This enumeration type defines return codes for Open Enclave functions.
Enumerator |
---|
OE_OK | The function was successful.
|
OE_FAILURE | The function failed (without a more specific error code).
|
OE_BUFFER_TOO_SMALL | One or more output buffer function parameters is too small.
|
OE_INVALID_PARAMETER | One or more input function parameters is invalid.
Either the value of an input parameter is invalid or a required input parameter pointer is null.
|
OE_REENTRANT_ECALL | The host attempted to perform a reentrant ECALL.
This occurs when an OCALL function attempts to perform an ECALL.
|
OE_OUT_OF_MEMORY | The function is out of memory.
This usually occurs when malloc or a related function returns null.
|
OE_OUT_OF_THREADS | The function is unable to bind the current host thread to an enclave thread.
This occurs when the host performs an ECALL while all enclave threads are in use.
|
OE_UNEXPECTED | The function encountered an unexpected failure.
|
OE_VERIFY_FAILED | A cryptographic verification failed.
Examples include:
- enclave quote verification
- public key signature verification
- certificate chain verification
|
OE_NOT_FOUND | The function failed to find a resource.
Examples of resources include files, directories, and functions (ECALL/OCALL), container elements.
|
OE_INTEGER_OVERFLOW | The function encountered an overflow in an integer operation, which can occur in arithmetic operations and cast operations.
|
OE_PUBLIC_KEY_NOT_FOUND | The certificate does not contain a public key.
|
OE_OUT_OF_BOUNDS | An integer index is outside the expected range.
For example, an array index is greater than or equal to the array size.
|
OE_OVERLAPPED_COPY | The function prevented an attempt to perform an overlapped copy, where the source and destination buffers are overlapping.
|
OE_CONSTRAINT_FAILED | The function detected a constraint failure.
A constraint restricts the the value of a field, parameter, or variable. For example, the value of day_of_the_week must be between 1 and 7 inclusive.
|
OE_IOCTL_FAILED | An IOCTL operation failed.
Open Enclave uses IOCTL operations to communicate with the Intel SGX driver.
|
OE_UNSUPPORTED | The given operation is unsupported, usually by a particular platform or environment.
|
OE_READ_FAILED | The function failed to read data from a device (such as a socket, or file).
|
OE_SERVICE_UNAVAILABLE | A software service is unavailable (such as the AESM service).
|
OE_ENCLAVE_ABORTING | The operation cannot be completed because the enclave is aborting.
|
OE_ENCLAVE_ABORTED | The operation cannot be completed because the enclave has already aborted.
|
OE_PLATFORM_ERROR | The underlying platform or hardware returned an error.
For example, an SGX user-mode instruction failed.
|
OE_INVALID_CPUSVN | The given CPUSVN value is invalid.
An SGX user-mode instruction may return this error.
|
OE_INVALID_ISVSVN | The given ISVSNV value is invalid.
An SGX user-mode instruction may return this error.
|
OE_INVALID_KEYNAME | The given key name is invalid.
An SGX user-mode instruction may return this error.
|
OE_DEBUG_DOWNGRADE | Attempted to create a debug enclave with an enclave image that does not allow it.
|
OE_REPORT_PARSE_ERROR | Failed to parse an enclave report.
|
OE_MISSING_CERTIFICATE_CHAIN | The certificate chain is not available or missing.
|
OE_BUSY | An operation cannot be performed beause the resource is busy.
For example, a non-recursive mutex cannot be locked because it is already locked.
|
OE_NOT_OWNER | An operation cannot be performed because the requestor is not the owner of the resource.
For example, a thread cannot lock a mutex because it is not the thread that acquired the mutex.
|
OE_INVALID_SGX_CERTIFICATE_EXTENSIONS | The certificate does not contain the expected SGX extensions.
|
OE_MEMORY_LEAK | A memory leak was detected during enclave termination.
|
OE_BAD_ALIGNMENT | The data is improperly aligned for the given operation.
This may occur when an output buffer parameter is not suitably aligned for the data it will receive.
|
OE_JSON_INFO_PARSE_ERROR | Failed to parse the trusted computing base (TCB) revocation data or the QE Identity data for the enclave.
|
OE_TCB_LEVEL_INVALID | The level of the trusted computing base (TCB) is not up to date for report verification.
|
OE_QUOTE_PROVIDER_LOAD_ERROR | Failed to load the quote provider library used for quote generation and attestation.
|
OE_QUOTE_PROVIDER_CALL_ERROR | A call to the quote provider failed.
|
OE_INVALID_REVOCATION_INFO | The certificate revocation data for attesting the trusted computing base (TCB) is invalid for this enclave.
|
OE_INVALID_UTC_DATE_TIME | The given UTC date-time string or structure is invalid.
This occurs when (1) an element is out of range (year, month, day, hours, minutes, seconds), or (2) the UTC date-time string is malformed.
|
OE_INVALID_QE_IDENTITY_INFO | The QE identity data is invalid.
|
OE_INVALID_ENDORSEMENT | The quote verification collateral is invalid.
|
OE_UNSUPPORTED_ENCLAVE_IMAGE | The enclave image contains unsupported constructs.
|
OE_VERIFY_CRL_EXPIRED | The CRL for a certificate has expired.
|
OE_VERIFY_CRL_MISSING | The CRL for a certificate could not be found.
|
OE_VERIFY_REVOKED | The certificate or signature has been revoked.
|
OE_VERIFY_FAILED_TO_FIND_VALIDITY_PERIOD | Could not find a valid validity period.
|
OE_CRYPTO_ERROR | An underlying crypto provider returned an error.
|
OE_INCORRECT_REPORT_SIZE | OE report size does not match the expected size.
|
OE_QUOTE_VERIFICATION_ERROR | Quote verification error.
|
OE_QUOTE_ENCLAVE_IDENTITY_VERIFICATION_FAILED | Quote enclave identity verification failed.
|
OE_QUOTE_ENCLAVE_IDENTITY_UNIQUEID_MISMATCH | Unique id of the quoting enclave does not match expected value.
|
QE_QUOTE_ENCLAVE_IDENTITY_PRODUCTID_MISMATCH | Product id of the quoting enclave does not match expected value.
|
OE_VERIFY_FAILED_AES_CMAC_MISMATCH | AES CMAC of the report does not match the expected value.
|
OE_CONTEXT_SWITCHLESS_OCALL_MISSED | Failed to post a switchless call to host workers.
|
OE_THREAD_CREATE_ERROR | Thread creation failed.
|
OE_THREAD_JOIN_ERROR | Thread join failed.
|
OE_ALREADY_EXISTS | The desired resource already exists.
|
OE_ALREADY_INITIALIZED | The desired resource has already been initialized.
|
OE_QUOTE_HASH_MISMATCH | The hash of claims section in the quote does not match the hash value held in the report_data field.
This occurs when claims are tampered.
|
OE_INVALID_SGX_SIGNING_KEY | The signing key provided cannot be used for SGX signing.
This is usually because the key is not an 3084-bit RSA key with exponent 3.
|
OE_INVALID_IMAGE | The binary image being loaded into the enclave could not be parsed.
|
OE_QUOTE_LIBRARY_LOAD_ERROR | Failed to load the quote library used for quote generation and attestation.
|
OE_SGX_QUOTE_LIBRARY_ERROR | The library API used for SGX quote generation and attestation failed.
|