[Bug 1993944] [NEW] sha256 hash not supported after upgrading to 22.10
somekool
1993944 at bugs.launchpad.net
Sun Oct 23 12:40:40 UTC 2022
Public bug reported:
I just upgraded from 22.04 to 22.10, and I cannot open my LUKS volume.
here is as much information that I could find
```
$ sudo cryptsetup luksDump --debug /dev/nvme0n1p7
# cryptsetup 2.5.0 processing "cryptsetup luksDump --debug /dev/nvme0n1p7"
# Verifying parameters for command luksDump.
# Running command luksDump.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/nvme0n1p7.
# Trying to open and read device /dev/nvme0n1p7 with direct-io.
# Initialising device-mapper backend library.
# Trying to load any crypt type from device /dev/nvme0n1p7.
# Crypto backend (OpenSSL 3.0.5 5 Jul 2022 [default][legacy]) initialized in cryptsetup library version 2.5.0.
# Detected kernel Linux 5.19.0-23-generic x86_64.
Requested hash sha256 is not supported.
Device /dev/nvme0n1p7 is not a valid LUKS device.
# Releasing crypt device /dev/nvme0n1p7 context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code -1 (wrong or missing parameters).
```
so the actual errors appears to be `Requested hash sha256 is not
supported.`
I opened an issue on cryptsetup itself, but he is telling me its likely
an OpenSSL miss-configuration, or a missing package. sha256 i mandatory
https://gitlab.com/cryptsetup/cryptsetup/-/issues/782
I am seeing reference to sha256 in `/etc/ssl/openssl.cnf`
but when I type just `openssl -v` I get ...
```
FATAL: Startup failure (dev note: apps_startup()) for openssl
4057E8D4727F0000:error:80000002:system library:process_include:No such file or directory:../crypto/conf/conf_def.c:805:calling stat(fipsmodule.cnf)
4057E8D4727F0000:error:07800069:common libcrypto routines:provider_conf_load:provider section error:../crypto/provider_conf.c:156:section=fips_sect not found
4057E8D4727F0000:error:0700006D:configuration file routines:module_run:module initialization error:../crypto/conf/conf_mod.c:270:module=providers, value=provider_sect retcode=-1
```
could it be related?
** Affects: cryptsetup (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1993944
Title:
sha256 hash not supported after upgrading to 22.10
Status in cryptsetup package in Ubuntu:
New
Bug description:
I just upgraded from 22.04 to 22.10, and I cannot open my LUKS volume.
here is as much information that I could find
```
$ sudo cryptsetup luksDump --debug /dev/nvme0n1p7
# cryptsetup 2.5.0 processing "cryptsetup luksDump --debug /dev/nvme0n1p7"
# Verifying parameters for command luksDump.
# Running command luksDump.
# Locking memory.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/nvme0n1p7.
# Trying to open and read device /dev/nvme0n1p7 with direct-io.
# Initialising device-mapper backend library.
# Trying to load any crypt type from device /dev/nvme0n1p7.
# Crypto backend (OpenSSL 3.0.5 5 Jul 2022 [default][legacy]) initialized in cryptsetup library version 2.5.0.
# Detected kernel Linux 5.19.0-23-generic x86_64.
Requested hash sha256 is not supported.
Device /dev/nvme0n1p7 is not a valid LUKS device.
# Releasing crypt device /dev/nvme0n1p7 context.
# Releasing device-mapper backend.
# Unlocking memory.
Command failed with code -1 (wrong or missing parameters).
```
so the actual errors appears to be `Requested hash sha256 is not
supported.`
I opened an issue on cryptsetup itself, but he is telling me its
likely an OpenSSL miss-configuration, or a missing package. sha256 i
mandatory
https://gitlab.com/cryptsetup/cryptsetup/-/issues/782
I am seeing reference to sha256 in `/etc/ssl/openssl.cnf`
but when I type just `openssl -v` I get ...
```
FATAL: Startup failure (dev note: apps_startup()) for openssl
4057E8D4727F0000:error:80000002:system library:process_include:No such file or directory:../crypto/conf/conf_def.c:805:calling stat(fipsmodule.cnf)
4057E8D4727F0000:error:07800069:common libcrypto routines:provider_conf_load:provider section error:../crypto/provider_conf.c:156:section=fips_sect not found
4057E8D4727F0000:error:0700006D:configuration file routines:module_run:module initialization error:../crypto/conf/conf_mod.c:270:module=providers, value=provider_sect retcode=-1
```
could it be related?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1993944/+subscriptions
More information about the foundations-bugs
mailing list