Clarify Tag Length Setting in OCB Mode

Fixes #8331: Updated the description for setting the tag length in OCB mode to remove the misleading “when encrypting” and “during encryption” phrasing. This change emphasizes that setting a custom tag length requires a call with NULL, applicable to both encryption and decryption contexts.

Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25424)

(cherry picked from commit 1299699a90967c3a0b236e552d92dc307d0d6da3)

diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index fe63051d4d173c52d00181e09241d89154835fb2..845d8c93ad6584cbca2b90df1b6bffa4af2f7f62 100644 (file)
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -1434,10 +1434,9 @@ For GCM, this call is only valid when decrypting data.
 For OCB, this call is valid when decrypting data to set the expected tag,
 and when encrypting to set the desired tag length.
 
-In OCB mode, calling this when encrypting with C<tag> set to C<NULL> sets the
-tag length. The tag length can only be set before specifying an IV. If this is
-not called prior to setting the IV during encryption, then a default tag length
-is used.
+In OCB mode, calling this with C<tag> set to C<NULL> sets the tag length.
+The tag length can only be set before specifying an IV. If this is not called
+prior to setting the IV, then a default tag length is used.
 
 For OCB AES, the default tag length is 16 (i.e. 128 bits).  It is also the
 maximum tag length for OCB.