Doc: clarify AAD out1 semantics in EVP_EncryptInit

author William Faber <wmf1426@rit.edu>

Sun, 22 Mar 2026 21:29:27 +0000 (17:29 -0400)

committer Tomas Mraz <tomas@openssl.foundation>

Fri, 27 Mar 2026 16:40:29 +0000 (17:40 +0100)
author William Faber <wmf1426@rit.edu>
Sun, 22 Mar 2026 21:29:27 +0000 (17:29 -0400)
committer Tomas Mraz <tomas@openssl.foundation>
Fri, 27 Mar 2026 16:40:29 +0000 (17:40 +0100)
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod

index cdd7366ad391e706aab22f0def8a4fdac421c635..208424a757802a8e0d4f5e8dbe2f0867d19c7fa8 100644 (file)
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -1495,7 +1495,12 @@ depending on the mode specified.
  To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(),
  EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output
  parameter I<out> set to NULL. In this case, on success, the parameter
-I<outl> is set to the number of bytes authenticated.
+I<outl> is set to the number of AAD bytes processed in that call
+(that is, the value of I<inl>), and does not include any plaintext
+or ciphertext bytes processed by other calls.
+
+If no AAD is used, this call can be omitted. See the mode-specific notes
+below for any exceptions.
  
  When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal()
  indicates whether the operation was successful. If it does not indicate success,
author	William Faber <wmf1426@rit.edu>
	Sun, 22 Mar 2026 21:29:27 +0000 (17:29 -0400)
committer	Tomas Mraz <tomas@openssl.foundation>
	Fri, 27 Mar 2026 16:40:29 +0000 (17:40 +0100)