From: Tomas Mraz <tomas@openssl.org>
Date: Wed, 13 Dec 2023 09:03:07 +0000 (+0100)
Subject: SM4: Document that the XTS mode does not support streaming
X-Git-Tag: openssl-3.3.0-alpha1~384
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e2f9c2dd373c0859b87ecda6bf88b01a8bc6200e;p=thirdparty%2Fopenssl.git

SM4: Document that the XTS mode does not support streaming

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/23028)
---

diff --git a/doc/man7/EVP_CIPHER-SM4.pod b/doc/man7/EVP_CIPHER-SM4.pod
index b0c292757e7..a446fafb6d4 100644
--- a/doc/man7/EVP_CIPHER-SM4.pod
+++ b/doc/man7/EVP_CIPHER-SM4.pod
@@ -37,6 +37,15 @@ The following algorithms are available in the default provider:
 This implementation supports the parameters described in
 L<EVP_EncryptInit(3)/PARAMETERS>.
 
+=head1 NOTES
+
+The SM4-XTS implementation allows streaming to be performed, but each
+L<EVP_EncryptUpdate(3)> or L<EVP_DecryptUpdate(3)> call requires each input
+to be a multiple of the blocksize. Only the final EVP_EncryptUpdate() or
+EVP_DecryptUpdate() call can optionally have an input that is not a multiple
+of the blocksize but is larger than one block. In that case ciphertext
+stealing (CTS) is used to fill the block.
+
 =head1 SEE ALSO
 
 L<provider-cipher(7)>, L<OSSL_PROVIDER-default(7)>