PGP -> OpenPGP

CHANGELOG.md

@@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file. This projec
 ## [0.3.3] - 2023-08-02
 
 ### Added
-- Encryption at rest with **S/MIME** and **PGP** support.
+- Encryption at rest with **S/MIME** or **OpenPGP**.
 - Support for referencing context variables from dynamic values.
 
 ### Changed

README.md

@@ -34,7 +34,7 @@ Key features:
   - Email aliases, mailing lists, subaddressing and catch-all addresses support.
   - Integration with **OpenTelemetry** to enable monitoring, tracing, and performance analysis.
 - **Secure**:
-  - Encryption at rest with **S/MIME** and **PGP** support.
+  - Encryption at rest with **S/MIME** or **OpenPGP**.
   - OAuth 2.0 [authorization code](https://www.rfc-editor.org/rfc/rfc8628) and [device authorization](https://www.rfc-editor.org/rfc/rfc8628) flows.
   - Access Control Lists (ACLs).
   - Rate limiting.

crates/jmap/src/email/crypto.rs

@@ -151,7 +151,7 @@ impl EncryptMessage for Message<'_> {
                 for cert in &params.certs {
                     keys.push(SignedPublicKey::from_bytes(&cert[..]).map_err(|err| {
                         EncryptMessageError::Error(format!(
-                            "Failed to parse PGP public key: {}",
+                            "Failed to parse OpenPGP public key: {}",
                             err
                         ))
                     })?);
@@ -430,13 +430,13 @@ fn try_parse_pem(bytes: &[u8]) -> Result<Option<(EncryptionMethod, Vec<Vec<u8>>)
         let tag = std::str::from_utf8(&buf).unwrap();
         if tag.contains("CERTIFICATE") {
             if method.map_or(false, |m| m == EncryptionMethod::PGP) {
-                return Err("Cannot mix PGP and S/MIME certificates".to_string());
+                return Err("Cannot mix OpenPGP and S/MIME certificates".to_string());
             } else {
                 method = Some(EncryptionMethod::SMIME);
             }
         } else if tag.contains("PGP") {
             if method.map_or(false, |m| m == EncryptionMethod::SMIME) {
-                return Err("Cannot mix PGP and S/MIME certificates".to_string());
+                return Err("Cannot mix OpenPGP and S/MIME certificates".to_string());
             } else {
                 method = Some(EncryptionMethod::PGP);
             }
@@ -481,7 +481,7 @@ fn try_parse_pem(bytes: &[u8]) -> Result<Option<(EncryptionMethod, Vec<Vec<u8>>)
         match method.unwrap() {
             EncryptionMethod::PGP => {
                 if let Err(err) = SignedPublicKey::from_bytes(&cert[..]) {
-                    return Err(format!("Failed to decode PGP public key: {}", err));
+                    return Err(format!("Failed to decode OpenPGP public key: {}", err));
                 }
             }
             EncryptionMethod::SMIME => {
@@ -670,7 +670,7 @@ impl JMAP {
 impl Display for EncryptionMethod {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {
-            EncryptionMethod::PGP => write!(f, "PGP"),
+            EncryptionMethod::PGP => write!(f, "OpenPGP"),
             EncryptionMethod::SMIME => write!(f, "S/MIME"),
         }
     }

resources/config/jmap.toml

@@ -36,6 +36,10 @@ timeout = "30s"
 [jmap]
 directory = "__DIRECTORY__"
 
+[jmap.encryption]
+enable = true
+append = false
+
 [jmap.session.cache]
 ttl = "1h"
 size = 100

resources/htx/crypto_disabled.htx

@@ -1 +1 @@
-<div class="illustration"><i class="icon ion-unlocked"></i></div><p class="auth"><b>Encryption at rest disabled</b><br /><br />Messages will now be stored in plain text on the server..</p>
+<div class="illustration"><i class="icon ion-unlocked"></i></div><p class="auth"><b>Encryption at rest disabled</b><br /><br />Messages will now be stored in plain text on the server.</p>

resources/htx/crypto_form.htx

@@ -1 +1 @@
-<div class="illustration"><i class="icon ion-unlocked"></i></div><p class="auth">Enable encryption at rest for your <b>Stalwart Mail Server</b> account</p><div class="form-group"><input class="form-control" type="text" name="email" placeholder="Login"></div><div class="form-group"><input class="form-control" type="password" name="password" placeholder="Password"></div><div class="form-group"><select class="form-control" id="encryption" name="encryption"><option value="pgp-256">PGP (AES256)</option><option value="pgp-128">PGP (AES128)</option><option value="smime-256">S/MIME (AES256-CBC)</option><option value="smime-128">S/MIME (AES128-CBC)</option><option value="disable">Disable Encryption</option></select></div><div class="form-group" id="certificate_div"><div class="fileUpload btn btn-secondary btn-block"><span>Select Certificate...</span><input type="file" id="certificate" name="certificate" class="upload"></div></div><div class="form-group"><button class="btn btn-primary btn-block" type="submit">Update</button></div><a class="auth" style="font-size:12px" href="about:blank">Cancel</a>
+<div class="illustration"><i class="icon ion-unlocked"></i></div><p class="auth">Enable encryption at rest for your <b>Stalwart Mail Server</b> account</p><div class="form-group"><input class="form-control" type="text" name="email" placeholder="Login"></div><div class="form-group"><input class="form-control" type="password" name="password" placeholder="Password"></div><div class="form-group"><select class="form-control" id="encryption" name="encryption"><option value="pgp-256">OpenPGP (AES256)</option><option value="pgp-128">OpenPGP (AES128)</option><option value="smime-256">S/MIME (AES256-CBC)</option><option value="smime-128">S/MIME (AES128-CBC)</option><option value="disable">Disable Encryption</option></select></div><div class="form-group" id="certificate_div"><div class="fileUpload btn btn-secondary btn-block"><span>Select Certificate...</span><input type="file" id="certificate" name="certificate" class="upload"></div></div><div class="form-group"><button class="btn btn-primary btn-block" type="submit">Update</button></div><a class="auth" style="font-size:12px" href="about:blank">Cancel</a>