summaryrefslogtreecommitdiff
path: root/lib/libcrypto/man
diff options
context:
space:
mode:
authorJob Snijders <job@cvs.openbsd.org>2023-04-28 15:51:19 +0000
committerJob Snijders <job@cvs.openbsd.org>2023-04-28 15:51:19 +0000
commita1c245d9949e8781a8452c42a01c6d285c24f336 (patch)
tree3bef08864896672fa60a40a20a3f6198971744fa /lib/libcrypto/man
parentd18855b405a6ccd80836be4d2bafa7ef277cb6fa (diff)
Remove misinformation, reason had nothing to do with efficiency
"Failure to re-encode on modification is a bug not a feature." OK jsing@
Diffstat (limited to 'lib/libcrypto/man')
-rw-r--r--lib/libcrypto/man/ASN1_item_d2i.39
-rw-r--r--lib/libcrypto/man/X509_sign.312
2 files changed, 4 insertions, 17 deletions
diff --git a/lib/libcrypto/man/ASN1_item_d2i.3 b/lib/libcrypto/man/ASN1_item_d2i.3
index 1e86d0b5c64..a95950d7499 100644
--- a/lib/libcrypto/man/ASN1_item_d2i.3
+++ b/lib/libcrypto/man/ASN1_item_d2i.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ASN1_item_d2i.3,v 1.16 2022/04/27 08:06:37 tb Exp $
+.\" $OpenBSD: ASN1_item_d2i.3,v 1.17 2023/04/28 15:51:18 job Exp $
.\" selective merge up to:
.\" OpenSSL doc/man3/d2i_X509.pod 256989ce Jun 19 15:00:32 2020 +0200
.\"
@@ -66,7 +66,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: April 27 2022 $
+.Dd $Mdocdate: April 28 2023 $
.Dt ASN1_ITEM_D2I 3
.Os
.Sh NAME
@@ -508,8 +508,3 @@ some fields may be missing entirely, such that trying to parse it
with
.Fn ASN1_item_d2i
may fail.
-.Pp
-Any function which encodes an object may return a stale encoding
-if the object has been modified after deserialization or previous
-serialization.
-This is because some objects cache the encoding for efficiency reasons.
diff --git a/lib/libcrypto/man/X509_sign.3 b/lib/libcrypto/man/X509_sign.3
index eb69874cdce..52890207fb3 100644
--- a/lib/libcrypto/man/X509_sign.3
+++ b/lib/libcrypto/man/X509_sign.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_sign.3,v 1.9 2021/10/30 16:20:35 schwarze Exp $
+.\" $OpenBSD: X509_sign.3,v 1.10 2023/04/28 15:51:18 job Exp $
.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: October 30 2021 $
+.Dd $Mdocdate: April 28 2023 $
.Dt X509_SIGN 3
.Os
.Sh NAME
@@ -159,14 +159,6 @@ callback function instead of performing the default action.
is used where the default parameters for the corresponding public key
and digest are not suitable.
It can be used to sign keys using RSA-PSS for example.
-.Pp
-For efficiency reasons and to work around ASN.1 encoding issues, the
-encoding of the signed portion of a certificate, certificate request,
-and CRL is cached internally.
-If the signed portion of the structure is modified, the encoding is not
-always updated, meaning a stale version is sometimes used.
-This is not normally a problem because modifying the signed portion will
-invalidate the signature and signing will always update the encoding.
.Sh RETURN VALUES
.Fn X509_sign ,
.Fn X509_sign_ctx ,