Connect2id server 11.6.6 security update

This release of the Connect2id server backports the security patch to address the most recent Log4j CVE-2021-45046, which was announced yesterday and is closely related to the original Log4shell vulnerability from last week.

Several other updates under the hood are also included. As with the 12.5.2 update, this one for 11.x is critical and highly recommended.

Download

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 11.6.6: Connect2id-server.zip

SHA-256: 5abd1efa691a059e380f8a6f712f9e09220c3f78b7aa308d8bfd927f1446ab77

Connect2id server 11.6.6 WAR package: c2id.war

SHA-256: a9ef91aa5f9e71081377d1b815042c086bdd38e1bbc3d974f6ec0f9ee1cb0232

Multi-tenant edition

Apache Tomcat package with Connect2id server 11.6.6: Connect2id-server-mt.zip

SHA-256: b24d9c1bab76ee6bcce26e7fb019d14df8104318cad4a6b40a7facc273049a75

Connect2id server 11.6.6 WAR package: c2id-multi-tenant.war

SHA-256: eb642f6d8f6d44a68750ff12ab2c4178539de09506eab3ecca146a99f5a2cdd4

Questions?

Contact Connect2id support.


Release notes

11.6.6 (2021-12-15)

Resolved issues

  • Updates Log4j to 2.16.0 to address a critical vulnerability described in CVE-2021-45046, see https://cve.mitre.org/cgi-bin/cvename.cgi? name=CVE-2021-45046 (issue server/708).

Dependency changes

  • Updates Log4j to 2.16.0

  • Updates to com.google.code.gson:gson:2.8.9

  • Updates BouncyCastle to 1.70.

  • Updates to com.unboundid:unboundid-ldapsdk:6.0.3

Connect2id server 11.6.5 security update

Yesterday's security update of the Connect2id server to address the critical CVE-2021-44228 vulnerability gets backported to the latest 11.x.

Use this update if you are still using a 11.x version.

The security announcement yesterday also has information how to close the vulnerability in Log4j by setting a Java system property.

Note, the open source Nimbus JOSE+JWT library and the OAuth 2.0 / OpenID Connect SDK are not impacted by CVE-2021-44228 as they don't perform internal logging (subject to policy).

Download

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 11.6.5: Connect2id-server.zip

SHA-256: de801b7ca3d6ed8a0b0e0b15dcbe4bbf36a4c54449fbc62920b389b5746dd77a

Connect2id server 11.6.5 WAR package: c2id.war

SHA-256: 79d26111d1690d533f3bd2d336e71db5bc2760ae977f69522b43009905539dfa

Multi-tenant edition

Apache Tomcat package with Connect2id server 11.6.5: Connect2id-server-mt.zip

SHA-256: 47a9c644a3c375107a73b444942a8add038ce721b26f978da3000f6254b2f91e

Connect2id server 11.6.5 WAR package: c2id-multi-tenant.war

SHA-256: eb642f6d8f6d44a68750ff12ab2c4178539de09506eab3ecca146a99f5a2cdd4

Questions?

Contact Connect2id support.


Release notes

11.6.5 (2021-12-11)

Resolved issues

  • Updates Log4j to 12.5.0 to address a critical vulnerability described in CVE 2021-44228, see https://cve.mitre.org/cgi-bin/cvename.cgi? name=CVE-2021-44228 (issue server/707).

Connect2id server 12.5.1 security update addressing Log4j CVE-2021-44228 (Log4Shell)

This release of the Connect2id server addresses the critical CVE-2021-44228 vulnerability announced today in the open source Log4j library which is used to handle logging, by updating Log4j to the fixed 2.15.0 version.

As explained today in the initial security notification email, all Connect2id server v12.x through v7.x deployments can prevent the vulnerability by simply setting the following Java system property:

log4j2.formatMsgNoLookups=true

The setting of Java system properties is deployment specific. The various methods to do that, depending on whether you are using a container environment or some other deployment type, are explained in this guide.

Upgrading to 12.5.1 release is still recommended.

Next week we hope to have the results of an assessment whether the Connect2id server could have potentially been vulnerable due to this bug, which existed in Log4j for several years.

