[openssl] OpenSSL_1_1_1-stable update

Dr. Paul Dale pauli at openssl.org
Fri Jul 17 12:23:53 UTC 2020 

The branch OpenSSL_1_1_1-stable has been updated
       via  a47dd08d6cacc64536c2f57e0f0aee03dcfaab3d (commit)
      from  42bb51e59308b3ebc5cc1c35ff4822fba6b52d79 (commit)


- Log -----------------------------------------------------------------
commit a47dd08d6cacc64536c2f57e0f0aee03dcfaab3d
Author: Pauli <paul.dale at oracle.com>
Date:   Tue Jul 14 08:39:32 2020 +1000

    doc: Fix documentation of EVP_EncryptUpdate().
    
    The documentation was off by one for the length this function could return.
    
    Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
    (Merged from https://github.com/openssl/openssl/pull/12435)
    
    (cherry picked from commit 3fc164e8d18dcdef57d297956debf8d966e7fbef)

-----------------------------------------------------------------------

Summary of changes:
 doc/man3/EVP_EncryptInit.pod | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index 2828bca2f8..23ddf9153d 100644
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -146,10 +146,15 @@ appropriate.
 EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
 writes the encrypted version to B<out>. This function can be called
 multiple times to encrypt successive blocks of data. The amount
-of data written depends on the block alignment of the encrypted data:
-as a result the amount of data written may be anything from zero bytes
-to (inl + cipher_block_size - 1) so B<out> should contain sufficient
-room. The actual number of bytes written is placed in B<outl>. It also
+of data written depends on the block alignment of the encrypted data.
+For most ciphers and modes, the amount of data written can be anything
+from zero bytes to (inl + cipher_block_size - 1) bytes.
+For wrap cipher modes, the amount of data written can be anything
+from zero bytes to (inl + cipher_block_size) bytes.
+For stream ciphers, the amount of data written can be anything from zero
+bytes to inl bytes.
+Thus, B<out> should contain sufficient room for the operation being performed.
+The actual number of bytes written is placed in B<outl>. It also
 checks if B<in> and B<out> are partially overlapping, and if they are
 0 is returned to indicate failure.

More information about the openssl-commits mailing list