Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

Unsupported C Standard Functions time() and gmtime()


I realize the following is documented, I do however have a question none-the-less.

Unsupported C standard Functions

You cannot use the following Standard C functions within an enclave; otherwise, the compilation would fail.

Table 20 Unsupported C Standard Functions





clock(), mktime(), time(), asctime_s(), ctime(), ctime_s(), gmtime(), gtime_s(), localtime(), localtime_s()

I wish to load an existing library into an enclave with as few changes as possible. Unfortunately this library has a dependency on the c-standard library functions "time" and "gmtime". I have done the following:

long time(long* arg)
	long retVal;
	if (ocall_time(&retVal, arg) != SGX_SUCCESS)
	return retVal;
untrusted {
		[cdecl] long ocall_time([in] long* arg);
long ocall_time(long* arg)
	return (long) time((time_t*) arg);

That works ok for compiling (I have not yet been able to test run-time functionality as I need to also solve the gmtime call).

The issue I am facing with gmtime is that when I declare:

[cdecl] struct tm* ocall_gmtime([in] const long* timer);

Then the Enclave_t.h expects a tm** to be returned instead of a tm*. gmtime however returns a tm* so my ocall_gmtime would ideally be:

struct tm* ocall_gmtime(const long* timer)
    return gmtime((time_t*)timer);

What is the best solution for calling a c standard function that returns a pointer in this way?
Alternatively, is there a better solution for using "time()" and "gmtime()" in an enclave when they are necessary? Are there SGX alternatives that can be used instead?

Thanks and Regards,

- K

0 Kudos
1 Reply

Please take a look at the provided monotonic counter ( and sgx trusted time ( functions if the platform can support them.