Comware

 View Only
  • 1.  HPE FlexFabric 5700 - Disabling SSL ciphers

    Posted Sep 09, 2021 05:17 AM

    I am trying to disable a specific set of ciphers on an HPE FlexFabric 5700 JG896A with firmware version 2432P06.

    The reason is to silence several vulnerability warnings from our GVM vulnerability scanner, among them these 2 from HPE:

    https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05349499
    https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05336888

    As per the HPE FlexFabric 5700 Switch Series Security Configuration Guide I have done:

    ssl server-policy "specific-ciphersuites"
    ciphersuite dhe_rsa_aes_128_cbc_sha dhe_rsa_aes_128_cbc_sha256 dhe_rsa_aes_256_cbc_sha dhe_rsa_aes_256_cbc_sha256 ecdhe_ecdsa_aes_128_cbc_sha256 ecdhe_ecdsa_aes_128_gcm_sha256 ecdhe_ecdsa_aes_256_cbc_sha384 ecdhe_ecdsa_aes_256_gcm_sha384 ecdhe_rsa_aes_128_cbc_sha256 ecdhe_rsa_aes_128_gcm_sha256 ecdhe_rsa_aes_256_cbc_sha384 ecdhe_rsa_aes_256_gcm_sha384 rsa_aes_128_cbc_sha rsa_aes_128_cbc_sha256 rsa_aes_256_cbc_sha rsa_aes_256_cbc_sha256
    quit
    undo ip https enable
    ip https ssl-server-policy "specific-ciphersuites"
    ip https enable

    This should remove the following ciphers:

    exp_rsa_des_cbc_sha
    exp_rsa_rc2_md5
    exp_rsa_rc4_md5
    rsa_3des_ede_cbc_sha
    rsa_rc4_128_md5
    rsa_rc4_128_sha
    rsa_des_cbc_sha

    But this results in a ERR_SSL_VERSION_OR_CIPHER_MISMATCH when attempting to open the https site in Edge and similar message in Internet Explorer.

    If I undo the change:

    undo ip https enable
    undo ip https ssl-server-policy
    ip https enable

    Then I can open the https site again.

    Even just testing one ciphersuite enabled:

    ssl server-policy testing
    ciphersuite rsa_aes_128_cbc_sha
    quit
    undo ip https enable
    ip https ssl-server-policy testing
    ip https enable

    Gives the same ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

    I have already succesfully disabled SSL 3.0, TLS 1.0, and TLS 1.1 with:

    ssl version ssl3.0 tls1.0 tls1.1 disable
    undo ip https enable
    ip https enable

    I have found a few posts in the HPE Community forum about ciphers on Commware switches, but none of the ones I found show a working config sample.

    Has anyone succesfully disabled ssl ciphersuites on a 5700 series switch?
    Am I missing something in my configuration?


    #Switch_Router_Interconnect
    #Commware


  • 2.  RE: HPE FlexFabric 5700 - Disabling SSL ciphers

    Posted Sep 09, 2021 06:02 AM

    Hi @Support_PenB !

    Did you have a chance to analyze TLS 'Client Hello' and 'Server Hello' messages to see what ciphers your browser declares as proposed and what cipher the switch advertises? Check both working and non-working scenarios. There is a useful display filter in Wireshark 'tls.handshake' that can help you filtering out those two packets. If any doubts, share the filtered capture here, I'll check. My suspicion is that when it works, both client (browser) and server agree on rsa_rc4_128_md5 but when you exclude it they can't negotiate anything compatible. Which is definitely strange taking into account how many various ciphers you have in that SSL policy... 

    BTW, have you tried that policy without 'ssl version ssl3.0 tls1.0 tls1.1 disable'? Like to allow all TLS versions, but with ciphers you choose?

     



  • 3.  RE: HPE FlexFabric 5700 - Disabling SSL ciphers

    Posted Sep 09, 2021 08:58 AM

    I have tried with SSL 3.0, TLS 1.0, and TLS 1.1 enabled AND the specific ciphersuites, but the result is the same ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.

    I enabled SSL 3.0, TLS 1.0, TLS 1.1:

    undo ssl version ssl3.0 disable
    undo ssl version tls1.0 disable
    undo ssl version tls1.1 disable
    undo ip https enable
    ip https enable

     

    Without setting a specific ciphersuite.

