** Description changed:
[ Impact ]
* When one enables FIPS mode on a Jammy system and then attempts to use
Dovecot to create an encrypted mailbox, the module returns a invalid salt
length error.
* FIPS mode requires a 16 byte salt for PBEKDF2 and Dovecot is only
requesting 8 bytes of salt. The solution is to modify Dovecot to request
16 bytes of salt.
[ Test Plan ]
Test Setup
- * Add a vmail user
- - useradd --home-dir /var/mail/ --shell /usr/sbin/nologin vmail
- - chown vmail:vmail /var/mail/
- - chmod 700 /var/mail/
-
* Install Dovecot on the system
- sudo apt install dovecot-auth-lua dovecot-core dovecot-gssapi
dovecot-imapd dovecot-ldap dovecot-lmtpd dovecot-managesieved dovecot-mysql
dovecot-pgsql dovecot-pop3d dovecot-sieve dovecot-solr dovecot-sqlite
dovecot-submissiond
* Enable mailbox encryption.
- Add /etc/dovecot/conf.d//mail-crypt.conf to enable mailbox encryption:
- mail_location = sdbox:/var/mail/%n
+ mail_location = mbox:~/mail:INBOX=/var/mail/%u
listen = *
mbox_write_locks = fcntl
- first_valid_uid = 1000
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
userdb {
driver = passwd
- override_fields = uid=vmail gid=vmail home=/var/mail/%n/
}
mail_plugins = $mail_plugins mail_crypt
plugin {
mail_crypt_curve = secp521r1
mail_crypt_save_version=2
}
mail_attribute_dict = file:%h/Maildir/dovecot-attributes
imap_metadata = yes
* Issue the following command to create an encrypted mailbox:
- sudo doveadm -o
plugin/mail_crypt_private_password=e32f1f174d7576716d5df899e7d5cb6b64cdb33584c71882e9f7e1f79f2e695e
mailbox cryptokey generate -u <username>
* Verify that no error occurs.
* Enable FIPS on a Jammy system.
- sudo pro attach <token>
- sudo pro enable fips-updates
- sudo reboot
(To test FIPS on a Noble system)
- sudo add-apt-repository ppa:fips-cc-stig/fips-under-certification
- sudo apt install -y ubuntu-fips
openssh-server=1:9.6p1-3ubuntu13+Fips1~rc0 \
openssh-client=1:9.6p1-3ubuntu13+Fips1~rc0 \
openssh-sftp-server=1:9.6p1-3ubuntu13+Fips1~rc0 \
--allow-downgrades --yes
* Reboot
* Delete the mailbox
- rm -rf ~/mail
* Issue the following command to create an encrypted mailbox:
- sudo doveadm -o
plugin/mail_crypt_private_password=e32f1f174d7576716d5df899e7d5cb6b64cdb33584c71882e9f7e1f79f2e695e
mailbox cryptokey generate -u <username>
* Verify that an error occurs.
* Update Dovecot to the fixed version.
* Repeat the commands to delete the mailbox and to create an encrypted
mailbox.
* After installing the fix, verify that no error occurs.
[ Where problems could occur ]
* The increased salt size of 16 bytes could potentially cause issues in
allocated data structures, but unit tests don't seem to have a probleem.
* The patch is recent and has not been distributed in an upstream release.
[ Other Info ]
This is really only needed on systems where FIPS is supported, i.e.
Jammy and Noble and 26.04, but patches have been provided for oracular,
plucky, and questing.
--------------
We deployed Ubuntu Server 22.04 FIPS on Azure as it is now a FIPS Certified
release. See https://ubuntu.com/blog/fips-140-3-for-ubuntu-22-04lts
~# lsb_release -rd
Description: Ubuntu 22.04.5 LTS
Release: 22.04
After installing Ubuntu Server 22.04 FIPS, we then deployed Dovecot modules
as shown here:
--------------
# apt search dovecot | grep "install"
WARNING: apt does not have a stable CLI interface. Use with caution in
scripts.
dovecot-core/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4 amd64
[installed]
dovecot-imapd/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4
amd64 [installed]
dovecot-lmtpd/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4
amd64 [installed]
dovecot-managesieved/jammy-updates,jammy-security,now
1:2.3.16+dfsg1-3ubuntu2.4 amd64 [installed]
dovecot-mysql/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4
amd64 [installed]
dovecot-pop3d/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4
amd64 [installed]
dovecot-sieve/jammy-updates,jammy-security,now 1:2.3.16+dfsg1-3ubuntu2.4
amd64 [installed]
~# apt-cache policy dovecot-core
dovecot-core:
Installed: 1:2.3.16+dfsg1-3ubuntu2.4
Candidate: 1:2.3.16+dfsg1-3ubuntu2.4
Version table:
*** 1:2.3.16+dfsg1-3ubuntu2.4 500
500 http://azure.archive.ubuntu.com/ubuntu jammy-updates/main amd64
Packages
500 http://azure.archive.ubuntu.com/ubuntu jammy-security/main amd64
Packages
100 /var/lib/dpkg/status
1:2.3.16+dfsg1-3ubuntu2 500
500 http://azure.archive.ubuntu.com/ubuntu jammy/main amd64 Packages
-------------
We attempted to add a mailbox with encryption:
-------------
sudo -u vmail doveadm -o
plugin/mail_crypt_private_password=e32f1f174d7576716d5df899e7d5cb6b64cdb33584c71882e9f7e1f79f2e695e
mailbox cryptokey generate -u u...@domain.com
doveadm(u...@domain.com): Error:
mail_crypt_user_generate_keypair(u...@domain.com) failed:
error:1C800070:Provider routines::invalid salt length
doveadm(u...@domain.com): Warning: mailbox cryptokey generate: Nothing was
matched. Use -U or specify mask?
Folder Public ID
x ERROR: error:1C800070:Provider routines::invalid salt length
Segmentation fault
-------------
After researching the error, I found a single note in the OpenSSL bug tracker
referencing the error.
https://github.com/openssl/openssl/issues/24962
The suggested options are not available as they defeat the purpose of
being FIPS compliant and certified.
As a result, Dovecot is completely broken on 22.04 FIPS if using
encrypted mailboxes. (At least in our testing)
Expected behavior:
The SALT length should match what the required check is, which is 16
bytes. Dovecot should utilize an appropriate version to produce
encryption keys using the required SALT length.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107773
Title:
[SRU] Enabling FIPS causes SALT to be 8 bytes, but OpenSSL 3.0.2
checks if SALT is < 16 bytes, breaking Dovecot and possibly other
packages.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2107773/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
