doc: clarify authenticity of plaintexts in update
It might not be obvious that even authenticated encryption algorithms, such as AES-GCM, emit plaintexts whose authenticity is unknown at the time the application receives and decrypts them. Only decipher.final()
ensures authenticity (and integrity).
This is almost unavoidable with stream-like single-pass authenticated encryption algorithms, such as AES-GCM, but our API also makes no stronger guarantees for non-single-pass ciphers.