Document changes to base16_decode_update and base64_decode_update.

diff --git a/NEWS b/NEWS
index 438b135a4c1e48d90ab6311896d12c2f259bb668..8b6d095aa8fd9fe7e2d7c11aefebe1238872b5d5 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -50,6 +50,14 @@ NEWS for the Nettle 4.0 release
          sha3_256_ctx and sha3_256_init, are defined as preprocessor
          aliases, for backwards compatibility.
 
+       * The dst_length argument to base16_decode_update and
+         base64_decode_update is now both an input and output
+         argument. On input it must now hold the size of the
+         destination buffer, and decoding fails if that is not
+         sufficient. Previously, dst_length was an output only, and
+         it was required that the destination buffer was large enough
+         for any input of the given src_length.
+
        Interface deletions:
 
        * Deleted the old struct aes_ctx, and all functions operating

diff --git a/nettle.texinfo b/nettle.texinfo
index 212ba9be274adf14c68940f51c865611c3cd1287..7f61a5c199937145b8ccb7e9d363870204e8dc7b 100644 (file)
--- a/nettle.texinfo
+++ b/nettle.texinfo
@@ -6342,10 +6342,12 @@ to @code{base64_decode_update}.
 
 @deftypefun {void} base64_decode_update (struct base64_decode_ctx *@var{ctx}, size_t *@var{dst_length}, uint8_t *@var{dst}, size_t @var{src_length}, const uint8_t *@var{src})
 After @var{ctx} is initialized, this function may be called to decode
-@var{src_length} bytes from @var{src}. @var{dst} should point to an area
-of size at least BASE64_DECODE_LENGTH(@var{src_length}). The amount of data
-generated is returned in *@var{dst_length}. Returns 1 on success
-and 0 on error.
+@var{src_length} bytes from @var{src}. The buffer pointed to by
+@var{dst} must be of size *@var{dst_length}, and the amount of data
+actually generated is returned in *@var{dst_length}. Fails if
+@var{dst_length} is too small; using a buffer of size
+BASE64_DECODE_LENGTH(@var{src_length}) is always sufficient. Returns 1 on
+success and 0 on error.
 @end deftypefun
 
 @deftypefun {int} base64_decode_final (struct base64_decode_ctx *@var{ctx})
@@ -6389,10 +6391,12 @@ to @code{base16_decode_update}.
 
 @deftypefun {int} base16_decode_update (struct base16_decode_ctx *@var{ctx}, size_t *@var{dst_length}, uint8_t *@var{dst}, size_t @var{src_length}, const uint8_t *@var{src})
 After @var{ctx} is initialized, this function may be called to decode
-@var{src_length} bytes from @var{src}. @var{dst} should point to an area
-of size at least BASE16_DECODE_LENGTH(@var{src_length}). The amount of data
-generated is returned in *@var{dst_length}. Returns 1 on success
-and 0 on error.
+@var{src_length} bytes from @var{src}. The buffer pointed to by
+@var{dst} must be of size *@var{dst_length}, and the amount of data
+actually generated is returned in *@var{dst_length}. Fails if
+@var{dst_length} is too small; using a buffer of size
+BASE16_DECODE_LENGTH(@var{src_length}) is always sufficient. Returns 1 on
+success and 0 on error.
 @end deftypefun
 
 @deftypefun {int} base16_decode_final (struct base16_decode_ctx *@var{ctx})