/**
+ * Encrypt or decrypt a buffer using a stream cipher.
+ *
+ * \param sc Crypto key.
+ * \param src The source buffer and length.
+ * \param dst The destination buffer and length, filled out by the function.
+ *
+ * It is up to the implementation to decide whether the crypt operation is
+ * performed in place. The caller can tell by looking if the buffers given by
+ * \a src and \a dst coincide after the call. If (and only if) the crypt
+ * operation was not performed in place, the function allocated a new buffer
+ * for the result, so dst->iov_base is different from src->iov_base. In this
+ * case, the destination buffer must be freed by the caller when it is no
+ * longer needed.
+ */
+void sc_crypt(struct stream_cipher *sc, struct iovec *src, struct iovec *dst);