Facing issue while dkim signing

kindhearted-deer · May 24, 2024, 12:11pm

The DKIM key can be either saved as a variable or provided statically. However, this approach is not working and is showing the following error. The Lua code is attached below:

2024-05-24T11:59:51.996058Z ERROR localset-0 run{socket=PollEvented { io: Some(TcpStream { addr: 146.0.229.98:587, peer: 146.0.229.98:52722, fd: 63 }) }}: kumod::smtp_server: Error in SmtpServer: callback error May 24 07:59:51 domain kumod[516873]: stack traceback: May 24 07:59:51 domain kumod[516873]: [C]: in local 'poll' May 24 07:59:51 domain kumod[516873]: [string "?"]:5: in field 'rsa_sha256_signer' May 24 07:59:51 domain kumod[516873]: [string "/opt/kumomta/etc/policy/init.lua"]:78: in function <[string "/opt/kumomta/etc/policy/init.lua"]:77> May 24 07:59:51 domain kumod[516873]: caused by: Data { key_data: "-----BEGIN RSA PRIVATE KEY----...." }: failed to load private key: openssl private_key_from_pem: error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: ANY PRIVATE KEY. openssl private_key_from_der: error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:crypto/asn1/asn1_lib.c:91:, error:0D068066:asn1 encoding routines:asn1_check_tlen:bad object header:crypto/asn1/tasn_dec.c:1137:, error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:309:Type=RSAPrivateKey. from_pkcs1_der: PKCS#8 ASN.1 error: unknown/unsupported ASN.1 DER tag: 0x2d. from_pkcs8_der: PKCS#8 ASN.1 error: unknown/unsupported ASN.1 DER tag: 0x2d. from_pkcs1_pem: PKCS#1 ASN.1 error: PEM error: PEM type label invalid. from_pkcs8_pem: PKCS#8 ASN.1 error: PEM error: PEM type label invalid

`

inclusive-eagle · May 24, 2024, 12:11pm

Hey there @kindhearted-deer, while we would like to respond to every question raised here, the frequency and nature of your questions are far beyond what we at Kumo Corp can support without financial support from your organization.

You may continue to ask questions in the hope that someone from the broader community will help, but you should expect that Kumo Corp will not spend any time beyond a cursory glance to see if your questions are well-qualified and can be easily dealt with.

kindhearted-deer · May 24, 2024, 12:11pm

**Below code is used for dkim signing **
` kumo.on(‘smtp_server_message_received’, function(msg)
local signer = kumo.dkim.rsa_sha256_signer {
domain = ‘domain.com’,
selector = ‘mc’,
headers = { ‘From’, ‘To’, ‘Subject’, ‘MIME-Version’, ‘Content-Type’, ‘Sender’ },
key = {
key_data = ‘-----BEGIN RSA PRIVATE KEY----…’,
},
}
msg:dkim_sign(signer)
end)

kindhearted-deer · May 24, 2024, 12:20pm

Adding like below format

`kumo.on(‘smtp_server_message_received’, function(msg)
local signer = kumo.dkim.rsa_sha256_signer {
domain = ‘domain.com’,
selector = ‘mc’,
headers = { ‘From’, ‘To’, ‘Subject’, ‘MIME-Version’, ‘Content-Type’, ‘Sender’ },
key = {
key_data = '-----BEGIN RSA PRIVATE KEY-----
MIICXwIBAAKBgQDvWcNuTJ+F94xlGBCv76E/TsDokBcR+RLO47VmI1MyHJcj30bR
mwUfmBmGnoizAFsRGQQXPHIlYxIZXOtYhzebxnXPx/Gw5FTVYhezpC5duCracpbb
jKZQcp2atx374uNw74SDEHB/2WcDSKVnolECQQD1c+oI4d+zMtDKn1S/oWYOpjCP
QwlyTD4B3XnZaRmwzDKcXFf4wxom+IkRZfQLOs/SLEusML3iicL2TJp6BDRTAkEA

                       Si1JTavbF0Wi5zilQOdiIQJBAKsIJEZm1aivvwaGCV7egAfSxTyaPbsHxljx4T01
                       HGIhSylOheJzHd1ZbWYNIv7Kx4FZ/AeF2rnn+6DZjx/6+/w=
                       -----END RSA PRIVATE KEY-----',
                         },
    }
    msg:dkim_sign(signer)

end)
`
**showing below error **

May 24 08:16:36 domain kumod[520533]: Error: set_policy_path to "/opt/kumomta/etc/policy/init.lua" May 24 08:16:36 domain kumod[520533]: Caused by: May 24 08:16:36 domain kumod[520533]: syntax error: [string "/opt/kumomta/etc/policy/init.lua"]:84: unfinished string near ''-----BEGIN RSA PRIVATE KEY-----' May 24 08:16:36 domain systemd[1]: kumomta.service: Main process exited, code=exited, status=1/FAILURE May 24 08:16:36 domain systemd[1]: kumomta.service: Failed with result 'exit-code'. May 24 08:16:36 domain systemd[1]: Stopped KumoMTA SMTP service. May 24 08:16:36 domain systemd[1]: Started KumoMTA SMTP service.

