Single pass processing to cleartext S/MIME signing.

 Changes between 0.9.7a and 0.9.8  [xx XXX xxxx]

  *) Support for single pass processing for S/MIME signing. This now

     means that S/MIME signing can be done from a pipe, in addition

     cleartext signing (multipart/signed type) is effectively streaming

     and the signed data does not need to be all held in memory.

     This is done with a new flag PKCS7_PARTSIGN. When this flag is set

     PKCS7_sign() only initializes the PKCS7 structure and the actual signing

     is done after the data is output (and digests calculated) in

     SMIME_write_PKCS7().

     [Steve Henson]

  *) Add full support for -rpath/-R, both in shared libraries and

     applications, at least on the platforms where it's known how

     to do it.

/* smime.c */

/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL

 * project 1999.

 * project.

 */

/* ====================================================================

 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

	if(operation == SMIME_ENCRYPT) {

		p7 = PKCS7_encrypt(encerts, in, cipher, flags);

	} else if(operation == SMIME_SIGN) {

		/* If detached data and SMIME output enable partial

		 * signing.

		 */

		if ((flags & PKCS7_DETACHED) && (outformat == FORMAT_SMIME))

			flags |= PKCS7_PARTSIGN;

		p7 = PKCS7_sign(signer, key, other, in, flags);

		if (BIO_reset(in) != 0 && (flags & PKCS7_DETACHED)) {

		/* Don't need to rewind for partial signing */

		if (!(flags & PKCS7_PARTSIGN) && (BIO_reset(in) != 0)) {

		  BIO_printf(bio_err, "Can't rewind input file\n");

		  goto end;

		}

/* pk7_mime.c */

/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL

 * project 1999.

 * project.

 */

/* ====================================================================

 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

DECLARE_STACK_OF(MIME_HEADER)

IMPLEMENT_STACK_OF(MIME_HEADER)

static int pkcs7_output_data(BIO *bio, BIO *data, PKCS7 *p7, int flags);

static int B64_write_PKCS7(BIO *bio, PKCS7 *p7);

static PKCS7 *B64_read_PKCS7(BIO *bio);

static char * strip_ends(char *name);

int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)

{

	char linebuf[MAX_SMLEN];

	char bound[33], c;

	int i;

	if((flags & PKCS7_DETACHED) && data) {

		BIO_printf(bio, "This is an S/MIME signed message\n\n");

		/* Now write out the first part */

		BIO_printf(bio, "------%s\r\n", bound);

		if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n");

		while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0) 

						BIO_write(bio, linebuf, i);

		pkcs7_output_data(bio, data, p7, flags);

		BIO_printf(bio, "\n------%s\n", bound);

		/* Headers for signature */

	return 1;

}

/* Handle output of PKCS#7 data */

static int pkcs7_output_data(BIO *out, BIO *data, PKCS7 *p7, int flags)

	{

	BIO *tmpbio, *p7bio;

	if (!(flags & PKCS7_PARTSIGN))

		{

		SMIME_crlf_copy(data, out, flags);

		return 1;

		}

	/* Partial sign operation */

	/* Initialize sign operation */

	p7bio = PKCS7_dataInit(p7, out);

	/* Copy data across, computing digests etc */

	SMIME_crlf_copy(data, p7bio, flags);

	/* Must be detached */

	PKCS7_set_detached(p7, 1);

	/* Finalize signatures */

	PKCS7_dataFinal(p7, p7bio);

	/* Now remove any digests from output BIO */

	while (1)

		{

		tmpbio = BIO_pop(p7bio);

		if (tmpbio == out)

			break;

		BIO_free(tmpbio);

		}

	return 1;

	}

/* SMIME reader: handle multipart/signed and opaque signing.

 * in multipart case the content is placed in a memory BIO

 * pointed to by "bcont". In opaque this is set to NULL

						BIO_write(out, linebuf, len);

		return 1;

	}

	if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n");

	if(flags & PKCS7_TEXT)

		BIO_printf(out, "Content-Type: text/plain\r\n\r\n");

	while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {

		eol = 0;

		while(iscrlf(linebuf[len - 1])) {

/* pk7_smime.c */

/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL

 * project 1999.

 * project.

 */

/* ====================================================================

 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

			PKCS7_add_certificate(p7, sk_X509_value(certs, i));

	}

	if(!(p7bio = PKCS7_dataInit(p7, NULL))) {

		PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);

		return NULL;

	}

	SMIME_crlf_copy(data, p7bio, flags);

	if(!(flags & PKCS7_NOATTR)) {

		PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,

				V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data));

		}

	}

	if (flags & PKCS7_PARTSIGN)

		return p7;

	if (!(p7bio = PKCS7_dataInit(p7, NULL))) {

		PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);

		return NULL;

	}

	SMIME_crlf_copy(data, p7bio, flags);

	if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1);

        if (!PKCS7_dataFinal(p7,p7bio)) {

#define PKCS7_BINARY		0x80

#define PKCS7_NOATTR		0x100

#define	PKCS7_NOSMIMECAP	0x200

#define	PKCS7_PARTSIGN		0x400

/* Flags: for compatibility with older code */