-.\" $OpenBSD: ASN1_item_d2i.3,v 1.16 2022/04/27 08:06:37 tb Exp $
+.\" $OpenBSD: ASN1_item_d2i.3,v 1.17 2023/04/28 15:51:18 job Exp $
.\" selective merge up to:
.\" OpenSSL doc/man3/d2i_X509.pod 256989ce Jun 19 15:00:32 2020 +0200
.\"
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: April 27 2022 $
+.Dd $Mdocdate: April 28 2023 $
.Dt ASN1_ITEM_D2I 3
.Os
.Sh NAME
with
.Fn ASN1_item_d2i
may fail.
-.Pp
-Any function which encodes an object may return a stale encoding
-if the object has been modified after deserialization or previous
-serialization.
-This is because some objects cache the encoding for efficiency reasons.
-.\" $OpenBSD: X509_sign.3,v 1.9 2021/10/30 16:20:35 schwarze Exp $
+.\" $OpenBSD: X509_sign.3,v 1.10 2023/04/28 15:51:18 job Exp $
.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
.\"
.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: October 30 2021 $
+.Dd $Mdocdate: April 28 2023 $
.Dt X509_SIGN 3
.Os
.Sh NAME
is used where the default parameters for the corresponding public key
and digest are not suitable.
It can be used to sign keys using RSA-PSS for example.
-.Pp
-For efficiency reasons and to work around ASN.1 encoding issues, the
-encoding of the signed portion of a certificate, certificate request,
-and CRL is cached internally.
-If the signed portion of the structure is modified, the encoding is not
-always updated, meaning a stale version is sometimes used.
-This is not normally a problem because modifying the signed portion will
-invalidate the signature and signing will always update the encoding.
.Sh RETURN VALUES
.Fn X509_sign ,
.Fn X509_sign_ctx ,
projects / openbsd / commitdiff