From: Pauli <ppzgs1@gmail.com>
Date: Thu, 5 Jun 2025 02:02:52 +0000 (+1000)
Subject: rand: document the EVP_RAND_nonce() return correctly
X-Git-Tag: openssl-3.5.1~41
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2d1ce1ddf9ca56d7b3c4043a7579710a4e76fc7c;p=thirdparty%2Fopenssl.git

rand: document the EVP_RAND_nonce() return correctly

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27766)

(cherry picked from commit e81b252a955ae380c3af6129b0f9054c2594b8d6)
---

diff --git a/doc/man3/EVP_RAND.pod b/doc/man3/EVP_RAND.pod
index fdb9ef9dcfd..da7559532e8 100644
--- a/doc/man3/EVP_RAND.pod
+++ b/doc/man3/EVP_RAND.pod
@@ -152,11 +152,8 @@ operating system.  If I<prediction_resistance> is specified, fresh entropy
 from a live source will be sought.  This call operates as per NIST SP 800-90A
 and SP 800-90C.
 
-EVP_RAND_nonce() creates a nonce in I<out> of maximum length I<outlen>
-bytes from the RAND I<ctx>. The function returns the length of the generated
-nonce. If I<out> is NULL, the length is still returned but no generation
-takes place. This allows a caller to dynamically allocate a buffer of the
-appropriate size.
+EVP_RAND_nonce() creates a nonce in I<out> of length I<outlen>
+bytes from the RAND I<ctx>.
 
 EVP_RAND_enable_locking() enables locking for the RAND I<ctx> and all of
 its parents.  After this I<ctx> will operate in a thread safe manner, albeit
@@ -385,7 +382,7 @@ EVP_RAND_CTX_free() does not return a value.
 
 EVP_RAND_CTX_up_ref() returns 1 on success, 0 on error.
 
-EVP_RAND_nonce() returns the length of the nonce.
+EVP_RAND_nonce() returns 1 on success, 0 on error.
 
 EVP_RAND_get_strength() returns the strength of the random number generator
 in bits.