diff --git a/CHANGELOG.md b/CHANGELOG.md index 723ee4c9b..6fe04174a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,7 @@ All notable changes to this project will be documented in this file. This projec ## [0.3.3] - 2023-08-02 ### Added -- Encryption at rest with **S/MIME** and **PGP** support. +- Encryption at rest with **S/MIME** or **OpenPGP**. - Support for referencing context variables from dynamic values. ### Changed diff --git a/README.md b/README.md index 9495bacda..04bc99853 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,7 @@ Key features: - Email aliases, mailing lists, subaddressing and catch-all addresses support. - Integration with **OpenTelemetry** to enable monitoring, tracing, and performance analysis. - **Secure**: - - Encryption at rest with **S/MIME** and **PGP** support. + - Encryption at rest with **S/MIME** or **OpenPGP**. - OAuth 2.0 [authorization code](https://www.rfc-editor.org/rfc/rfc8628) and [device authorization](https://www.rfc-editor.org/rfc/rfc8628) flows. - Access Control Lists (ACLs). - Rate limiting. diff --git a/crates/jmap/src/email/crypto.rs b/crates/jmap/src/email/crypto.rs index 489687579..0c102a9c8 100644 --- a/crates/jmap/src/email/crypto.rs +++ b/crates/jmap/src/email/crypto.rs @@ -151,7 +151,7 @@ impl EncryptMessage for Message<'_> { for cert in ¶ms.certs { keys.push(SignedPublicKey::from_bytes(&cert[..]).map_err(|err| { EncryptMessageError::Error(format!( - "Failed to parse PGP public key: {}", + "Failed to parse OpenPGP public key: {}", err )) })?); @@ -430,13 +430,13 @@ fn try_parse_pem(bytes: &[u8]) -> Result>) let tag = std::str::from_utf8(&buf).unwrap(); if tag.contains("CERTIFICATE") { if method.map_or(false, |m| m == EncryptionMethod::PGP) { - return Err("Cannot mix PGP and S/MIME certificates".to_string()); + return Err("Cannot mix OpenPGP and S/MIME certificates".to_string()); } else { method = Some(EncryptionMethod::SMIME); } } else if tag.contains("PGP") { if method.map_or(false, |m| m == EncryptionMethod::SMIME) { - return Err("Cannot mix PGP and S/MIME certificates".to_string()); + return Err("Cannot mix OpenPGP and S/MIME certificates".to_string()); } else { method = Some(EncryptionMethod::PGP); } @@ -481,7 +481,7 @@ fn try_parse_pem(bytes: &[u8]) -> Result>) match method.unwrap() { EncryptionMethod::PGP => { if let Err(err) = SignedPublicKey::from_bytes(&cert[..]) { - return Err(format!("Failed to decode PGP public key: {}", err)); + return Err(format!("Failed to decode OpenPGP public key: {}", err)); } } EncryptionMethod::SMIME => { @@ -670,7 +670,7 @@ impl JMAP { impl Display for EncryptionMethod { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { match self { - EncryptionMethod::PGP => write!(f, "PGP"), + EncryptionMethod::PGP => write!(f, "OpenPGP"), EncryptionMethod::SMIME => write!(f, "S/MIME"), } } diff --git a/resources/config/jmap.toml b/resources/config/jmap.toml index 7a8abf8e1..6ee03c5de 100644 --- a/resources/config/jmap.toml +++ b/resources/config/jmap.toml @@ -36,6 +36,10 @@ timeout = "30s" [jmap] directory = "__DIRECTORY__" +[jmap.encryption] +enable = true +append = false + [jmap.session.cache] ttl = "1h" size = 100 diff --git a/resources/htx/crypto_disabled.htx b/resources/htx/crypto_disabled.htx index b102ca37e..a93de38a6 100644 --- a/resources/htx/crypto_disabled.htx +++ b/resources/htx/crypto_disabled.htx @@ -1 +1 @@ -

Encryption at rest disabled

Messages will now be stored in plain text on the server..

\ No newline at end of file +

Encryption at rest disabled

Messages will now be stored in plain text on the server.

\ No newline at end of file diff --git a/resources/htx/crypto_form.htx b/resources/htx/crypto_form.htx index a6c148471..f5b0524d6 100644 --- a/resources/htx/crypto_form.htx +++ b/resources/htx/crypto_form.htx @@ -1 +1 @@ -

Enable encryption at rest for your Stalwart Mail Server account

Select Certificate...
Cancel \ No newline at end of file +

Enable encryption at rest for your Stalwart Mail Server account

Select Certificate...
Cancel \ No newline at end of file