starred/dkim-exchange-Pro

Fork 0

mirror of https://github.com/Pro/dkim-exchange.git synced 2026-04-25 08:55:52 +03:00

[GH-ISSUE #69] Private Key format support for PEM and DER #53

New issue

Closed

opened 2026-02-26 10:35:26 +03:00 by kerem · 10 comments

kerem commented

2026-02-26 10:35:26 +03:00

Owner

Originally created by @kingofdevil on GitHub (Nov 6, 2014).
Original GitHub issue: https://github.com/Pro/dkim-exchange/issues/69

Originally assigned to: @Pro on GitHub.

Exchange 2010 SP3, Exchange DKIM Signer v2.0.3.
dkim=fail

Signing a mail item according to DKIM failed with an exception. Check the logged exception for details.
System.Exception: CryptoProvider for domain cangdv.vn is null.
at Exchange.DkimSigner.DkimSigner.GetSignedDkimHeader(DomainElement domain, String unsignedDkimHeader, IEnumerable`1 canonicalizedHeaders) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigner.cs:line 480
at Exchange.DkimSigner.DkimSigner.CanSign(DomainElement domain, Stream inputStream) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigner.cs:line 209
at Exchange.DkimSigner.DkimSigningRoutingAgent.SignMailItem(MailItem mailItem) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigningRoutingAgent.cs:line 96
at Exchange.DkimSigner.DkimSigningRoutingAgent.WhenMessageCategorized(CategorizedMessageEventSource source, QueuedMessageEventArgs e) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigningRoutingAgent.cs:line 56

Originally created by @kingofdevil on GitHub (Nov 6, 2014). Original GitHub issue: https://github.com/Pro/dkim-exchange/issues/69 Originally assigned to: @Pro on GitHub. Exchange 2010 SP3, Exchange DKIM Signer v2.0.3. dkim=fail Signing a mail item according to DKIM failed with an exception. Check the logged exception for details. System.Exception: CryptoProvider for domain cangdv.vn is null. at Exchange.DkimSigner.DkimSigner.GetSignedDkimHeader(DomainElement domain, String unsignedDkimHeader, IEnumerable`1 canonicalizedHeaders) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigner.cs:line 480 at Exchange.DkimSigner.DkimSigner.CanSign(DomainElement domain, Stream inputStream) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigner.cs:line 209 at Exchange.DkimSigner.DkimSigningRoutingAgent.SignMailItem(MailItem mailItem) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigningRoutingAgent.cs:line 96 at Exchange.DkimSigner.DkimSigningRoutingAgent.WhenMessageCategorized(CategorizedMessageEventSource source, QueuedMessageEventArgs e) in c:\Users\Administrator\Desktop\dkim-exchange\Src\Exchange.DkimSigner\DkimSigningRoutingAgent.cs:line 56

kerem

2026-02-26 10:35:26 +03:00

closed this issue
added the
enhancement

agent
labels

kerem commented

2026-02-26 10:35:27 +03:00

Author

Owner

@AlexLaroche commented on GitHub (Nov 6, 2014):

The problem is that the agent can not find the RSA key for the domain "cangdv.vn".

The agent isn't suppose to try to sign the email in this case but this function isn't property implement. I think the bug have been introduce with a lot of changement in the code. :(

        /// <summary>
        /// Create the RSACryptoServiceProvider for the domain
        /// </summary>
        /// <param name="basePath">Path of the private key to open</param>
        /// <returns></returns>
        public bool initElement(string basePath)
        {
            string path;
            if (Path.IsPathRooted(PrivateKeyFile))
                path = @"keys\" + PrivateKeyFile;
            else
                path = Path.Combine(basePath, @"keys\" + PrivateKeyFile);

            if (!File.Exists(path))
            {
                throw new FileNotFoundException("PrivateKey for domain " + Domain + " not found: " + path);
            }

            try
            {
                string xmlkey = File.ReadAllText(path, Encoding.ASCII).Trim();
                cryptoProvider = new RSACryptoServiceProvider();
                cryptoProvider.FromXmlString(xmlkey);
            }
            catch(Exception) 
            {
            }

            return true;
        }

@AlexLaroche commented on GitHub (Nov 6, 2014): The problem is that the agent can not find the RSA key for the domain "cangdv.vn". The agent isn't suppose to try to sign the email in this case but this function isn't property implement. I think the bug have been introduce with a lot of changement in the code. :( ``` /// <summary> /// Create the RSACryptoServiceProvider for the domain /// </summary> /// <param name="basePath">Path of the private key to open</param> /// <returns></returns> public bool initElement(string basePath) { string path; if (Path.IsPathRooted(PrivateKeyFile)) path = @"keys\" + PrivateKeyFile; else path = Path.Combine(basePath, @"keys\" + PrivateKeyFile); if (!File.Exists(path)) { throw new FileNotFoundException("PrivateKey for domain " + Domain + " not found: " + path); } try { string xmlkey = File.ReadAllText(path, Encoding.ASCII).Trim(); cryptoProvider = new RSACryptoServiceProvider(); cryptoProvider.FromXmlString(xmlkey); } catch(Exception) { } return true; } ```

kerem commented

2026-02-26 10:35:27 +03:00

Author

Owner

@AlexLaroche commented on GitHub (Nov 6, 2014):

Correction : I think it's because the format of the key isn't in XML.