    Testing with nmap v7.70 from a CentOS 8 host with command:

    nmap -sV --script ssl-enum-ciphers -p 443 switch2.domain.local

     

    Shows a very limited cipher set:

    |_http-server-header: HTTPD
    | ssl-enum-ciphers:
    |   SSLv3:
    |     ciphers:
    |       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
    |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
    |       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
    |     compressors:
    |       NULL
    |     cipher preference: client
    |     warnings:
    |       64-bit block cipher 3DES vulnerable to SWEET32 attack
    |       Broken cipher RC4 is deprecated by RFC 7465
    |       CBC-mode cipher in SSLv3 (CVE-2014-3566)
    |       Ciphersuite uses MD5 for message integrity
    |   TLSv1.0:
    |     ciphers:
    |       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
    |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
    |       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
    |     compressors:
    |       NULL
    |     cipher preference: client
    |     warnings:
    |       64-bit block cipher 3DES vulnerable to SWEET32 attack
    |       Broken cipher RC4 is deprecated by RFC 7465
    |       Ciphersuite uses MD5 for message integrity
    |   TLSv1.1:
    |     ciphers:
    |       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
    |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
    |       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
    |     compressors:
    |       NULL
    |     cipher preference: client
    |     warnings:
    |       64-bit block cipher 3DES vulnerable to SWEET32 attack
    |       Broken cipher RC4 is deprecated by RFC 7465
    |       Ciphersuite uses MD5 for message integrity
    |   TLSv1.2:
    |     ciphers:
    |       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
    |       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
    |       TLS_RSA_WITH_RC4_128_MD5 (rsa 2048) - C
    |       TLS_RSA_WITH_RC4_128_SHA (rsa 2048) - C
    |     compressors:
    |       NULL
    |     cipher preference: client
    |     warnings:
    |       64-bit block cipher 3DES vulnerable to SWEET32 attack
    |       Broken cipher RC4 is deprecated by RFC 7465
    |       Ciphersuite uses MD5 for message integrity
    |_  least strength: C

     

    Same with sslyze (https://github.com/nabla-c0d3/sslyze) 4.1.0 from a Windows Server 2019 server:

     

     SCAN RESULTS FOR SWITCH2.DOMAIN.LOCAL:443 - 10.10.10.10
     -------------------------------------------------------------
    
     * Deflate Compression:
                                              OK - Compression disabled
    
     * OpenSSL Heartbleed:
                                              OK - Not vulnerable to Heartbleed
    
     * OpenSSL CCS Injection:
                                              OK - Not vulnerable to OpenSSL CCS injection
    
     * TLS 1.2 Cipher Suites:
         Attempted to connect using 156 cipher suites.
    
         The server accepted the following 5 cipher suites:
            TLS_RSA_WITH_RC4_128_SHA                          128
            TLS_RSA_WITH_RC4_128_MD5                          128
            TLS_RSA_WITH_AES_256_CBC_SHA                      256
            TLS_RSA_WITH_AES_128_CBC_SHA                      128
            TLS_RSA_WITH_3DES_EDE_CBC_SHA                     168
    
         The group of cipher suites supported by the server has the following properties:
           Forward Secrecy                    INSECURE - Not Supported
           Legacy RC4 Algorithm               INSECURE - Supported
    
    
     * ROBOT Attack:
                                              OK - Not vulnerable.
    
     * Session Renegotiation:
           Client Renegotiation DoS Attack:   VULNERABLE - Server honors client-initiated renegotiations
           Secure Renegotiation:              OK - Supported
    
     * TLS 1.2 Session Resumption Support:
          With Session IDs: NOT SUPPORTED (0 successful resumptions out of 5 attempts).
          With TLS Tickets: OK - Supported.
    
     * SSL 3.0 Cipher Suites:
         Attempted to connect using 80 cipher suites.
    
         The server accepted the following 5 cipher suites:
            TLS_RSA_WITH_RC4_128_SHA                          128
            TLS_RSA_WITH_RC4_128_MD5                          128
            TLS_RSA_WITH_AES_256_CBC_SHA                      256
            TLS_RSA_WITH_AES_128_CBC_SHA                      128
            TLS_RSA_WITH_3DES_EDE_CBC_SHA                     168
    
         The group of cipher suites supported by the server has the following properties:
           Forward Secrecy                    INSECURE - Not Supported
           Legacy RC4 Algorithm               INSECURE - Supported
    
    
     * Certificates Information:
           Hostname sent for SNI:             switch2.domain.local
           Number of certificates detected:   1
    
    
         Certificate #0 ( _RSAPublicKey )
           SHA1 Fingerprint:                  88c43163b01d2e0d8fddc44320ee967e6f2077d8
           Common Name:                       HTTPS-Self-Signed-Certificate-ba0115a4076d6ffc
           Issuer:                            HTTPS-Self-Signed-Certificate-ba0115a4076d6ffc
           Serial Number:                     0
           Not Before:                        2011-01-01
           Not After:                         2030-12-27
           Public Key Algorithm:              _RSAPublicKey
           Signature Algorithm:               sha256
           Key Size:                          2048
           Exponent:                          65537
           DNS Subject Alternative Names:     []
    
         Certificate #0 - Trust
           Hostname Validation:               FAILED - Certificate does NOT match server hostname
           Android CA Store (9.0.0_r9):       FAILED - Certificate is NOT Trusted: self signed certificate
           Apple CA Store (iOS 14, iPadOS 14, macOS 11, watchOS 7, and tvOS 14):FAILED - Certificate is NOT Trusted: self signed certificate
           Java CA Store (jdk-13.0.2):        FAILED - Certificate is NOT Trusted: self signed certificate
           Mozilla CA Store (2021-01-24):     FAILED - Certificate is NOT Trusted: self signed certificate
           Windows CA Store (2021-02-08):     FAILED - Certificate is NOT Trusted: self signed certificate
           Symantec 2018 Deprecation:         ERROR - Could not build verified chain (certificate untrusted?)
           Received Chain:                    HTTPS-Self-Signed-Certificate-ba0115a4076d6ffc
           Verified Chain:                    ERROR - Could not build verified chain (certificate untrusted?)
           Received Chain Contains Anchor:    ERROR - Could not build verified chain (certificate untrusted?)
           Received Chain Order:              OK - Order is valid
           Verified Chain contains SHA1:      ERROR - Could not build verified chain (certificate untrusted?)
    
         Certificate #0 - Extensions
           OCSP Must-Staple:                  NOT SUPPORTED - Extension not found
           Certificate Transparency:          NOT SUPPORTED - Extension not found
    
         Certificate #0 - OCSP Stapling
                                              NOT SUPPORTED - Server did not send back an OCSP response
    
     * SSL 2.0 Cipher Suites:
         Attempted to connect using 7 cipher suites; the server rejected all cipher suites.
    
     * TLS 1.0 Cipher Suites:
         Attempted to connect using 80 cipher suites.
    
         The server accepted the following 5 cipher suites:
            TLS_RSA_WITH_RC4_128_SHA                          128
            TLS_RSA_WITH_RC4_128_MD5                          128
            TLS_RSA_WITH_AES_256_CBC_SHA                      256
            TLS_RSA_WITH_AES_128_CBC_SHA                      128
            TLS_RSA_WITH_3DES_EDE_CBC_SHA                     168
    
         The group of cipher suites supported by the server has the following properties:
           Forward Secrecy                    INSECURE - Not Supported
           Legacy RC4 Algorithm               INSECURE - Supported
    
    
     * TLS 1.3 Cipher Suites:
         Attempted to connect using 5 cipher suites; the server rejected all cipher suites.
    
     * Elliptic Curve Key Exchange:
         The server does not support cipher suites with ECDH key exchanges.
    
     * TLS 1.1 Cipher Suites:
         Attempted to connect using 80 cipher suites.
    
         The server accepted the following 5 cipher suites:
            TLS_RSA_WITH_RC4_128_SHA                          128
            TLS_RSA_WITH_RC4_128_MD5                          128
            TLS_RSA_WITH_AES_256_CBC_SHA                      256
            TLS_RSA_WITH_AES_128_CBC_SHA                      128
            TLS_RSA_WITH_3DES_EDE_CBC_SHA                     168
    
         The group of cipher suites supported by the server has the following properties:
           Forward Secrecy                    INSECURE - Not Supported
           Legacy RC4 Algorithm               INSECURE - Supported
    
    
     * Downgrade Attacks:
           TLS_FALLBACK_SCSV:                 OK - Supported
    
    
     SCAN COMPLETED IN 9.10 S
     ------------------------

     

    According to the Security tab in the Developer Tools in the Edge browser it connected with:

    The connection to this site is encrypted and authenticated using TLS 1.2, RSA, and AES_128_CBC with HMAC-SHA1.

    Now to apply my ciphersuite:

    ssl server-policy "specific-ciphersuites"
    ciphersuite dhe_rsa_aes_128_cbc_sha dhe_rsa_aes_128_cbc_sha256 dhe_rsa_aes_256_cbc_sha dhe_rsa_aes_256_cbc_sha256 ecdhe_ecdsa_aes_128_cbc_sha256 ecdhe_ecdsa_aes_128_gcm_sha256 ecdhe_ecdsa_aes_256_cbc_sha384 ecdhe_ecdsa_aes_256_gcm_sha384 ecdhe_rsa_aes_128_cbc_sha256 ecdhe_rsa_aes_128_gcm_sha256 ecdhe_rsa_aes_256_cbc_sha384 ecdhe_rsa_aes_256_gcm_sha384 rsa_aes_128_cbc_sha rsa_aes_128_cbc_sha256 rsa_aes_256_cbc_sha rsa_aes_256_cbc_sha256
    quit
    undo ip https enable
    ip https ssl-server-policy "specific-ciphersuites"
    ip https enable

     

    Edge now shows the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.


    The nmap test with the same command now shows only an open port:

    Starting Nmap 7.70 ( https://nmap.org ) at 2021-09-09 14:47 CEST
    Nmap scan report for switch2.domain.local (10.10.10.10)
    Host is up (0.0010s latency).
    
    PORT    STATE SERVICE    VERSION
    443/tcp open  ssl/https?
    
    Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up) scanned in 17.95 seconds

     

    sslyze shows that it cannot connect:

     CHECKING HOST(S) AVAILABILITY
     -----------------------------
    
       switch2.domain.local:443                       => ERROR: Probing failed: could not find a TLS version and cipher suite supported by the server; discarding scan.
    
    
    
    
     SCAN COMPLETED IN 0.13 S
     ------------------------

     



  • 4.  RE: HPE FlexFabric 5700 - Disabling SSL ciphers

    Posted Sep 09, 2021 01:28 PM

    It seems that when the SSL policy is applied the server rejects the connection because it can't find anything compatible among ciphers advertised by your browser or testing tools in their 'Client Hello' message. But I highly doubt it is the real cause. It is more like the server incorrectly processes the SSL policy, since rsa_aes_128_cbc_sha is in the policy and it's known to be acceptable cipher.

    Not sure if it has anything to do with your issue, but I have just found that 5700 does not officially support Web GUI. And while 'ip http' and 'ip https' commands are still in the CLI, they are not mentioned in the Command Reference Guides for this platform and HPE doesn't guarantee they will work. To me your configuration seems absolutely correct, so my guess is that SSL policy support doesn't work for the Web GUI server (ip https), but works only for FTPS and portal Web server. At least according the 5700's guides these two are the only features that support SSL server-policy.



  • 5.  RE: HPE FlexFabric 5700 - Disabling SSL ciphers

    Posted Sep 10, 2021 02:36 AM

    I can't find mention of "ip http" or "ip https" in any of the guides for the 5700 at https://support.hpe.com/connect/s/product?language=en_US&ismnp=1&l5oid=7268889&kmpmoid=1008635527&productNumber=JG896A&cep=on#t=All.

    That would mean the web interface was never supported on 5700 series switches? Weird.

    So that would mean that the only way to disable ciphers on the web server on a 5700 series switch is to either disable the web server or enable FIPS mode.

    Assuming that the web server would even work after enabling FIPS mode as the web server is not officially supported on an 5700 serie switch as it is not mentioned in any manual for the 5700.



  • 6.  RE: HPE FlexFabric 5700 - Disabling SSL ciphers

    Posted Sep 10, 2021 05:20 AM

    Hmm, the story about Web GUI in 5700 series is slightly more complicated. As far as I remember it was something like a feature implemented for testing in initial releases, like a beta or even alpha-grade feature, but then HPE decided to drop it and limit Web GUI to 19xx and 51xx series switches. In fact it was never working 100%. Those commands remained in CLI for unknown reason, maybe there were plans to re-consider Web GUI implementation, so devs just left them in the code...