Note, the open source Nimbus JOSE+JWT library and the OAuth 2.0 / OpenID Connect SDK are not impacted by CVE-2021-44228 as they don't perform internal logging (subject to policy).

This release also include several other small updates which were initially planned for 12.6 later this month.

Download

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 12.5.1: Connect2id-server.zip

SHA-256: 60b4c8a439bf2cf95962c16bc74db2d0d1effa6f7877b68fc37a2453fd26d937

Connect2id server 12.5.1 WAR package: c2id.war

SHA-256: 009f6b0c4aadcb795812938f9a7c419b51587dda4df1610472766be26d8b65d2

Multi-tenant edition

Apache Tomcat package with Connect2id server 12.5.1: Connect2id-server-mt.zip

SHA-256: 11ebce9d315ac978da30521d4ac537bcf9baf173a06d4e88f0b1fdbbda01d398

Connect2id server 12.5.1 WAR package: c2id-multi-tenant.war

SHA-256: 39f0327a8c769dc4d157ca7d2b4cdab4d8b968bd53557e2a365188b01428427a

Questions?

Contact Connect2id support.


Release notes

12.5.1 (2021-12-10)

Resolved issues

  • Updates Log4j to 12.5.0 to address a critical vulnerability described in CVE 2021-44228, see https://cve.mitre.org/cgi-bin/cvename.cgi? name=CVE-2021-44228 (issue server/707).

  • Logs a WARN instead of INFO for OP5114 when the op.reg.allowLocalhostRedirectionURIsForTest configuration property is enabled (issue server/702).

  • Increases the default HTTP claims source op.httpClaimsSource.connectTimeout and op.httpClaimsSource.readTimeout values from 250ms to 1000ms to prevent timeouts on slow HTTP connections or slow claims sources (issue server/704).

  • Updates the op.httpClaimsSource.supportedClaims documentation to explain that setting the property to "*" indicates support for all claims supported by the OpenID provider without explicitly listing them (issue server/703).

Dependency changes

  • Updates Log4j to 12.5.0

  • Updates to com.nimbusds:oidc-claims-source-http:2.2.1

Connect2id server 12.5

This release of the Connect2id server for OAuth 2.0 and OpenID Connect brings several API and configuration updates.

Front-channel logout with custom URI schemes

OpenID Connect Front-Channel Logout 1.0 is a minimal protocol that lets an OpenID relying party register a callback to receive a notification when a user logs out.

The logout spec is geared towards web applications, however it can also potentially be used with native (mobile) applications. Starting with this release clients can also be registered with custom URI schemes (other than HTTPS), to enable an IdP / SSO server to send logout notifications into native applications that cannot handle "universal" (also called claimed) HTTPS URLs.

Note, universal links have the advantage of providing a stronger guarantee of the application's identity because they require the OS to validate the application's web domain certificate.

Example registration setting login and logout callbacks for a native client with custom URIs:

POST /clients HTTP/1.1
Host: c2id.com
Content-Type: application/json
Authorization: Bearer ztucZS1ZyFKgh0tUEruUtiSTXhnexmd6

{
  "application_type"                     : "native",
  "redirect_uris"                        : [ "org.example.myapp:login-callback" ],
  "frontchannel_logout_uri"              : "org.example.myapp:logout-callback",
  "frontchannel_logout_session_required" : true,
  "token_endpoint_auth_method"           : "none"
}

Example notification, where the iss parameter identifies the OpenID provider, and the sid identifies the session which was established when the user was signed into the application:

org.example.myapp:logout-callback?iss=https://c2id.com&sid=Ohgah5ukieso0ohB

Localhost redirection URLs for web client testing

A new op.reg.allowLocalhostRedirectionURIsForTest configuration property is added to allow registration of HTTP and HTTPS localhost redirection URIs for the purpose of testing and developing OAuth 2.0 web application clients.

The client registration standard prohibits web clients (application_type=web) from registering localhost redirection URIs. If you are developing a web application and want to test it as an OAuth client on your localhost one way to work around that (requires administrative OS control) is to define a host alias for the loopback interface, and then provision the host with a self-signed web server certificate (check our guide for that).

