[Bug 2107773] Re: Enabling FIPS causes SALT to be 8 bytes, but OpenSSL 3.0.2 checks if SALT is < 16 bytes, breaking Dovecot and possibly other packages.
Julian Andres Klode
2107773 at bugs.launchpad.net
Thu Apr 24 15:33:27 UTC 2025
FIPS is handled by the security certification team and a separate repo,
so assigning it to them for lack of better workflow.
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) => Canonical Security Certification (canonical-security-certification)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2107773
Title:
Enabling FIPS causes SALT to be 8 bytes, but OpenSSL 3.0.2 checks if
SALT is < 16 bytes, breaking Dovecot and possibly other packages.
Status in openssl package in Ubuntu:
New
Bug description:
We deployed Ubuntu Server 22.04 FIPS on Azure as it is now a FIPS
Certified release. See https://ubuntu.com/blog/fips-140-3-for-
ubuntu-22-04lts
~# lsb_release -rd
Description: Ubuntu 22.04.5 LTS
Release: 22.04
After installing Ubuntu Server 22.04 FIPS, we then deployed Dovecot modules as shown here:
--------------
# apt search dovecot | grep "install"
WARNING: apt does not have a stable CLI interface. Use with caution in
scripts.
dovecot-core/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
dovecot-imapd/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
dovecot-lmtpd/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
dovecot-managesieved/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
dovecot-mysql/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
dovecot-pop3d/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
dovecot-sieve/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
~# apt-cache policy dovecot-core
dovecot-core:
Installed: 1:2.3.16+dfsg1-3ubuntu2.4
Candidate: 1:2.3.16+dfsg1-3ubuntu2.4
Version table:
*** 1:2.3.16+dfsg1-3ubuntu2.4 500
500 http://azure.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
500 http://azure.archive.ubuntu.com/ubuntu jammy-security/main amd64 Packages
100 /var/lib/dpkg/status
1:2.3.16+dfsg1-3ubuntu2 500
500 http://azure.archive.ubuntu.com/ubuntu jammy/main amd64 Packages
-------------
We attempted to add a mailbox with encryption:
-------------
sudo -u vmail doveadm -o plugin/mail_crypt_private_password=e32f1f174d7576716d5df899e7d5cb6b64cdb33584c71882e9f7e1f79f2e695e mailbox cryptokey generate -u user at domain.com
doveadm(user at domain.com): Error: mail_crypt_user_generate_keypair(user at domain.com) failed: error:1C800070:Provider routines::invalid salt length
doveadm(user at domain.com): Warning: mailbox cryptokey generate: Nothing was matched. Use -U or specify mask?
Folder Public ID
x ERROR: error:1C800070:Provider routines::invalid salt length
Segmentation fault
-------------
After researching the error, I found a single note in the OpenSSL bug tracker referencing the error.
https://github.com/openssl/openssl/issues/24962
The suggested options are not available as they defeat the purpose of being FIPS compliant and certified.
As a result, Dovecot is completely broken on 22.04 FIPS if using encrypted mailboxes. (At least in our testing)
Expected behavior:
The SALT length should match what the required check is, which is 16
bytes. Dovecot should utilize an appropriate version to produce
encryption keys using the required SALT length.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2107773/+subscriptions
More information about the foundations-bugs
mailing list