diff options
author | Pauli <paul.dale@oracle.com> | 2020-07-14 08:39:32 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-07-17 22:22:34 +1000 |
commit | 3fc164e8d18dcdef57d297956debf8d966e7fbef (patch) | |
tree | 43b148254990c950a7ae6b2fab5fd487b1d03f43 /doc/man3/EVP_EncryptInit.pod | |
parent | b99c463d78ecad29f89165fc64a281faafa9461c (diff) |
doc: Fix documentation of EVP_EncryptUpdate().
The documentation was off by one for the length this function could return.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12435)
Diffstat (limited to 'doc/man3/EVP_EncryptInit.pod')
-rw-r--r-- | doc/man3/EVP_EncryptInit.pod | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index d40402ba1d..6edd8dc154 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -210,10 +210,15 @@ specified. EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and writes the encrypted version to B<out>. This function can be called multiple times to encrypt successive blocks of data. The amount -of data written depends on the block alignment of the encrypted data: -as a result the amount of data written may be anything from zero bytes -to (inl + cipher_block_size - 1) so B<out> should contain sufficient -room. The actual number of bytes written is placed in B<outl>. It also +of data written depends on the block alignment of the encrypted data. +For most ciphers and modes, the amount of data written can be anything +from zero bytes to (inl + cipher_block_size - 1) bytes. +For wrap cipher modes, the amount of data written can be anything +from zero bytes to (inl + cipher_block_size) bytes. +For stream ciphers, the amount of data written can be anything from zero +bytes to inl bytes. +Thus, B<out> should contain sufficient room for the operation being performed. +The actual number of bytes written is placed in B<outl>. It also checks if B<in> and B<out> are partially overlapping, and if they are 0 is returned to indicate failure. |