With this new setting a web client can be tested in a localhost environment without resorting to an alias workaround.

op.reg.allowLocalhostRedirectionURIsForTest=true

Example registration:

POST /clients HTTP/1.1
Host: c2id.com
Content-Type: application/json
Authorization: Bearer ztucZS1ZyFKgh0tUEruUtiSTXhnexmd6

{
  "redirect_uris" : [ "http://localhost:8008/login-callback" ]
}

Remember, this setting must not be used in production!

Opting out of access token encryption with pairwise subjects

The consent object in the authorisation session API was updated to allow deployments to opt out of the access token encryption (for self-contained tokens that are JWTs) when the OpenID relying party is registered for pairwise subject identifiers and the token subject is also set to be pairwise.

Example consent:

{
  "scope"        : [ "read", "write" ],
  "audience"     : [ "https://api.example.com" ],
  "access_token" : { "encrypt"  : false,
                     "sub_type" : "PAIRWISE" }
}

Check out the release notes below for a detailed explanation of API change and the reasoning behind the default encryption policy.

Download

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 12.5: Connect2id-server.zip

SHA-256: 9fbb8be83389372ff22d0c303b282b84ce55261af506f0cb28eee45b521366a1

Connect2id server 12.5 WAR package: c2id.war

SHA-256: d98eb7c092df4535933188aea49681b5a93e7d95054379b4974d248d3e93509a

Multi-tenant edition

Apache Tomcat package with Connect2id server 12.5: Connect2id-server-mt.zip

SHA-256: c63f009a3856c8ec8cc2703a88fb808207eeea2811006aa6469dd9956901e57e

Connect2id server 12.5 WAR package: c2id-multi-tenant.war

SHA-256: 65f406e4cd04313da28eded526af2ffaf26c4f5c3d8a67621ca32dd05f42591c

Questions?

Contact Connect2id support.


Release notes

12.5 (2021-11-29)

Configuration

  • /WEB-INF/oidcProvider.properties

    • op.reg.allowLocalhostRedirectionURIsForTest -- New configuration property to allow registration of HTTP and HTTPS localhost redirection URIs for the purpose of testing and developing OAuth 2.0 web application clients. The default value is false (not allowed). Must not be used in production!

Web API

  • /clients

    • Allows registration of a frontchannel_logout_uri with a custom URI scheme. Intended to support front-channel logout notifications to mobile applications (application_type=native) with a custom URI scheme. Previously only https URLs were allowed. The http URL scheme remains disallowed.
  • /authz-sessions/rest/v3/

    • Consent: The API is updated to support opting out of the additional encryption of self-contained (JWT-encoded) access tokens which the Connect2id server will apply when the OpenID relying party is registered for pairwise subjects (with subject_type=pairwise) and the access token subject is also set for a pairwise identifier (with access_token.sub_type=PAIRWISE). The default behaviour of the Connect2id server is to always apply encryption to the JWT-encoded access tokens when the OpenID relying party is registered for pairwise subjects, in order to prevent exposing of information about the underlying subject ID which would happen if the self-contained access token was only signed. When the token subject is made pairwise there is still a theoretical possibility for the OpenID relying party to perform some correlation between the end-users, by observing the variations of the pairwise identifier across multiple token audiences (resource servers), hence the strict default Connect2id policy to also encrypt access tokens with a pairwise subject. To opt out of the default encryption use access_token.encrypt=false in the consent object.
  • /direct-authz/rest/v2/

    • Direct authorisation request: The API is updated to support opting out of the additional encryption of self-contained (JWT-encoded) access tokens which the Connect2id server will apply when the OpenID relying party is registered for pairwise subjects (with subject_type=pairwise) and the access token subject is also set for a pairwise identifier (with access_token.sub_type=PAIRWISE). See the explanation about the related authorisation session web API change. To opt out of the default encryption use access_token.encrypt=false in the consent object.

SPI

  • Upgrades the Connect2id server SDK to com.nimbusds:c2id-server-sdk:4.39

    • com.nimbusds.openid.connect.provider.spi.grants.AccessTokenSpec

      • Refactors the class for Optional self-contained access token preference.

