1 files changed, 2 insertions, 10 deletions
diff --git a/src/lib/libcrypto/man/X509_sign.3 b/src/lib/libcrypto/man/X509_sign.3
index eb69874cdc..52890207fb 100644
--- a/src/lib/libcrypto/man/X509_sign.3
+++ b/src/lib/libcrypto/man/X509_sign.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: X509_sign.3,v 1.9 2021/10/30 16:20:35 schwarze Exp $
+.\" $OpenBSD: X509_sign.3,v 1.10 2023/04/28 15:51:18 job Exp $
 .\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: October 30 2021 $
+.Dd $Mdocdate: April 28 2023 $
 .Dt X509_SIGN 3
 .Os
 .Sh NAME
@@ -159,14 +159,6 @@ callback function instead of performing the default action.
 is used where the default parameters for the corresponding public key
 and digest are not suitable.
 It can be used to sign keys using RSA-PSS for example.
-.Pp
-For efficiency reasons and to work around ASN.1 encoding issues, the
-encoding of the signed portion of a certificate, certificate request,
-and CRL is cached internally.
-If the signed portion of the structure is modified, the encoding is not
-always updated, meaning a stale version is sometimes used.
-This is not normally a problem because modifying the signed portion will
-invalidate the signature and signing will always update the encoding.
 .Sh RETURN VALUES
 .Fn X509_sign ,
 .Fn X509_sign_ctx ,

diff --git a/src/lib/libcrypto/man/X509_sign.3 b/src/lib/libcrypto/man/X509_sign.3 index eb69874cdc..52890207fb 100644 --- a/src/lib/libcrypto/man/X509_sign.3 +++ b/src/lib/libcrypto/man/X509_sign.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: X509_sign.3,v 1.9 2021/10/30 16:20:35 schwarze Exp $	1	.\" $OpenBSD: X509_sign.3,v 1.10 2023/04/28 15:51:18 job Exp $
2	.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100	2	.\" full merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
3	.\"	3	.\"
4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.	4	.\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: October 30 2021 $	51	.Dd $Mdocdate: April 28 2023 $
52	.Dt X509_SIGN 3	52	.Dt X509_SIGN 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -159,14 +159,6 @@ callback function instead of performing the default action.
159	is used where the default parameters for the corresponding public key	159	is used where the default parameters for the corresponding public key
160	and digest are not suitable.	160	and digest are not suitable.
161	It can be used to sign keys using RSA-PSS for example.	161	It can be used to sign keys using RSA-PSS for example.
162	.Pp
163	For efficiency reasons and to work around ASN.1 encoding issues, the
164	encoding of the signed portion of a certificate, certificate request,
165	and CRL is cached internally.
166	If the signed portion of the structure is modified, the encoding is not
167	always updated, meaning a stale version is sometimes used.
168	This is not normally a problem because modifying the signed portion will
169	invalidate the signature and signing will always update the encoding.
170	.Sh RETURN VALUES	162	.Sh RETURN VALUES
171	.Fn X509_sign ,	163	.Fn X509_sign ,
172	.Fn X509_sign_ctx ,	164	.Fn X509_sign_ctx ,