Key System Functionality Supplements

This framework provides some system functions that Intel SGX does not provide.

High-precision Time Support

We support obtaining three time precisions: seconds, microseconds, and nanoseconds.

time_t now_seconds = DateTime::Now().GetTimestamp();
int64_t now_milliseconds = PreciseTime::NowInMilliseconds();
int64_t now_nanoseconds = PreciseTime::NowInNanoseconds();

warning

This timestamp is obtained from an untrusted zone and is therefore unreliable.

Secure Untrusted Memory Operations

When we perform untrusted memory operations, such as allocating untrusted memory, copying trusted memory to untrusted memory, and releasing untrusted memory, we will perform a check on the untrusted memory.

const char* src = "Test data";
size_t len = strlen(src) + 1;
char* dest = static_cast<char*>(malloc_outside(len));
memcpy_to_outside(dest, src, len);
free_outside(dest, len);

warning

All operations related to untrusted memory require attention to safety, and the interface we provide will check the memory to ensure operation safety.

File System Access Support

We support functions such as obtaining file size, type and permissions, creating directories, deleting files, reading and writing files, etc.

Path test_file("/root");
test_file /= Path("test_file");
std::string test_data = "Hello world!";

const std::vector<uint8_t> test_data = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15};
PlainFileWriter writer(test_file.String());
writer.WriteAllBytes(test_data);

const FileStatus fs = status(test_file);
if (!exists(fs) || !is_regular_file(fs)) {
    Remove(test_file);
    return false;
}

PlainFileReader reader(test_file.String());
std::string file_data = reader.ReadAllBytes();
if (file_data != test_data) {
    Remove(test_file);
    return false;
}