Temporary fix for running the sgx-ra-sample in Simulation mode
- Built and ran the sgx-ra-sample client in Simulation mode using the configure option --enable-sgx-simulation.
./configure --with-openssldir=/opt/openssl/1.1.0i --enable-sgx-simulation
make
./run-client
- Received error: sgx_create_enclave: trusted_enclave_signed.so: 0000200e
The following fix will allow the sgx-ra-sample to run in Simulation mode. This is not a permanent fix; revert the file to the original when not running in Simulation mode.
- Edit the file sgx_stub.c:
- line 176: replace libsgx_uae_service.so with libsgx_uae_service_sim.so
- line 190: replace libsgx_urts.so with libsgx_urts_sim.so
- Run:
$ source /opt/intel/sgxsdk/environment
$ make clean
$ make
$./run-client
Error 0x200e means SGX_ERROR_MODE_INCOMPATIBLE, which is caused when the target enclave 32/64-bit mode or SIM/HW mode is incompatible with the mode of the current Untrusted Runtime System (uRTS).
The sgx-ra-sample will fail attestation if run in Simulation mode.
Remote attestation fails if the Intel® Software Guard Extensions (Intel® SGX) enclave that is being attested is run in Simulation mode because the enclave does not have the Intel SGX hardware protections.