Description
I am receiving following error after spawning enclave thru nitro-cli
[ec2-user@ip-172-31-17-49 ~]$ sudo nitro-cli console --enclave-id i-01efa4230f9b7762c-enc190ee0b12598fd7
[ E11 ] Socket error. This is used as an error for catching any other socket operation errors not covered by previous custom errors.
For more details, please visit https://docs.aws.amazon.com/enclaves/latest/user/cli-errors.html#E11
[ec2-user@ip-172-31-17-49 ~]$ cat /var/log/nitro_enclaves/err2024-07-26T07:57:25.646690304+00:00.log
Action: Enclave Console
Subactions:
Failed to retrieve enclave CID
Failed to connect to enclave process
Failed to connect to specific enclave process: Os { code: 2, kind: NotFound, message: "No such file or directory" }
Root error file: src/enclave_proc_comm.rs
Root error line: 134
I have a vsock-proxy running in another shell
CMK_REGION=us-east-1
sock-proxy 8000 kms.$CMK_REGION.amazonaws.com 443
I am calling below code from python process running inside enclave
proc = subprocess.Popen(
[
"/kmstool_enclave_cli",
"decrypt",
"--region", "region",
"--proxy-port", "8000",
"--aws-access-key-id", access_key_id,
"--aws-secret-access-key", secret_access_key,
"--aws-session-token", token,
"--ciphertext", ciphertext,
],
stdout=subprocess.PIPE
)
result = proc.communicate()[0].decode()
plaintext_b64 = result.split(":")[1].strip()
Any clues on what is going wrong?