Resolved issues

  • Includes the JWK kid and crv (for EC keys) in the OP0102 log error message to ease key identification when a server JWK fails the signing JWK validation on startup (issue server/696).

Dependency changes

  • Upgrades to com.nimbusds:c2id-server-sdk:4.39

  • Updates to com.nimbusds:oauth2-oidc-sdk:9.20

  • Updates to com.nimbusds:c2id-server-jwkset:1.26

Connect2id server 12.4: Support for ES256K, RSA-OAEP-384, RSA-OAEP-512 and XC20P

The October release of the Connect2id server makes new cryptographic capabilities available to our customers.

  • The ES256K JWS algorithm, based on the secp256k1 elliptic curve, which found popularity in Ethereum and Bitcoin, can now be used to sign tokens issued by the Connect2id server as well as request objects (JARs) sent by OAuth 2.0 clients. Clients can also use ES256K to authenticate with the private_key_jwt method at the token endpoint.

    Note that the JWK set generator tool for the Connect2id server was updated to be able to generate EC keys with the secp256k1 curve necessary for ES256K signatures.

  • The EdDSA JWS algorithm (with Ed25519 curve), introduced in Connect2id server 9.4 to boost the signing throughput of JWT-encoded access tokens (by a factor of 62!), can now also be applied to sign ID tokens, UserInfo JWTs and authorisation responses (JARM).

  • The RSA-OAEP-256 JWE algorithm for encrypting to a public RSA key is now complemented by the RSA-OAEP-384 and RSA-OAEP-512 algorithms which use SHA-384 resp SHA-512. They can be used in all places where a JWE algorithm for public key encryption is expected.

  • XC20P is a JWE content encryption method with extended nonce ChaCha20 / Poly1305. With 256 bit symmetric encryption strength it represents an alternative to the existing AES-based algorithms for JWE - A256CBC-HS512 and A256GCM. ChaCha20 allows for efficient implementation in software and applications on constrained devices that lack dedicated CPU instructions for AES may achieve performance and power saving advantages by switching to XC20P.

A complete list of the JWS and JWE algorithms the Connect2id server currently supports is available in the datasheet.

Here is an example OpenID relying party registration to receive ID tokens and UserInfo responses signed with EdDSA. The client registration guide has more examples.

POST /clients HTTP/1.1
Host: demo.c2id.com
Authorization: Bearer ztucZS1ZyFKgh0tUEruUtiSTXhnexmd6
Content-Type: application/json

{
  "redirect_uris"                : [ "https://client.example.org/callback" ],
  "id_token_signed_response_alg" : "EdDSA",
  "userinfo_signed_response_alg" : "EdDSA"
}

The new JWS and JWE algorithms are already implemented in the open source Nimbus JOSE+JWT library for Java. There are helpful examples how to deal with those algorithms on the client side:

Download

Standard Connect2id server edition

Apache Tomcat package with Connect2id server 12.4: Connect2id-server.zip

SHA-256: f4f7088808e660b30c74ba2050aa2965698b8d8a27e4d2bf84d44cff4b956ded

Connect2id server 12.4 WAR package: c2id.war

SHA-256: 7996fbd1b19dd15b1dfc44113676cd80915d0c77e90d0f66f06598828cb04b03

Multi-tenant edition

Apache Tomcat package with Connect2id server 12.4: Connect2id-server-mt.zip

SHA-256: d3c18c0144ae60b5c9ff71014511995797cf096aeb98c0aa91328f5dfe88e541

Connect2id server 12.4 WAR package: c2id-multi-tenant.war

SHA-256: 52c12ab1a5d9f6969d5d92e2567a2ce4e8b48201cbb7af87e174d137fa80970e

Questions?

Contact Connect2id support.


Release notes

12.4 (2021-10-27)

Summary

  • Expands the cryptographic capabilities of the Connect2id server with the ES256K algorithm for JWS, RSA-OAEP-384 and RSA-OAEP-512 for JWE and XC20P (extended nonce ChaCha20 / Poly1305) as JWE encryption method. The ES256K and EdDSA (with 25519 curve) JWS algorithms can now be used to sign ID tokens, UserInfo responses and authorisation responses (JARM). JWT-encoded access tokens can now be signed with the ES256, ES256K, ES384 and ES512 JWS algorithms.

