InitializeEnclave function

Initializes an enclave that you created and loaded with data.

Syntax

BOOL InitializeEnclave(
  HANDLE  hProcess,
  LPVOID  lpAddress,
  LPCVOID lpEnclaveInformation,
  DWORD   dwInfoLength,
  LPDWORD lpEnclaveError
);

Parameters

hProcess

A handle to the process for which the enclave was created.

lpAddress

Any address within the enclave.

lpEnclaveInformation

A pointer to architecture-specific information to use to initialize the enclave.

For the ENCLAVE_TYPE_SGX enclave type, specify a pointer to an ENCLAVE_INIT_INFO_SGX structure.

For the ENCLAVE_TYPE_VBS enclave type, specify a pointer to an ENCLAVE_INIT_INFO_VBS structure.

dwInfoLength

The length of the structure that the lpEnclaveInformation parameter points to, in bytes. For the ENCLAVE_TYPE_SGX enclave type, this value must be 4096. For the ENCLAVE_TYPE_VBS enclave type, this value must be sizeof(ENCLAVE_INIT_INFO_VBS), which is 8 bytes.

lpEnclaveError

An optional pointer to a variable that receives an enclave error code that is architecture-specific.

For the ENCLAVE_TYPE_SGX enclave type, the lpEnclaveError parameter contains the error that the EINIT instruction generated if the function fails and .GetLastError returns ERROR_ENCLAVE_FAILURE.

For the ENCLAVE_TYPE_VBS enclave type, the lpEnclaveError parameter is not used.

Return Value

If the function succeeds, the return value is nonzero. If the function fails, the return value is zero. To get extended error information, call GetLastError.

For a list of common error codes, see System Error Codes. The following error codes also apply for this function.

Return code Description
ERROR_ENCLAVE_FAILURE
An failure specific to the underlying enclave architecture occurred. The value for the lpEnclaveError parameter contains the architecture-specific error.

For the ENCLAVE_TYPE_SGX enclave type, the EINIT instruction that the ENCLAVE_INIT_INFO_SGX structure specified generated an error. The value of the lpEnclaveError parameter contains the error that the instruction generated.

ERROR_BAD_LENGTH
The value of the dwInfoLength parameter did not match the value expected based on the value specified for the lpEnclaveInformation parameter.
ERROR_RETRY
The processor was not able to initialize the enclave in a timely fashion. Try to initialize the enclave again.

Remarks

To create an enclave, use the CreateEnclave function. To load data into the enclave before you initialize it, use the LoadEnclaveData function.

Windows 10, version 1709:  To delete the enclave when you finish using it, call DeleteEnclave. You cannot delete a VBS enclave by calling the VirtualFree or VirtualFreeEx function. You can still delete an SGX enclave by calling VirtualFree or VirtualFreeEx.

Windows 10, version 1507, Windows 10, version 1511, Windows 10, version 1607 and Windows 10, version 1703:  To delete the enclave when you finish using it, call the VirtualFree or VirtualFreeEx function and specify the following values:

  • The base address of the enclave for the lpAddress parameter.
  • 0 for the dwSize parameter.
  • MEM_RELEASE for the dwFreeType parameter. The MEM_DECOMMIT value is not supported for enclaves.

Requirements

   
Minimum supported client Windows 10 [desktop apps | UWP apps]
Minimum supported server Windows Server 2016 [desktop apps | UWP apps]
Target Platform Windows
Header enclaveapi.h (include Winbase.h)
Library Kernel32.lib
DLL Api-ms-win-core-enclave-l1-1-0.dll; Kernel32.dll; KernelBase.dll

See Also

CreateEnclave

ENCLAVE_INIT_INFO_SGX

LoadEnclaveData

VirtualFree

VirtualFreeEx