✨ Feature request: OpenPGP encryption support #1
Comments
|
Thank you for the suggestion. At the moment I am writing a mail server in Rust so I won't be able to work on adding PGP right away. However, OpenPGP is a feature that I was definitely planning to add to the library (and also the server) so I'll keep this issue open. Hopefully I'll be able to work on this in the next few weeks. |
|
I think I can help! I have a project that allows users to compile MML-based email templates into MIME Messages using your awesome The next task I am going to work on is to bring native PGP support using rPGP (instead of shell commands). I also plan to implement the autocrypt standard to simplify encryption/decryption process, which would allow us to use the syntax @spikecodes was proposing: // Build a encrypted text message with a single attachment
let message = MessageBuilder::new()
.from(("John Doe", "john@example.com"))
.to("jane@example.com")
.subject("Howdy!")
.text_body("These pretzels are making me thirsty.")
.binary_attachment("image/png", "pretzels.png", [1, 2, 3, 4].as_ref())
// we could also add encryption/signing with PGP shell commands:
// .pgp_encrypt_cmd(cmd)
.pgp_encrypt(pgp_key);Would you be interested in a PR? (In fact it could be one PR for |
|
Thanks for the help @soywod but to minimize duplicating efforts please let's discuss this again at the end of the year as I have plans to implement encryption at rest on the JMAP/IMAP servers and probably the JMAP for S/MIME draft (although S/MIME does not seem to be used by lots of people and Let's Encrypt does not even plan to support it). |
|
To minimize duplicating efforts please let's discuss this again at the
end of the year as I have plans to implement encryption at rest on the
JMAP/IMAP servers and probably the JMAP for S/MIME draft
The problem is that encryption is my last task on the nlnet planning, so
I have to implement sth now. Do you think we could discuss it now so we
could split tasks and avoid duplicated code? This way I could develop my
part now and keep your part for the end of the year.
|
|
Unfortunately this is a topic that I haven't researched much and I am a bit behind my nlnet deliverables to do that now. Probably it would be better to create a separate library for encrypting/decrypting emails rather than adding support to mail-builder/mail-parser. Would it make sense that you use rPGP for Himalaya and once I finish my nlnet part we see how we can integrate the code? None of my tasks involve encryption so there won't be any overlap. Adding encryption is something that I plan to do once I finish with all the nlnet deliverables. |
|
Would it make sense that you use rPGP for Himalaya and once I finish
my nlnet part we see how we can integrate the code?
Yes it makes sense, let's go for it. Let see at the end of the year how
we could put code in common.
|
Is it still sth you are interested in? Since our last discussion, I developed PGP operations based on native rPGP and on GPG lib. I would be glad to integrate it to your libs. |
|
Hi @soywod Yes, OpenPGP support would be nice to have. We just need to make sure that the license of those libraries is compatible with the MIT/Apache license of |
|
Also, regarding `rpgp`, I was using this library in Stalwart and had
to switch to `sequoia` (AGPL license) because the emails signed with
`rpgp` could not be opened in the latest versions of Thunderbird.
Let me try from my side, I will let you know.
Why this issue was opened on mail-send? I would say that mail-builder
for encrypting/signing and mail-parser for decrypting/verifying are
better candidates.
|
I think there was an open issue in the
I agree that it should be in |
|
Are you referencing this issue? rpgp/rpgp#184 (comment) |
Yes, that's the one. It looks like it's not a priority for them but it makes the crate unusable. At least not with Thunderbird. |
|
Here how I set up my tests: I generated 2 pair keys: one using GPG and one using
I encountered few issues, but it was not related to PGP directly: the encrypted part was encoded to base64 by your builder (I was able to force it to 7bit), and the ASCII-armored message was missing carriage returns. But overall it works! The difference with your previous implementation is that I manually select the key for encryption: https://git.sr.ht/~soywod/pimalaya/tree/master/item/pgp/src/encrypt.rs#L99 If I remember well, I took this from Delta Chat. I will quickly test signing, but should work as expected as well. Would you like me to propose PRs based on |
Can you try generating the keys with the latest Thunderbird and then encrypting the message using those keys? I think the problem was that Thunderbird was including certificates marked as "not for encryption" and rPGP was using them anyway.
Sure, but first we need to make sure that |
|
I generated a new key pair using Thunderbird, downloaded the pub key, uploaded it to key.openpgp.org then sent an encrypted message using Himalaya:
Is there any scenario you have in mind to test before opening PRs?
I can separate sync and not sync APIs in different modules, or use sth like https://docs.rs/maybe-async/latest/maybe_async/. |
|
I have issues with signing, not sure if it comes from rpgp or if it comes from the way I sign MIME parts. |
Ok I made it work, it was an issue with
EDIT: I also needed to select the right secret key for signing, see cd2b2. |
|
I am going to retest this then. |
|
I know this issue is not a priority, but I may be able to get funds for it. Could you try from your side in the nearest months so we can validate |
|
Hi @soywod Unfortunately I won't be able to re-test rPGP until next year due to previous commitments. In any case, if you tested this and the rPGP encrypted messages can be opened from the latest Thunderbird version then let's go ahead with rPGP. In any case, since sequoia is not an option, if there is a problem with the library we can try submitting a patch to the rPGP repo. |
|
Alright then, I will re-test once again and submit PR as soon as I get the funds. Should be end of this year. Thank you! |
Introduction
Hi! I love this project idea and really appreciate the dedication to modern security standards (such as DKIM support) as well as
mail-send's RFC compliance. The current feature set would serve as a fantastic base for a security-oriented Rust-written mail client if that is something Stalwart Labs would be interested in pursuing.The final component of
mail-sendthat would make it a serious security contender (in terms of client features) to the likes of ProtonMail and Tutanota would be support for OpenPGP, the open standard for email encryption.Proposal
Standards
mail-sendcould implement OpenPGP support by following these Internet Message Format standards:There are two strong libraries that have implemented RFC 4880: rpgp and sequoia.
*Comparison of OpenPGP vs. PGP/MIME and a table of major email client support for them
Implementation
The loading of a public PGP key could be done in a similar syntax to the implementation of DKIM in this crate:
^ I'm not very familiar with PGP so not sure if any other inputs besides the file path should be provided
Interested to hear your thoughts! Let me know if this issue would be better suited at
mail-builder.The text was updated successfully, but these errors were encountered: