1 files changed, 0 insertions, 251 deletions

diff --git a/src/lib/libcrypto/man/PKCS7_sign.3 b/src/lib/libcrypto/man/PKCS7_sign.3
deleted file mode 100644
index 37257e60fd..0000000000
--- a/src/lib/libcrypto/man/PKCS7_sign.3
+++ /dev/null
@@ -1,251 +0,0 @@
-.\" $OpenBSD: PKCS7_sign.3,v 1.13 2020/06/10 11:43:08 schwarze Exp $
-.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
-.\"
-.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
-.\" Copyright (c) 2002, 2003, 2006-2009, 2015 The OpenSSL Project.
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: June 10 2020 $
-.Dt PKCS7_SIGN 3
-.Os
-.Sh NAME
-.Nm PKCS7_sign
-.Nd create a PKCS#7 signedData structure
-.Sh SYNOPSIS
-.In openssl/pkcs7.h
-.Ft PKCS7 *
-.Fo PKCS7_sign
-.Fa "X509 *signcert"
-.Fa "EVP_PKEY *pkey"
-.Fa "STACK_OF(X509) *certs"
-.Fa "BIO *data"
-.Fa "int flags"
-.Fc
-.Sh DESCRIPTION
-.Fn PKCS7_sign
-creates and returns a PKCS#7 signedData structure.
-.Fa signcert
-is the certificate to sign with,
-.Fa pkey
-is the corresponding private key.
-.Fa certs
-is an optional additional set of certificates to include in the PKCS#7
-structure (for example any intermediate CAs in the chain).
-.Pp
-The data to be signed is read from
-.Vt BIO
-.Fa data .
-.Pp
-.Fa flags
-is an optional set of flags.
-.Pp
-Any of the following flags (OR'ed together) can be passed in the
-.Fa flags
-parameter.
-.Pp
-Many S/MIME clients expect the signed content to include valid MIME
-headers.
-If the
-.Dv PKCS7_TEXT
-flag is set, MIME headers for type
-.Sy text/plain
-are prepended to the data.
-.Pp
-If
-.Dv PKCS7_NOCERTS
-is set, the signer's certificate will not be included in the PKCS7
-structure, though the signer's certificate must still be supplied in the
-.Fa signcert
-parameter.
-This can reduce the size of the signature if the signer's certificate can
-be obtained by other means: for example a previously signed message.
-.Pp
-The data being signed is included in the
-.Vt PKCS7
-structure, unless
-.Dv PKCS7_DETACHED
-is set, in which case it is omitted.
-This is used for PKCS7 detached signatures which are used in S/MIME
-plaintext signed messages for example.
-.Pp
-Normally the supplied content is translated into MIME canonical format
-(as required by the S/MIME specifications).
-If
-.Dv PKCS7_BINARY
-is set, no translation occurs.
-This option should be used if the supplied data is in binary format;
-otherwise, the translation will corrupt it.
-.Pp
-The signedData structure includes several PKCS#7 authenticatedAttributes
-including the signing time, the PKCS#7 content type and the supported
-list of ciphers in an SMIMECapabilities attribute.
-If
-.Dv PKCS7_NOATTR
-is set, then no authenticatedAttributes will be used.
-If
-.Dv PKCS7_NOSMIMECAP
-is set, then just the SMIMECapabilities are omitted.
-.Pp
-If present, the SMIMECapabilities attribute indicates support for the
-following algorithms: triple DES, 128-bit RC2, 64-bit RC2, DES
-and 40-bit RC2.
-If any of these algorithms is disabled then it will not be included.
-.Pp
-If the flags
-.Dv PKCS7_STREAM
-is set, then the returned
-.Vt PKCS7
-structure is just initialized ready to perform the signing operation.
-The signing is however
-.Sy not
-performed and the data to be signed is not read from the
-.Fa data
-parameter.
-Signing is deferred until after the data has been written.
-In this way data can be signed in a single pass.
-.Pp
-If the
-.Dv PKCS7_PARTIAL
-flag is set, a partial
-.Vt PKCS7
-structure is output to which additional signers and capabilities can be
-added before finalization.
-.Pp
-If the flag
-.Dv PKCS7_STREAM
-is set, the returned
-.Vt PKCS7
-structure is
-.Sy not
-complete and outputting its contents via a function that does not
-properly finalize the
-.Vt PKCS7
-structure will give unpredictable results.
-.Pp
-Several functions including
-.Xr PKCS7_final 3 ,
-.Xr SMIME_write_PKCS7 3 ,
-.Xr PEM_write_bio_PKCS7_stream 3 ,
-and
-.Xr i2d_PKCS7_bio_stream 3
-finalize the structure.
-Alternatively finalization can be performed by obtaining the streaming
-ASN.1
-.Vt BIO
-directly using
-.Fn BIO_new_PKCS7 .
-.Pp
-If a signer is specified, it will use the default digest for the
-signing algorithm.
-This is
-.Sy SHA1
-for both RSA and DSA keys.
-.Pp
-In OpenSSL 1.0.0, the
-.Fa certs ,
-.Fa signcert ,
-and
-.Fa pkey
-parameters can all be
-.Dv NULL
-if the
-.Dv PKCS7_PARTIAL
-flag is set.
-One or more signers can be added using the function
-.Xr PKCS7_sign_add_signer 3
-and attributes can be added using the functions described in
-.Xr PKCS7_add_attribute 3 .
-.Xr PKCS7_final 3
-must also be called to finalize the structure if streaming is not
-enabled.
-Alternative signing digests can also be specified using this method.
-.Pp
-In OpenSSL 1.0.0, if
-.Fa signcert
-and
-.Fa pkey
-are
-.Dv NULL ,
-then a certificate-only PKCS#7 structure is output.
-.Pp
-In versions of OpenSSL before 1.0.0 the
-.Fa signcert
-and
-.Fa pkey
-parameters must
-.Sy NOT
-be
-.Dv NULL .
-.Sh RETURN VALUES
-.Fn PKCS7_sign
-returns either a valid
-.Vt PKCS7
-structure or
-.Dv NULL
-if an error occurred.
-The error can be obtained from
-.Xr ERR_get_error 3 .
-.Sh SEE ALSO
-.Xr PKCS7_add_attribute 3 ,
-.Xr PKCS7_encrypt 3 ,
-.Xr PKCS7_final 3 ,
-.Xr PKCS7_get_signer_info 3 ,
-.Xr PKCS7_new 3 ,
-.Xr PKCS7_sign_add_signer 3 ,
-.Xr PKCS7_verify 3
-.Sh HISTORY
-.Fn PKCS7_sign
-first appeared in OpenSSL 0.9.5 and have been available since
-.Ox 2.7 .
-.Pp
-The
-.Dv PKCS7_PARTIAL
-and
-.Dv PKCS7_STREAM
-flags were added in OpenSSL 1.0.0.
-.Sh BUGS
-Some advanced attributes such as counter signatures are not supported.