That doens't show the secret. It all compiles, but calling it doesn't show the secret.

The 'Enclave_u.c' file already has a function: sgx_status_t get_secret(sgx_enclave_id_t eid, char* out)

Since the above code won't work, could this be used?

I assume that get_secret that you have here is an ECALL. You will need to provide the OCALL to return the secret back.

Is it possible that you can zip and post your complete project here?

Thanks,

Hoang

I took the code is from the SGX First App sample code, then added only your comments above. See attached ZIP file containing two .cpp files and .edl file. 

There is an error in the main app. The ECALL is used to call into the Enclave and the OCALL is used to call from the Enclave back to the app. You just need to simply replace the OCALL in your main app ( ocall_print_secret(out); ) by the ECALL function of get_secret( eid ) ;

The code fragment in your main should be like this:

 ...

if (status != SGX_SUCCESS) {fprintf(stderr, "ECALL: store_secret: 0x%08x\n", status);Exit(1);}

get_secret(eid);

status = print_hash(eid, &rv, &enclave_error);

Please give it a try and let us know.

Thanks,

Hoang

Ok, I understand ecalls and ocalls, and get_secret(eid) as above ran successfully, but still doesn't return value stored in secret[MAX_MSG_LEN] in the enclave.cpp.

I'm confused. How do we get chars to return to the calling function in SGX First App? Or any string back to the calling app, for that matter, from the enclave code?

And does 'Enclave_u.c' get built each time a recompile is done? Do we need to modify that file too?

First of all, I ran the example with the code that you provided and it displays the secret string of "password"

Here is the output that I see:

password
SHA-256 hash of your secret (including the newline) is:
5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8

Verify this hash by entering your secret in an online SHA256
calculator such as:

  http://passwordsgenerator.net/sha256-hash-generator/
  http://www.xorbin.com/tools/sha256-hash-calculator

(Don't forget to include the trailing newline!)
Press ENTER to exit...

Please update your OCALL to this and let me know whether you can see it or not

void ocall_print_secret(const char *str)
{
   printf("DEBUG: %s", str);
}

Here are the answers to your questions:

How do we get chars to return to the calling function in SGX First App? Or any string back to the calling app, for that matter, from the enclave code?

These are just standard C parameters that you can have as many as you need in your function.

And does 'Enclave_u.c' get built each time a recompile is done? Do we need to modify that file too?

Anything that is under "Generated files" folder in Visual Studio is automatically regenerated
and you should not modify them.
For example, Enclave_u.h and Enclave_u.cpp in the untrusted app
and Enclave_t.h and Enclave_t.cpp in the trusted Enclave should not be modified.

Attached is the output. There is no showing of the secret string "password".

You must have different source than I have.

Can you zip and upload the entire solution? I'd like to run it as is and look at your project settings as well. Thanks.

This issue has been resolved. The untrusted app just needs to make the ECALL as I indicated in previous posting.