From e2eb41e8117abefa7ff7d1c8e937e197f22bbb39 Mon Sep 17 00:00:00 2001
From: Simon Rozman <simon@rozman.si>
Date: Wed, 5 Feb 2020 14:49:53 +0100
Subject: [PATCH] credentials_tls: Use WinCrypt to get client certificate name

Signed-off-by: Simon Rozman <simon@rozman.si>
---
 lib/TLS/src/Credentials.cpp | 39 +++----------------------------------
 1 file changed, 3 insertions(+), 36 deletions(-)

diff --git a/lib/TLS/src/Credentials.cpp b/lib/TLS/src/Credentials.cpp
index 0d9cc2b..f83a93f 100644
--- a/lib/TLS/src/Credentials.cpp
+++ b/lib/TLS/src/Credentials.cpp
@@ -256,42 +256,9 @@ std::wstring eap::credentials_tls::get_identity() const
     if (!m_identity.empty()) {
         return m_identity;
     } else if (m_cert) {
-        for (DWORD idx_ext = 0; idx_ext < m_cert->pCertInfo->cExtension; idx_ext++) {
-            unique_ptr<CERT_ALT_NAME_INFO, LocalFree_delete<CERT_ALT_NAME_INFO> > san_info;
-            if (strcmp(m_cert->pCertInfo->rgExtension[idx_ext].pszObjId, szOID_SUBJECT_ALT_NAME2) == 0) {
-                unsigned char *output = NULL;
-                DWORD size_output = 0;
-                if (!CryptDecodeObjectEx(
-                        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-                        szOID_SUBJECT_ALT_NAME2,
-                        m_cert->pCertInfo->rgExtension[idx_ext].Value.pbData, m_cert->pCertInfo->rgExtension[idx_ext].Value.cbData,
-                        CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_ENABLE_PUNYCODE_FLAG,
-                        NULL,
-                        &output, &size_output))
-                    throw win_runtime_error(__FUNCTION__ " Error decoding subjectAltName2 certificate extension.");
-                san_info.reset((CERT_ALT_NAME_INFO*)output);
-            } else if (strcmp(m_cert->pCertInfo->rgExtension[idx_ext].pszObjId, szOID_SUBJECT_ALT_NAME) == 0) {
-                unsigned char *output = NULL;
-                DWORD size_output = 0;
-                if (!CryptDecodeObjectEx(
-                        X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
-                        szOID_SUBJECT_ALT_NAME,
-                        m_cert->pCertInfo->rgExtension[idx_ext].Value.pbData, m_cert->pCertInfo->rgExtension[idx_ext].Value.cbData,
-                        CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_ENABLE_PUNYCODE_FLAG,
-                        NULL,
-                        &output, &size_output))
-                    throw win_runtime_error(__FUNCTION__ " Error decoding subjectAltName certificate extension.");
-                san_info.reset((CERT_ALT_NAME_INFO*)output);
-            } else {
-                // Skip this extension.
-                continue;
-            }
-
-            for (DWORD idx_entry = 0; idx_entry < san_info->cAltEntry; idx_entry++) {
-                if (san_info->rgAltEntry[idx_entry].dwAltNameChoice == CERT_ALT_NAME_RFC822_NAME)
-                    return san_info->rgAltEntry[idx_entry].pwszRfc822Name;
-            }
-        }
+        wstring name;
+        CertGetNameStringW(m_cert, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, name);
+        return name;
     }
 
     return L"";