sgx_create_enclave returning 0x3002 SGX_ERROR_INVALID_ATTRIBUTE

Cipolla__Henry · ‎09-24-2018

On a fresh linux install, with the Driver, SDK, and PSW installed successfully, the LocalAttestation SampleCode fails because the call to sgx_create_enclave returns 0x3002. I added some tracing:

    printf("creating enclave 1\n");
    ret = sgx_create_enclave(ENCLAVE1_PATH, SGX_DEBUG_FLAG, &launch_token, &launch_token_updated, &e1_enclave_id, NULL);
    if (ret != SGX_SUCCESS) {
        printf("Failed. Return value is: %X\n", ret);
                return ret;
    }
    printf("Return value: %X\n", ret);

Outputs:

creating enclave 1
Failed. Return value is: 3002

I don't see this error listed as a possible error in the docs https://software.intel.com/en-us/sgx-sdk-dev-reference-sgx-create-enclave so I'm turning to the community here for help.

Thank you for your time,

-- Henry

Cipolla__Henry · ‎09-24-2018

Turns out this is fixed by zeroing out the token.

Changing this line:

sgx_launch_token_t launch_token;

To this:

sgx_launch_token_t launch_token = {0};

makes it work. :)

Scott_R_Intel · ‎09-25-2018

Hi Henry.

Thanks for replying to your own post with the solution. I noticed some of the other samples are also missing this initial zeroing too, so I will feed this back to the SGX dev team.

Regards.

Scott