1 files changed, 5 insertions, 12 deletions

diff --git a/src/include/openssl/pkcs7.h b/src/include/openssl/pkcs7.h
index 77e13d7c..8f2a8859 100644
--- a/src/include/openssl/pkcs7.h
+++ b/src/include/openssl/pkcs7.h
@@ -200,22 +200,15 @@ OPENSSL_EXPORT int PKCS7_type_is_signedAndEnveloped(const PKCS7 *p7);
 #define PKCS7_STREAM 0x1000
 #define PKCS7_PARTIAL 0x4000
 
-// PKCS7_sign can operate in two modes to provide some backwards compatibility:
-//
-// The first mode assembles |certs| into a PKCS#7 signed data ContentInfo with
+// PKCS7_sign assembles |certs| into a PKCS#7 signed data ContentInfo with
 // external data and no signatures. It returns a newly-allocated |PKCS7| on
 // success or NULL on error. |sign_cert| and |pkey| must be NULL. |data| is
-// ignored. |flags| must be equal to |PKCS7_DETACHED|. Additionally,
-// certificates in SignedData structures are unordered. The order of |certs|
-// will not be preserved.
-//
-// The second mode generates a detached RSA SHA-256 signature of |data| using
-// |pkey| and produces a PKCS#7 SignedData structure containing it. |certs|
-// must be NULL and |flags| must be exactly |PKCS7_NOATTR | PKCS7_BINARY |
-// PKCS7_NOCERTS | PKCS7_DETACHED|.
+// ignored. |flags| must be equal to |PKCS7_DETACHED|.
 //
 // Note this function only implements a subset of the corresponding OpenSSL
-// function. It is provided for backwards compatibility only.
+// function. It is provided for backwards compatibility only. Additionally,
+// certificates in SignedData structures are unordered. The order of |certs|
+// will not be preserved.
 OPENSSL_EXPORT PKCS7 *PKCS7_sign(X509 *sign_cert, EVP_PKEY *pkey,
                                  STACK_OF(X509) *certs, BIO *data, int flags);