英特尔的文档说here如果没有先前的启动令牌,则应使用全部为零的“无效”令牌。这在仿真模式下非常有效,但在硬件模式下,它会返回SGX_ERROR_INVALID_LAUNCH_TOKEN,即使这正是它所要求的。
// Initialize an "invalid" first token, as the documentation specifies (all zeros)
sgx_launch_token_t token = {0};
// Create enclave
sgx_enclave_id_t id;
int updated = 0;
const auto status = sgx_create_enclave("enclave.signed.so", SGX_DEBUG_FLAG, &token, &updated, &id, NULL);
if (status != SGX_SUCCESS) {
throw "Failed to initialize enclave. (" + get_error_message(status) + ")";
}
代码返回status = SGX_ERROR_INVALID_LAUNCH_TOKEN
Failed to initialize enclave. (The launch token is not correct.)
建筑过程中是否有任何我遗漏的东西?
答案 0 :(得分:0)
问题原因是我的应用程序使用libsgx_urts.so
中的/usr/lib
libsgx_uae_service.so
来自我的SGX SDK的安装路径/opt/intel/sgxsdk/lib64
(在我的情况下为
Simulation mode:
libsgx_urts.so => /opt/intel/sgxsdk/lib64/libsgx_urts.so
libsgx_uae_service.so => /opt/intel/sgxsdk/lib64/libsgx_uae_service.so
。)
我将链接更改为以下内容:
Hardware mode:
libsgx_urts.so => /usr/lib/libsgx_urts.so
libsgx_uae_service.so => /usr/lib/libsgx_uae_service.so
doc.text
`