locked
WinHttpSetOption() - "The data area passed to a system call is too small" RRS feed

  • Question

  • I have an application that uses WinHTTP.  I need to set a client certificate in order to connect to the target server.
     
    The certificate is a Go Daddy Level 2, ssl V3 certificate. It was imported into the ROOT store of the machine.  I am using WinHttpSetOption() to set the client certificate.  This works fine on 32-bit Windows 2003 Server.
     
    However, when the same setup is used on 64-bit Windows 7 Ultimate (using 64-bit version of my application), I am getting the error after this call:
     

    WinHttpSetOption(hRequest, WINHTTP_OPTION_CLIENT_CERT_CONTEXT, (LPVOID)pCertContext, sizeof(CERT_CONTEXT))
     

    Error 122: The data area passed to a system call is too small.
     

    Does anybody have any clue how to fight this?
     
    Thank you in advance.
    Tuesday, April 17, 2012 6:04 AM

Answers

  • What is the value of sizeof(CERT_CONTEXT) when you make the call to WinHTTPSetOption?

    • Marked as answer by Keiser Sose Friday, April 20, 2012 1:25 AM
    Thursday, April 19, 2012 7:31 AM

All replies

  • Hi Keiser,

    Before making the call to WinHTTPSetOption, I assume that you are making a call to crypto APIs CertFindCertifcateInStore(). Can you confirm if the cert context returned by this call is not null?

    Thanks,

    Girish

    -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    Please remember to click "Vote As Helpful" on the post if the information is useful to you ! Please remember to click “Mark as Answer” on the post that helps you to fix the issues, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Tuesday, April 17, 2012 6:25 AM
  • Yes, I do.  The certificate is successfully found in the store.   As, I said this code works on 32-bit system without problems.

    Tuesday, April 17, 2012 7:27 AM
  • It looks like mismatch while linking to the Winhttp binary. How are you linking your application with Winhttp library? Can you try using the following statement in your application code and check the result.

    #pragma comment(lib, "winhttp.lib")
    #pragma comment(lib, "Crypt32.lib")

    Thanks,

    Girish

    ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    Please remember to click "Vote As Helpful" on the post if the information is useful to you ! Please remember to click “Mark as Answer” on the post that helps you to fix the issues, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. This posting is provided "AS IS" with no warranties or guarantees and confers no rights.


    Tuesday, April 17, 2012 9:17 AM
  • I do have explicit linking to these two libraries in the linkier options.  I am developing on Win 2003.  The application heavily uses WinHTTP and worked well for a long time on both 32-bit and 64-bit platforms.  Until this task with the client certificate appeared.

    When you say "mismatch while linking to the Winhttp", what exactly do you mean?  I was using PSDK for Win 2003 R2 to complile 64-bit version.

    Thank you for you help.

    Tuesday, April 17, 2012 11:19 PM
  • Hi Kieser,

    Please provide me the WinHTTP binary version which you are trying to link against? And is it a safe assumption that you are developing on Win2K3 SP2?

    Thanks,

    Girish

    ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    Please remember to click "Vote As Helpful" on the post if the information is useful to you ! Please remember to click “Mark as Answer” on the post that helps you to fix the issues, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. This posting is provided "AS IS" with no warranties or guarantees and confers no rights.

    Wednesday, April 18, 2012 5:17 AM
  • How do I get WinHTTP binary version?  I downloaded latest PSDK 6.1 for Win 2008 and re-compiled my stuff.  I still have the same error on Win 2008 R2 Server.

    Below is the actual code that fails.

    DWORD LoadCertificate(CFREQUEST *pRequest, HINTERNET hRequest) { HCERTSTORE hMyStore ; PCCERT_CONTEXT pCertContext ; DWORD ret ; if (!*pRequest->CertStoreName) { WinHttpSetOption (hRequest, WINHTTP_OPTION_CLIENT_CERT_CONTEXT, NULL, 0) ; return 1 ; } ; if (!(hMyStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, NULL, CERT_SYSTEM_STORE_LOCAL_MACHINE|CERT_STORE_OPEN_EXISTING_FLAG|CERT_STORE_READONLY_FLAG, (LPCSTR)(pRequest->CertStoreName)))) { WinError(pRequest, 31) ; return 0 ; } ; if (!(pCertContext = CertFindCertificateInStore(hMyStore, X509_ASN_ENCODING|PKCS_7_ASN_ENCODING, 0, CERT_FIND_SUBJECT_STR, (LPVOID)(pRequest->szCertName), NULL))) { WinError(pRequest, 32) ; CertCloseStore(hMyStore, 0) ; return 0 ; } ; if (!(ret = (DWORD)WinHttpSetOption(hRequest, WINHTTP_OPTION_CLIENT_CERT_CONTEXT, (LPVOID)pCertContext, sizeof(CERT_CONTEXT)))) WinError(pRequest, 42) ; CertFreeCertificateContext(pCertContext) ; CertCloseStore(hMyStore, 0) ; return ret ; } ;


    Wednesday, April 18, 2012 6:17 AM
  • Hi Kieser,

    I attempted to do what you are trying to do through the above code snippet & the help provided here. But everything is working as it should be on my side.

    Thanks,

    Girish

    Thursday, April 19, 2012 5:04 AM
  • Well, I know it is working.  But it is not...

    Thursday, April 19, 2012 5:29 AM
  • What is the value of sizeof(CERT_CONTEXT) when you make the call to WinHTTPSetOption?

    • Marked as answer by Keiser Sose Friday, April 20, 2012 1:25 AM
    Thursday, April 19, 2012 7:31 AM
  • You are right.  This is a compiler alignment issue.  Therefore, sizeof(), I guess, was producing an incorrect result for 64bit system.

    Thank you for your help.

    Friday, April 20, 2012 1:27 AM