new file mode 100644
@@ -0,0 +1,31 @@
+From 6eb071078e35a6a29e3a27fb91d9449b25f1bbcc Mon Sep 17 00:00:00 2001
+From: Rene Meusel <rene.meusel@rohde-schwarz.com>
+Date: Wed, 21 Sep 2022 14:00:26 +0200
+Subject: [PATCH] add Certificate_Store_In_Memory c'tor that takes a vector of
+ certs
+
+CVE: CVE-2022-43705
+Upstream-Status: Backport [https://github.com/randombit/botan/commit/5d8d9fbf75c8b814ea609161bee525d520f5cb57]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/lib/x509/certstor.h | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/lib/x509/certstor.h b/src/lib/x509/certstor.h
+index 6901589..165c414 100644
+--- a/src/lib/x509/certstor.h
++++ b/src/lib/x509/certstor.h
+@@ -95,6 +95,12 @@ class BOTAN_PUBLIC_API(2,0) Certificate_Store_In_Memory final : public Certifica
+ */
+ explicit Certificate_Store_In_Memory(const X509_Certificate& cert);
+
++ /**
++ * Adds given certificate list to the store.
++ */
++ explicit Certificate_Store_In_Memory(std::vector<std::shared_ptr<const X509_Certificate>> certs)
++ : m_certs(std::move(certs)) {}
++
+ /**
+ * Create an empty store.
+ */
new file mode 100644
@@ -0,0 +1,36 @@
+From 48947029f72e2091dfbaaa5e3576d98eb7d6c34e Mon Sep 17 00:00:00 2001
+From: Rene Meusel <rene.meusel@rohde-schwarz.com>
+Date: Tue, 20 Sep 2022 17:20:52 +0200
+Subject: [PATCH] FIX: intermediates can sign their own OCSP responses
+
+Before it was possible that intermediates signed their
+own OCSP responses. I.e a compromised intermediate
+certificate allowed the attacker to sign OCSP responses
+for this very certificate.
+
+CVE: CVE-2022-43705
+Upstream-Status: Backport [https://github.com/randombit/botan/commit/1829ef9d89614da1eacdf511356bdf98a970f5f5]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/lib/x509/x509path.cpp | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/x509/x509path.cpp b/src/lib/x509/x509path.cpp
+index b5cdc27..37de6d8 100644
+--- a/src/lib/x509/x509path.cpp
++++ b/src/lib/x509/x509path.cpp
+@@ -234,7 +234,12 @@ PKIX::check_ocsp(const std::vector<std::shared_ptr<const X509_Certificate>>& cer
+ {
+ try
+ {
+- Certificate_Status_Code ocsp_signature_status = ocsp_responses.at(i)->check_signature(trusted_certstores, cert_path);
++ // When verifying intermediate certificates we need to truncate the
++ // cert_path so that the intermediate under investigation becomes the
++ // last certificate in the chain.
++ auto ocsp_cert_path = cert_path;
++ ocsp_cert_path.erase(ocsp_cert_path.begin(), ocsp_cert_path.begin()+i);
++ Certificate_Status_Code ocsp_signature_status = ocsp_responses.at(i)->check_signature(trusted_certstores, ocsp_cert_path);
+
+ if(ocsp_signature_status == Certificate_Status_Code::OCSP_SIGNATURE_OK)
+ {
new file mode 100644
@@ -0,0 +1,106 @@
+From 3f8c9705168518c9b436c23e6d13796d683e5391 Mon Sep 17 00:00:00 2001
+From: Rene Meusel <rene.meusel@rohde-schwarz.com>
+Date: Wed, 21 Sep 2022 14:14:02 +0200
+Subject: [PATCH] FIX: missing validation of authority of delegation responder
+ cert
+
+When a responder does not sign their responses with the same CA that
+issued the certificate in question, they typically add their
+'delegation certificate' as a stapled certificate path to the response.
+So far, these delegation certificates were not checked for their
+legitimate authority to sign responses for the CA.
+
+CVE: CVE-2022-43705
+Upstream-Status: Backport [https://github.com/randombit/botan/commit/991b0159282781f2d5c06ff42a9ff00ee563e96b]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/lib/x509/ocsp.cpp | 68 ++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 67 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/x509/ocsp.cpp b/src/lib/x509/ocsp.cpp
+index 1ca8232..fc952f6 100644
+--- a/src/lib/x509/ocsp.cpp
++++ b/src/lib/x509/ocsp.cpp
+@@ -241,7 +241,6 @@ Certificate_Status_Code Response::check_signature(const std::vector<Certificate_
+ {
+ for(size_t i = 0; i < m_certs.size(); ++i)
+ {
+- // Check all CA certificates in the (assumed validated) EE cert path
+ if(!m_signer_name.empty() && m_certs[i].subject_dn() == m_signer_name)
+ {
+ signing_cert = std::make_shared<const X509_Certificate>(m_certs[i]);
+@@ -254,6 +253,73 @@ Certificate_Status_Code Response::check_signature(const std::vector<Certificate_
+ break;
+ }
+ }
++
++ // RFC 6960 4.2.2.2
++ // OCSP signing delegation SHALL be designated by the inclusion of
++ // id-kp-OCSPSigning in an extended key usage certificate extension
++ // included in the OCSP response signer's certificate. This certificate
++ // MUST be issued directly by the CA that is identified in the request.
++ //
++ // The CA SHOULD use the same issuing key to issue a delegation
++ // certificate as that used to sign the certificate being checked for
++ // revocation. Systems relying on OCSP responses MUST recognize a
++ // delegation certificate as being issued by the CA that issued the
++ // certificate in question only if the delegation certificate and the
++ // certificate being checked for revocation were signed by the same key.