    Specifications:

    • ES256K: https://datatracker.ietf.org/doc/html/rfc8812#section-3.1
    • RSA-OAEP-384 and RSA-OAEP-512: https://www.w3.org/TR/WebCryptoAPI/
    • XC20P: https://datatracker.ietf. org/doc/html/draft-amringer-jose-chacha-02#section-4.1

Configuration

  • /WEB-INF/jwkSet.json

    • Adds support for including an optional signing JSON Web Key (JWK) of type (kty) EC and with curve (crv) secp256k1 for performing signatures with the ES256K JWS algorithm.
  • /WEB-INF/oidcProvider.properties

    • op.token.authJWSAlgs -- Adds token endpoint private_key_jwt client authentication support for the ES256K JWS algorithm.

    • op.authz.requestJWSAlgs -- Adds request object / JAR support for the ES256K JWS algorithm.

    • op.authz.requestJWEAlgs -- Adds request object / JAR support for the RSA-OAEP-384 and RSA-OAEP-512 JWE algorithms.

    • op.authz.requestJWEEncs -- Adds request object / JAR support for the XC20P (extended nonce ChaCha20 / Poly1305) JWE encryption method .

    • op.authz.responseJWSAlgs -- Adds JARM support for the ES256K and EdDSA (with 25519 curve) JWS algorithms.

    • op.authz.responseJWEAlgs -- Adds JARM support for the RSA-OAEP-384 and RSA-OAEP-512 JWE algorithms.

    • op.authz.responseJWEEncs -- Adds JARM support for the XC20P (extended nonce ChaCha20 / Poly1305) JWE encryption method.

    • op.idToken.jwsAlgs -- Adds ID token support for the ES256K and EdDSA (with 25519 curve) JWS algorithms.

    • op.idToken.jweAlgs-- Adds ID token support for the RSA-OAEP-384 and RSA-OAEP-512 JWE algorithms.

    • op.idToken.jweEncs -- Adds ID token support for the XC20P (extended nonce ChaCha20 / Poly1305) JWE encryption method.

    • op.userinfo.jwsAlgs -- Adds UserInfo JWT response support for the ES256K and EdDSA (with 25519 curve) JWS algorithms.

    • op.userinfo.jweAlgs -- Adds UserInfo JWT response support for the RSA-OAEP-384 and RSA-OAEP-512 JWE algorithms.

    • op.userinfo.jweEncs -- Adds UserInfo JWT response support for the XC20P (extended nonce ChaCha20 / Poly1305) JWE encryption method.

  • /WEB-INF/authzStore.properties

    • authzStore.accessToken.jwsAlgorithm -- Adds support for signing self-contained (JWT) access tokens with the ES256, ES256K, ES384 and ES512 JWS algorithms.

    • authzStore.accessToken.jweMethod -- Adds support for direct encryption of self-contained (JWT-encoded) access tokens with the XC20P (extended nonce ChaCha20 / Poly1305) JWE encryption method.

Resolved issues

  • Updates the HTTP claims source connector to include an "Accept: application/json" HTTP header in the outgoing requests (issue httpcs/1).

  • Updates the AS0213 log INFO message to include the type of the introspected access token (issue server/692).

  • Updates the SE3000 log INFO message to indicate when a X.509 certificate is present for a loaded server JWK (issue server/694).

Dependency changes

  • Upgrades to com.nimbusds:oauth2-oidc-sdk:9.19

  • Updates to com.nimbusds:oauth2-authz-store:17.6

  • Updates to com.nimbusds:oauth2-session-store:14.7

  • Upgrades to com.nimbusds:c2id-server-jwkset:1.24

  • Updates to com.nimbusds:nimbus-jwkset-loader:5.2

  • Updates to com.nimbusds:nimbus-jose-jwt:9.15.2

  • Updates to com.nimbusds:oidc-claims-source-http:2.2