remove smime

Signed-off-by: zime <anon@mail.com>
zimedev · Nov 13, 2024 · 24956be · 24956be
1 parent e8fb5b8
commit 24956be
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 34 deletions.
diff --git a/certipy/commands/parsers/req.py b/certipy/commands/parsers/req.py
@@ -76,11 +76,6 @@ def add_subparser(subparsers: argparse._SubParsersAction) -> Tuple[str, Callable
         metavar="Application Policy",
         help="Specify application policies for the certificate request using OIDs (e.g., '1.3.6.1.4.1.311.10.3.4' or 'Client Authentication')"
     )
-    group.add_argument(
-        "-smime",
-        action="store",
-        help="Specify SMIME Extension that gets added to CSR eg: des, rc4, 3des, aes128, aes192, aes256",
-    )
     group = subparser.add_argument_group("output options")
     group.add_argument("-out", action="store", metavar="output file name")
 

diff --git a/certipy/commands/req.py b/certipy/commands/req.py
@@ -734,7 +734,6 @@ def __init__(
         dynamic_endpoint: bool = False,
         debug=False,
         application_policies: List[str] = None,
-        smime: str = None,
         **kwargs
     ):
         self.target = target
@@ -752,7 +751,6 @@ def __init__(
         self.renew = renew
         self.out = out
         self.key = key
-        self.smime = smime
         self.application_policies = [
             OID_TO_STR_MAP.get(policy, policy) for policy in (application_policies or [])
         ]
@@ -888,7 +886,6 @@ def request(self) -> bool:
             key_size=self.key_size,
             subject=self.subject,
             renewal_cert=renewal_cert,
-            smime=self.smime,
             application_policies=self.application_policies
         )
         self.key = key

diff --git a/certipy/lib/certificate.py b/certipy/lib/certificate.py
@@ -53,14 +53,12 @@
 asn1x509.ExtensionId._map.update(
     {
         "1.3.6.1.4.1.311.25.2": "security_ext",
-        "1.2.840.113549.1.9.15": "smime_capability",
     }
 )
 
 asn1x509.Extension._oid_specs.update(
     {
         "security_ext": asn1x509.GeneralNames,
-        "smime_capability": asn1core.ObjectIdentifier,
     }
 )
 
@@ -76,15 +74,6 @@
 szOID_NTDS_CA_SECURITY_EXT = asn1cms.ObjectIdentifier("1.3.6.1.4.1.311.25.2")
 szOID_NTDS_OBJECTSID = asn1cms.ObjectIdentifier("1.3.6.1.4.1.311.25.2.1")
 
-# https://learn.microsoft.com/en-us/windows/win32/api/certenroll/nn-certenroll-ix509extensionsmimecapabilities
-smimedict = {
-    "des":"1.3.14.3.2.7",
-    "rc4":"1.2.840.113549.3.4",
-    "3des":"1.2.840.113549.1.9.16.3.6",
-    "aes128":"2.16.840.1.101.3.4.1.5",
-    "aes192":"2.16.840.1.101.3.4.1.25",
-    "aes256":"2.16.840.1.101.3.4.1.45",
-}
 
 class TaggedCertificationRequest(asn1core.Sequence):
     _fields = [
@@ -346,7 +335,6 @@ def create_csr(
     key_size: int = 2048,
     subject: str = None,
     renewal_cert: x509.Certificate = None,
-    smime: str = None,
     application_policies: List[str] = None,  # Application policies parameter
 ) -> Tuple[x509.CertificateSigningRequest, rsa.RSAPrivateKey]:
     if key is None:
@@ -418,20 +406,6 @@ def create_csr(
 
         cri_attributes.append(cri_attribute)
 
-    if smime:
-        # https://learn.microsoft.com/en-us/windows/win32/api/certenroll/nn-certenroll-ix509extensionsmimecapabilities
-        smime_extension = asn1x509.Extension(
-                {"extn_id": "1.2.840.113549.1.9.15", "extn_value": smimedict[smime]}
-        )
-
-        set_of_extensions = asn1csr.SetOfExtensions([[smime_extension]])
-
-        cri_attribute = asn1csr.CRIAttribute(
-            {"type": "extension_request", "values": set_of_extensions}
-        )
-
-        cri_attributes.append(cri_attribute)
-
     if alt_sid:
         if type(alt_sid) == str:
             alt_sid = alt_sid.encode()