dovecot and argon2 encryption

[Larry Rosenman]

On 12/4/18, 1:14 AM, "dovecot on behalf of Aki Tuomi" <dovecot-bounces at dovecot.org on behalf of aki.tuomi at open-xchange.com> wrote:

    
    On 3.12.2018 22.24, Jerry wrote:
    > I am using a FreeBSD 11-2 amd/64 system with dovecot version 2.3.4 installed.
    > I was playing around with different encryption schemes.
    >
    > doveadm pw -l
    > SHA1 SSHA512 BLF-CRYPT PLAIN HMAC-MD5 OTP SHA512 SHA RPA DES-CRYPT CRYPT SSHA
    >  MD5-CRYPT SKEY PLAIN-MD4 PLAIN-MD5 SCRAM-SHA-1 LANMAN SHA512-CRYPT CLEAR
    >  CLEARTEXT SSHA256 NTLM MD5 PBKDF2 SHA256 CRAM-MD5 PLAIN-TRUNC SHA256-CRYPT
    >  SMD5 DIGEST-MD5 LDAP-MD5
    >
    > There is no mention of "argon2" shown. Now, from the command line I can enter
    > this command:
    >
    > ~ $ echo -n "Secret-Password" | argon2 somesalt
    > Type:           Argon2i
    > Iterations:     3
    > Memory:         4096 KiB
    > Parallelism:    1
    > Hash:
    > e6432f595e999988c7c54c30d530b0fc7d9953510e5ccf295359258f4ea22a3d
    > Encoded:
    > $argon2i$v=19$m=4096,t=3,p=1$c29tZXNhbHQ$5kMvWV6ZmYjHxUww1TCw/H2ZU1EOXM8pU1klj06iKj0
    > 0.039 seconds Verification ok
    >
    > However, this fails:
    >
    > doveadm pw -p "Secret-Password" -s argon2
    > Fatal: Unknown scheme: ARGON2
    >
    > I have tried different ways to enter "argon2", but nothing works. Can
    > someone tell me what I am doing wrong?
    >
    > Thanks :)
    >
    Argon support is present if dovecot is compiled with `--with-sodium` and
    you have sodium development packages installed.
    
    Aki
    

I'm the dovecot maintainer for FreeBSD, and I just committed an update to the port to include a libsodium option.