From f7a6d1122befe9cd1d3de70cb2c19595a701b9aa Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 5 Mar 2019 15:41:27 +0000 Subject: [PATCH] Update ChaCha20-Poly1305 documentation Correctly describe the maximum IV length. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit 27d5631236325c3fd8a3bd06af282ac496aac64b) --- doc/man3/EVP_EncryptInit.pod | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index b43a3e5468..faf7bb4c0d 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -436,7 +436,9 @@ The following Is are supported for the ChaCha20-Poly1305 AEAD algorithm. Sets the nonce length. This call can only be made before specifying the nonce. If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum -nonce length is 16 (B, i.e. 128-bits). +nonce length is 12 bytes (i.e. 96-bits). If a nonce of less than 12 bytes is set +then the nonce is automatically padded with leading 0 bytes to make it 12 bytes +in length. =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag) -- 2.25.1