tom · May 24, 2024, 3:45pm

^^ Hopefully that is not your actual Private key there

tom · May 24, 2024, 3:48pm

My guess is that you have line feeds in your keysource

kindhearted-deer · May 27, 2024, 12:20pm

May 27 08:17:08 domain.com kumod[1397711]: caused by: Data { key_data: “-----BEGIN RSA PRIVATE KEY-----MIICXwIBAAKBgQDvWcNuTJ+F94xlGBCv76E/TsDokBcR+RLO47VmI1MyHJcj30bRmwUfmBmGnoizAFsRGQQXPHIlYxIZXOtYhzebxnXPx/Gw5FTVYhezpC5duCracpbbehl+7CVuc3LtXROb6EJSplaPS0H2BE+e9VVUlvdhGvdPwOTowArMj1GGewIDAQABAoGBAO51osQoKKJiwAgUEsQF3MNi5cSNkb6BRODEcnyA4ylA3L+LelXnuRICCiRZm92ilBgTsUSpHxvqeSS1s29uv9FQbHAFZ0pubwn0ueIu1BVT1oW9Tf1BIAPHgT9+TQoXdNZ200haxxZw/qfmkbq6n3wHUWbjV4pQFHiQxHgmxhyhAkEA/QkkmGiSb/Lv0mJXc4kRuwExWuenAvl/cl1uImStFRaXpWALz6yCuG7qimIj+xUmORPIi0AvPYRbaP2hnNx9CwJBAPInlCjWcwXulbcm9h0Ka9J1RkoSTfk5OINnG1gpdrgqkZRc3wcQjKZQcp2atx374uNw74SDEHB/2WcDSKVnolECQQD1c+oI4d+zMtDKn1S/oWYOpjCPQwlyTD4B3XnZaRmwzDKcXFf4wxom+IkRZfQLOs/SLEusML3iicL2TJp6BDRTAkEA2nsvSDFEkmOTHS6/+6+9XKOHCam+RFCGVrieiUrP3JY7xzqL15ns7NnEr8I52Ym8Si1JTavbF0Wi5zilQOdiIQJBAKsIJEZm1aivvwaGCV7egAfSxTyaPbsHxljx4T01HGIhSylOheJzHd1ZbWYNIv7Kx4FZ/AeF2rnn+6DZjx/6+/w=-----END RSA PRIVATE KEY-----” }: failed to load private key: openssl private_key_from_pem: error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: ANY PRIVATE KEY. openssl private_key_from_der: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag:crypto/asn1/tasn_dec.c:1149:, error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:crypto/asn1/tasn_dec.c:309:Type=RSAPrivateKey. from_pkcs1_der: PKCS#8 ASN.1 error: unknown/unsupported ASN.1 DER tag: 0x2d. from_pkcs8_der: PKCS#8 ASN.1 error: unknown/unsupported ASN.1 DER tag: 0x2d. from_pkcs1_pem: PKCS#1 ASN.1 error: PEM error: PEM type label invalid. from_pkcs8_pem: PKCS#8 ASN.1 error: PEM error: PEM type label invalid

kindhearted-deer · May 27, 2024, 12:22pm

Not working

kindhearted-deer · May 27, 2024, 12:23pm

lua code is attached below

kindhearted-deer · May 27, 2024, 12:23pm

key = {
key_data = ‘-----BEGIN RSA PRIVATE KEY-----MIICXwIBAAKBgQDvWcNuTJ+F94xlGBCv76E/TsDokBcR+RLO47VmI1MyHJcj30bRmwUfmBmGnoizAFsRGQQXPHIlYxIZXOtYhzebxnXPx/Gw5FTVYhezpC5duCracpbbehl+7CVuc3LtXROb6EJSplaPS0H2BE+e9VVUlvdhGvdPwOTowArMj1GGewIDAQABAoGBAO51osQoKKJiwAgUEsQF3MNi5cSNkb6BRODEcnyA4ylA3L+LelXnuRICCiRZm92ilBgTsUSpHxvqeSS1s29uv9FQbHAFZ0pubwn0ueIu1BVT1oW9Tf1BIAPHgT9+TQoXdNZ200haxxZw/qfmkbq6n3wHUWbjV4pQFHiQxHgmxhyhAkEA/QkkmGiSb/Lv0mJXc4kRuwExWuenAvl/cl1uImStFRaXpWALz6yCuG7qimIj+xUmORPIi0AvPYRbaP2hnNx9CwJBAPInlCjWcwXulbcm9h0Ka9J1RkoSTfk5OINnG1gpdrgqkZRc3wcQjKZQcp2atx374uNw74SDEHB/2WcDSKVnolECQQD1c+oI4d+zMtDKn1S/oWYOpjCPQwlyTD4B3XnZaRmwzDKcXFf4wxom+IkRZfQLOs/SLEusML3iicL2TJp6BDRTAkEA2nsvSDFEkmOTHS6/+6+9XKOHCam+RFCGVrieiUrP3JY7xzqL15ns7NnEr8I52Ym8Si1JTavbF0Wi5zilQOdiIQJBAKsIJEZm1aivvwaGCV7egAfSxTyaPbsHxljx4T01HGIhSylOheJzHd1ZbWYNIv7Kx4FZ/AeF2rnn+6DZjx/6+/w=-----END RSA PRIVATE KEY-----’,
},