@AlexLaroche commented on GitHub (Nov 6, 2014): Correction : I think it's because the format of the key isn't in XML.

kerem commented

2026-02-26 10:35:27 +03:00

Author

Owner

@Pro commented on GitHub (Nov 6, 2014):

This looks indeed like an invalid private key format exception. We should add an aditional check after this line:
github.com/Pro/dkim-exchange@85cd031bc0/Src/Exchange.DkimSigner/Configuration/DomainElement.cs (L58)

@Pro commented on GitHub (Nov 6, 2014): This looks indeed like an invalid private key format exception. We should add an aditional check after this line: https://github.com/Pro/dkim-exchange/blob/85cd031bc03468d21ceaf15b7d33a4216d0fe31a/Src/Exchange.DkimSigner/Configuration/DomainElement.cs#L58

kerem commented

2026-02-26 10:35:28 +03:00

Author

Owner

@AlexLaroche commented on GitHub (Nov 7, 2014):

I think we get a exception but we don't manage the exception at the moment.
It should be fix now with my last commit.

@AlexLaroche commented on GitHub (Nov 7, 2014): I think we get a exception but we don't manage the exception at the moment. It should be fix now with my last commit.

kerem commented

2026-02-26 10:35:28 +03:00

Author

Owner

@kingofdevil commented on GitHub (Nov 7, 2014):

Thanks @AlexLaroche,
My domain cangdinhvu.vn, i change log file becase i not want public my domain, sorry :p
Thanks @Pro
I have uninstall and delete C:\Program Files\Exchange DkimSigner folder, and reinstall Exchange DkimSigner. This fixed the problem :)

@kingofdevil commented on GitHub (Nov 7, 2014): Thanks @AlexLaroche, My domain cangdinhvu.vn, i change log file becase i not want public my domain, sorry :p Thanks @Pro I have uninstall and delete C:\Program Files\Exchange DkimSigner folder, and reinstall Exchange DkimSigner. This fixed the problem :)

kerem commented

2026-02-26 10:35:28 +03:00

Author

Owner

@AlexLaroche commented on GitHub (Nov 7, 2014):

Good! :)

@AlexLaroche commented on GitHub (Nov 7, 2014): Good! :)

kerem commented

2026-02-26 10:35:28 +03:00

Author

Owner

@AlexLaroche commented on GitHub (Nov 7, 2014):

Agent only support XML. DkimSigner configuration tool should convert the DER and PEM format key to XML.

@AlexLaroche commented on GitHub (Nov 7, 2014): Agent only support XML. DkimSigner configuration tool should convert the DER and PEM format key to XML.

kerem commented

2026-02-26 10:35:28 +03:00

Author

Owner

@Pro commented on GitHub (Nov 12, 2014):

@AlexLaroche: We should implement a function that also can handle PEM and DER encoded RSA keys here:
https://github.com/Pro/dkim-exchange/blob/master/Src/Exchange.DkimSigner/Configuration/DomainElement.cs#L56

It should still be possible to manually define a RSA key within the config file with a text editor. Thus the functionality within the configuration tool to convert to XML isn't really needed.
The https://github.com/Pro/dkim-exchange/blob/master/Src/Configuration.DkimSigner/RSA/RSACryptoHelper.cs class already contains the required functionality to convert PEM/DER to the RSACryptoServiceProvider format (and thus XML format)

@Pro commented on GitHub (Nov 12, 2014): @AlexLaroche: We should implement a function that also can handle PEM and DER encoded RSA keys here: https://github.com/Pro/dkim-exchange/blob/master/Src/Exchange.DkimSigner/Configuration/DomainElement.cs#L56 It should still be possible to manually define a RSA key within the config file with a text editor. Thus the functionality within the configuration tool to convert to XML isn't really needed. The https://github.com/Pro/dkim-exchange/blob/master/Src/Configuration.DkimSigner/RSA/RSACryptoHelper.cs class already contains the required functionality to convert PEM/DER to the RSACryptoServiceProvider format (and thus XML format)

kerem commented

2026-02-26 10:35:28 +03:00

Author

Owner

@AlexLaroche commented on GitHub (Nov 13, 2014):

@Pro: I let you make the change as you want. I reassign this issue that to you.

@AlexLaroche commented on GitHub (Nov 13, 2014): @Pro: I let you make the change as you want. I reassign this issue that to you.

kerem commented

2026-02-26 10:35:28 +03:00

Author

Owner

@Pro commented on GitHub (Nov 27, 2014):

Added in Version 2.1.0

@Pro commented on GitHub (Nov 27, 2014): Added in Version 2.1.0