From: job Date: Fri, 28 Apr 2023 15:51:18 +0000 (+0000) Subject: Remove misinformation, reason had nothing to do with efficiency X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=a89c92aabf3aee79cecc85cf1d9c77b1b3c50094;p=openbsd Remove misinformation, reason had nothing to do with efficiency "Failure to re-encode on modification is a bug not a feature." OK jsing@ --- diff --git a/lib/libcrypto/man/ASN1_item_d2i.3 b/lib/libcrypto/man/ASN1_item_d2i.3 index 1e86d0b5c64..a95950d7499 100644 --- a/lib/libcrypto/man/ASN1_item_d2i.3 +++ b/lib/libcrypto/man/ASN1_item_d2i.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_item_d2i.3,v 1.16 2022/04/27 08:06:37 tb Exp $ +.\" $OpenBSD: ASN1_item_d2i.3,v 1.17 2023/04/28 15:51:18 job Exp $ .\" selective merge up to: .\" OpenSSL doc/man3/d2i_X509.pod 256989ce Jun 19 15:00:32 2020 +0200 .\" @@ -66,7 +66,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: April 27 2022 $ +.Dd $Mdocdate: April 28 2023 $ .Dt ASN1_ITEM_D2I 3 .Os .Sh NAME @@ -508,8 +508,3 @@ some fields may be missing entirely, such that trying to parse it with .Fn ASN1_item_d2i may fail. -.Pp -Any function which encodes an object may return a stale encoding -if the object has been modified after deserialization or previous -serialization. -This is because some objects cache the encoding for efficiency reasons. diff --git a/lib/libcrypto/man/X509_sign.3 b/lib/libcrypto/man/X509_sign.3 index eb69874cdce..52890207fb3 100644 --- a/lib/libcrypto/man/X509_sign.3 +++ b/lib/libcrypto/man/X509_sign.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: X509_sign.3,v 1.9 2021/10/30 16:20:35 schwarze Exp $ +.\" $OpenBSD: X509_sign.3,v 1.10 2023/04/28 15:51:18 job Exp $ .\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100 .\" .\" This file was written by Dr. Stephen Henson . @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: October 30 2021 $ +.Dd $Mdocdate: April 28 2023 $ .Dt X509_SIGN 3 .Os .Sh NAME @@ -159,14 +159,6 @@ callback function instead of performing the default action. is used where the default parameters for the corresponding public key and digest are not suitable. It can be used to sign keys using RSA-PSS for example. -.Pp -For efficiency reasons and to work around ASN.1 encoding issues, the -encoding of the signed portion of a certificate, certificate request, -and CRL is cached internally. -If the signed portion of the structure is modified, the encoding is not -always updated, meaning a stale version is sometimes used. -This is not normally a problem because modifying the signed portion will -invalidate the signature and signing will always update the encoding. .Sh RETURN VALUES .Fn X509_sign , .Fn X509_sign_ctx ,