Introduce the crypto_backend API and provide support for... encrypted queue

using the new API. By default, OpenSMTPD does not provide queue encryption,
but it can be enabled with "queue encryption [args]" and will transparently
encrypt/decrypt envelopes/messages as they hit the queue.

By default, it will use Blowfish in CBC mode with a different random IV for
each envelope and message. User provided key is expanded using sha256 but a
different cipher and digest may be specified in smtpd.conf

Queue encryption is compatible with compression and if both options are set
it will do them in correct order and transparently.

tested by chl@, a few users and myself
ok chl@ and I

1 files changed, 13 insertions, 3 deletions

diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h
index 8fb63fade5e..7999aaf7228 100644
--- a/usr.sbin/smtpd/smtpd.h
+++ b/usr.sbin/smtpd/smtpd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtpd.h,v 1.340 2012/08/28 14:03:49 chl Exp $	*/
+/*	$OpenBSD: smtpd.h,v 1.341 2012/08/29 16:26:17 gilles Exp $	*/
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org>
@@ -585,8 +585,9 @@ struct smtpd {
 #define QUEUE_COMPRESS				 0x00000001
 #define QUEUE_ENCRYPT				 0x00000002
 	char					*sc_queue_compress_algo;
-	char					*sc_queue_encrypt_cipher;
-	char					*sc_queue_encrypt_key;
+	char					*sc_queue_crypto_cipher;
+	char					*sc_queue_crypto_digest;
+	char					*sc_queue_crypto_key;
 	struct timeval				 sc_qintval;
 	int					 sc_qexpire;
 	struct event				 sc_ev;
@@ -980,6 +981,15 @@ void session_socket_no_linger(int);
 int session_socket_error(int);
 
 
+/* crypto_backend.c */
+int	crypto_setup(uint8_t *, uint8_t *, uint8_t *);
+void	crypto_clear(void);
+int	crypto_encrypt_file(FILE *, FILE *);
+int	crypto_decrypt_file(FILE *, FILE *);
+size_t	crypto_encrypt_buffer(const char *, size_t, char *, size_t);
+size_t	crypto_decrypt_buffer(const char *, size_t, char *, size_t);
+
+
 /* delivery.c */
 struct delivery_backend *delivery_backend_lookup(enum action_type);