++ //
++ // I.e. it is safe to assume that the certificate's issuer also signed the
++ // responder's certificate.
++ //
++ // Note: The 'SHOULD' in the second paragraph above allows for backward
++ // compatibility to RFC 2560 that is "strongly discouraged". This
++ // implementation explicitly _does not_ implement this backward
++ // compatibility.
++ if(signing_cert)
++ {
++ const auto issuer =
++ Certificate_Store_In_Memory(ee_cert_path)
++ .find_cert(signing_cert->issuer_dn(), signing_cert->authority_key_id());
++
++ // User did not provide the certificate path to verify the delegation
++ if(!issuer)
++ {
++ return Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND;
++ }
++
++ if(!issuer->is_CA_cert())
++ {
++ return Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND;
++ }
++
++ // Sub-optimal fix for a vulnerability found in Botan 2.19.2 and older.
++ //
++ // This certificate validation is incomplete. Missing checks:
++ // * validity check against the reference time
++ // * revocation status check of the responder certificate
++ // * certificate extension validations
++ // * ... potentially more
++ //
++ // A more comprehensive validation will be introduced with Botan 3.0
++ try
++ {
++ const auto issuer_pubkey = issuer->load_subject_public_key();
++ const auto sig = signing_cert->verify_signature(*issuer_pubkey);
++
++ if(sig != Certificate_Status_Code::VERIFIED)
++ {
++ return Certificate_Status_Code::OCSP_SIGNATURE_ERROR;
++ }
++
++ if(!signing_cert->has_ex_constraint(OID::from_string("PKIX.OCSPSigning")))
++ {
++ return Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE;
++ }
++ }
++ catch(const Exception& ex)
++ {
++ return Certificate_Status_Code::OCSP_SIGNATURE_ERROR;
++ }
++ }
+ }
+
+ if(!signing_cert)
new file mode 100644
@@ -0,0 +1,28 @@
+From 18e7dc2e81429e1ac4e69cbe0b530bf707d38d94 Mon Sep 17 00:00:00 2001
+From: Rene Meusel <rene.meusel@rohde-schwarz.com>
+Date: Thu, 3 Nov 2022 09:27:20 +0100
+Subject: [PATCH] review comments
+
+CVE: CVE-2022-43705
+Upstream-Status: Backport [https://github.com/randombit/botan/commit/a33689613127f319c0047fb96f092de16e7cb350]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/lib/x509/x509path.cpp | 3 +--
+ src/tests/test_x509_path.cpp | 12 +++++-------
+ 2 files changed, 6 insertions(+), 9 deletions(-)
+
+diff --git a/src/lib/x509/x509path.cpp b/src/lib/x509/x509path.cpp
+index 37de6d8..6f3159a 100644
+--- a/src/lib/x509/x509path.cpp
++++ b/src/lib/x509/x509path.cpp
+@@ -237,8 +237,7 @@ PKIX::check_ocsp(const std::vector<std::shared_ptr<const X509_Certificate>>& cer
+ // When verifying intermediate certificates we need to truncate the
+ // cert_path so that the intermediate under investigation becomes the
+ // last certificate in the chain.
+- auto ocsp_cert_path = cert_path;
+- ocsp_cert_path.erase(ocsp_cert_path.begin(), ocsp_cert_path.begin()+i);
++ std::vector<std::shared_ptr<const X509_Certificate>> ocsp_cert_path(cert_path.begin() + i, cert_path.end());
+ Certificate_Status_Code ocsp_signature_status = ocsp_responses.at(i)->check_signature(trusted_certstores, ocsp_cert_path);
+
+ if(ocsp_signature_status == Certificate_Status_Code::OCSP_SIGNATURE_OK)
@@ -4,7 +4,12 @@ LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://license.txt;md5=f4ce98476c07c34e1793daa036960fad"
SECTION = "libs"
-SRC_URI = "https://botan.randombit.net/releases/Botan-${PV}.tar.xz"
+SRC_URI = "https://botan.randombit.net/releases/Botan-${PV}.tar.xz \
+ file://0001-add-Certificate_Store_In_Memory-c-tor-that-takes-a-v.patch \
+ file://0002-FIX-intermediates-can-sign-their-own-OCSP-responses.patch \
+ file://0003-FIX-missing-validation-of-authority-of-delegation-re.patch \
+ file://0004-review-comments.patch \
+ "
SRC_URI[sha256sum] = "e26e00cfefda64082afdd540d3c537924f645d6a674afed2cd171005deff5560"
S = "${WORKDIR}/Botan-${PV}"
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-43705 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- ...Store_In_Memory-c-tor-that-takes-a-v.patch | 31 +++++ ...es-can-sign-their-own-OCSP-responses.patch | 36 ++++++ ...dation-of-authority-of-delegation-re.patch | 106 ++++++++++++++++++ .../botan/botan/0004-review-comments.patch | 28 +++++ meta-oe/recipes-crypto/botan/botan_2.19.1.bb | 7 +- 5 files changed, 207 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-crypto/botan/botan/0001-add-Certificate_Store_In_Memory-c-tor-that-takes-a-v.patch create mode 100644 meta-oe/recipes-crypto/botan/botan/0002-FIX-intermediates-can-sign-their-own-OCSP-responses.patch create mode 100644 meta-oe/recipes-crypto/botan/botan/0003-FIX-missing-validation-of-authority-of-delegation-re.patch create mode 100644 meta-oe/recipes-crypto/botan/botan/0004-review-comments.patch