syyongx
commented
1 year ago It works when I use the old version: v0.3.2.
Closed syyongx closed 1 year ago
syyongx
commented
1 year ago It works when I use the old version: v0.3.2.
richardfan1126
commented
1 year ago Probably due to the dependency update on v0.4.0 and caused by the new checking in aws-c-io (https://github.com/awslabs/aws-c-io/blob/f7bc831dd93a15aeb01e24c4175f205016b077ae/source/posix/socket.c#L349)
I will check where this parameter is being passed from the cli
eugkoira
commented
1 year ago Should fix the issue: https://github.com/aws/aws-nitro-enclaves-sdk-c/pull/121
eugkoira
commented
1 year ago Please check the latest release: https://github.com/aws/aws-nitro-enclaves-sdk-c/releases/tag/v0.4.1
When I use kmstool_enclave_cli to decrypt message in enclave. It report error: aws_socket_endpoint can't deal with VSOCK port > UINT16_MAX connection failure\nConnection failed with error aws-c-io: AWS_IO_SOCKET_INVALID_ADDRESS, Invalid socket address.
vsock-proxy start command in parent instance as blow: vsock-proxy 8000 kms.ap-northeast-1.amazonaws.com 443
kmstool_enclave_cli decrypt command run in enclave as blow: kmstool_enclave_cli decrypt --region ap-northeast-1 --proxy-port 8000 --encryption-algorithm RSAES_OAEP_SHA_256 --ciphertext --key-id --aws-access-key-id --aws-secret-access-key
aws-nitro-enclaves-sdk-c version: v0.4.0