[openssl] master update

Dr. Paul Dale pauli at openssl.org
Fri Jul 17 12:22:58 UTC 2020 

The branch master has been updated
       via  3fc164e8d18dcdef57d297956debf8d966e7fbef (commit)
      from  b99c463d78ecad29f89165fc64a281faafa9461c (commit)


- Log -----------------------------------------------------------------
commit 3fc164e8d18dcdef57d297956debf8d966e7fbef
Author: Pauli <paul.dale at oracle.com>
Date:   Tue Jul 14 08:39:32 2020 +1000

    doc: Fix documentation of EVP_EncryptUpdate().
    
    The documentation was off by one for the length this function could return.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12435)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/EVP_EncryptInit.pod | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index d40402ba1d..6edd8dc154 100644
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -210,10 +210,15 @@ specified.
 EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
 writes the encrypted version to B<out>. This function can be called
 multiple times to encrypt successive blocks of data. The amount
-of data written depends on the block alignment of the encrypted data:
-as a result the amount of data written may be anything from zero bytes
-to (inl + cipher_block_size - 1) so B<out> should contain sufficient
-room. The actual number of bytes written is placed in B<outl>. It also
+of data written depends on the block alignment of the encrypted data.
+For most ciphers and modes, the amount of data written can be anything
+from zero bytes to (inl + cipher_block_size - 1) bytes.
+For wrap cipher modes, the amount of data written can be anything
+from zero bytes to (inl + cipher_block_size) bytes.
+For stream ciphers, the amount of data written can be anything from zero
+bytes to inl bytes.
+Thus, B<out> should contain sufficient room for the operation being performed.
+The actual number of bytes written is placed in B<outl>. It also
 checks if B<in> and B<out> are partially overlapping, and if they are
 0 is returned to indicate failure.

More information about the openssl-commits mailing list