From 05916f4238315a3e74eaa367dc82bc902b61c6b5 Mon Sep 17 00:00:00 2001 From: Luca Iadicicco Date: Tue, 16 Jul 2024 18:27:09 +0200 Subject: [PATCH] Add DKIM private key settings to `.env` and `/config/mail.php`. Ensure correct key format. Log errors if private key retrieval fails. --- README.md | 28 +++++++++------------------- src/Mailer.php | 29 ++++++++++++++++------------- 2 files changed, 25 insertions(+), 32 deletions(-) diff --git a/README.md b/README.md index 83f5028..59a218f 100644 --- a/README.md +++ b/README.md @@ -27,9 +27,9 @@ composer require hostbrook/laravel-dkim HostBrook\LaravelDkim\DkimMailServiceProvider::class, ``` -3. Add your DKIM private key settings in `/.env` or in `/config/mail.php`. The priority of DKIM settings is from `/.env` file. +1. Add your DKIM private key settings in `/.env` and in `/config/mail.php`. - 3.1. The syntax, if you want to add DKIM private key settings in `/.env` file: + 3.1. Add DKIM private key settings in `/.env` file: ``` DKIM_SELECTOR="selector1" @@ -38,7 +38,7 @@ HostBrook\LaravelDkim\DkimMailServiceProvider::class, DKIM_PRIVATE_KEY="/storage/app/dkim/private_key.txt" ``` - As an option, you can add the full RSA Private Key to the `.env` file, for example: + Or, add the full RSA Private Key to the `.env` file, for example: ``` DKIM_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY----- @@ -48,28 +48,18 @@ HostBrook\LaravelDkim\DkimMailServiceProvider::class, -----END RSA PRIVATE KEY-----" ``` - 3.2. The syntax, if you want to add DKIM private key settings in `/config/mail.php` file: + 3.2. Then in `/config/mail.php` file: ``` - 'dkim_selector' => 'selector1', - 'dkim_domain' => 'domain.name', - 'dkim_passphrase' => '', // leave empty if you didn’t protect the private key - 'dkim_private_key' => '/storage/app/dkim/private_key.txt', - ``` - - As an option, you can add the full RSA Private Key to the `/config/mail.php` file, for example: - - ``` - 'dkim_private_key' => '-----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAq1SCAScet736Rr/f36OYUo8cRziq4v2uq6kNs5wzEaaqUAoh - ... - ENwDlqtgpM9D7YznrL6W9NH7fdSwmz2Ux0frY6weuBx/VSeJn1fb - -----END RSA PRIVATE KEY-----', + 'dkim_private_key' => env('DKIM_PRIVATE_KEY', ''), + 'dkim_domain' => env('DKIM_DOMAIN', ''), + 'dkim_selector' => env('DKIM_SELECTOR', 'default'), + 'dkim_passphrase' => env('DKIM_PASSPHRASE', ''), ``` ## Notes and recommendations -- No matter where you keep the RSA Private Key, in `/.env` file or in `/config/mail.php` file or in a text file, everything between two instances `'-----BEGIN RSA PRIVATE KEY-----'` and `'-----END RSA PRIVATE KEY-----'` must be right up to the start of the line! +- No matter where you keep the RSA Private Key, everything between two instances `'-----BEGIN RSA PRIVATE KEY-----'` and `'-----END RSA PRIVATE KEY-----'` must be right up to the start of the line! - It is not recommended to keep private key directly in the `/config/mail.php` file for security reasons especially if your project is not in the private repository. - If you would like to keep RSA Private key in a text file, the path to the text file must be relative to the project base path (like in the example above). diff --git a/src/Mailer.php b/src/Mailer.php index f950d81..6fa824f 100644 --- a/src/Mailer.php +++ b/src/Mailer.php @@ -42,7 +42,7 @@ public function send($view, array $data = [], $callback = null): ?SentMessage // Once we have retrieved the view content for the e-mail we will set the body // of this message using the HTML type, which will provide a simple wrapper // to creating view based emails that are able to receive arrays of data. - if (! is_null($callback)) { + if (!is_null($callback)) { $callback($message); } @@ -59,25 +59,28 @@ public function send($view, array $data = [], $callback = null): ?SentMessage // one final chance to stop this message and then we will send it to all of // its recipients. We will then fire the sent event for the sent message. $symfonyMessage = $message->getSymfonyMessage(); + $privateKey = config('mail.dkim_private_key', ''); + if ($privateKey != null) + try { + if (File::exists(base_path() . $privateKey)) + $privateKey = File::get(base_path() . $privateKey); + } catch (\Exception $ex) { + Log::error($ex->getMessage()); + return null; + } - $privateKey = env('DKIM_PRIVATE_KEY') ? env('DKIM_PRIVATE_KEY','') : config('mail.dkim_private_key',''); - if (File::exists(base_path().$privateKey)) $privateKey = File::get(base_path().$privateKey); - - $domain = env('DKIM_DOMAIN') ? env('DKIM_DOMAIN','') : config('mail.dkim_domain',''); - $selector = env('DKIM_SELECTOR') ? env('DKIM_SELECTOR','') : config('mail.dkim_selector',''); - $passphrase = env('DKIM_PASSPHRASE') ? env('DKIM_PASSPHRASE','') : config('mail.dkim_passphrase',''); + $domain = config('mail.dkim_domain', ''); + $selector = config('mail.dkim_selector', ''); + $passphrase = config('mail.dkim_passphrase', ''); // Sign emails if values of domain, selector and passphrase exist: if (!$privateKey) { Log::warning('The message hasn\'t been signed with DKIM: No private key set.'); - } - elseif (!$domain) { + } elseif (!$domain) { Log::warning('The message hasn\'t been signed with DKIM: No domain set.'); - } - elseif (!$selector) { + } elseif (!$selector) { Log::warning('The message hasn\'t been signed with DKIM: No selector set.'); - } - else { + } else { $signer = new DkimSigner($privateKey, $domain, $selector, [], $passphrase); $signedEmail = $signer->sign($message->getSymfonyMessage()); $symfonyMessage->setHeaders($signedEmail->getHeaders());