From 3fc164e8d18dcdef57d297956debf8d966e7fbef Mon Sep 17 00:00:00 2001 From: Pauli Date: Tue, 14 Jul 2020 08:39:32 +1000 Subject: [PATCH] doc: Fix documentation of EVP_EncryptUpdate(). The documentation was off by one for the length this function could return. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12435) --- doc/man3/EVP_EncryptInit.pod | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index d40402ba1dc..6edd8dc1540 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -210,10 +210,15 @@ specified. EVP_EncryptUpdate() encrypts B bytes from the buffer B and writes the encrypted version to B. This function can be called multiple times to encrypt successive blocks of data. The amount -of data written depends on the block alignment of the encrypted data: -as a result the amount of data written may be anything from zero bytes -to (inl + cipher_block_size - 1) so B should contain sufficient -room. The actual number of bytes written is placed in B. It also +of data written depends on the block alignment of the encrypted data. +For most ciphers and modes, the amount of data written can be anything +from zero bytes to (inl + cipher_block_size - 1) bytes. +For wrap cipher modes, the amount of data written can be anything +from zero bytes to (inl + cipher_block_size) bytes. +For stream ciphers, the amount of data written can be anything from zero +bytes to inl bytes. +Thus, B should contain sufficient room for the operation being performed. +The actual number of bytes written is placed in B. It also checks if B and B are partially overlapping, and if they are 0 is returned to indicate failure. -- 2.47.2