The ChaCha20 and ChaCha20-Poly1305 cipher implementations in SunJCE implement key and nonce reuse protection. This means that a key and nonce may not be used across two subsequent Cipher.init calls. However, in AES-GCM we do allow key/nonce reuse when the cipher is in DECRYPT_MODE in order to be able to reuse a Cipher object to decrypt the information is has encrypted, or for use in protocols where one may be decrypting multiple ciphertexts that may be the result of retransmissions (e.g. DTLS).

Currently ChaCha20 does not allow decrypt-mode Cipher objects to reuse the key and nonce, but it should. Fixing this issue will have ChaCha20 and ChaCha20-Poly1305 init behavior conform to the same rules that AES-GCM does.