#sgx #intel

nightly sgx_trts

Rust SGX SDK provides the ability to write Intel SGX applications in Rust Programming Language

8 stable releases

✓ Uses Rust 2018 edition

new 1.0.9 Sep 16, 2019
1.0.8 Jun 11, 2019
1.0.7 May 10, 2019
1.0.6 Feb 6, 2019
0.9.8 Mar 27, 2018
Download history 21/week @ 2019-06-03 65/week @ 2019-06-10 134/week @ 2019-06-17 35/week @ 2019-06-24 87/week @ 2019-07-01 34/week @ 2019-07-08 27/week @ 2019-07-15 16/week @ 2019-07-22 3/week @ 2019-07-29 32/week @ 2019-08-05 3/week @ 2019-08-12 1/week @ 2019-08-19 24/week @ 2019-08-26 32/week @ 2019-09-02 33/week @ 2019-09-09

142 downloads per month
Used in 10 crates (8 directly)

Custom license

2.5K SLoC


Please visit our homepage for usage. Thanks!


Trusted Runtime System

The Intel(R) SGX trusted runtime system (tRTS) is a key component of the Intel(R) Software Guard Extensions SDK. It provides the enclave entry point logic as well as other functions to be used by enclave developers.

Intel(R) Software Guard Extensions Helper Functions


Intel(R) Software Guard Extensions Helper Functions

The tRTS provides the helper functions for you to determine whether a given address is within or outside enclave memory.

The tRTS provides a wrapper to the RDRAND instruction to generate a true random number from hardware. enclave developers should use the rsgx_read_rand function to get true random numbers.


The Intel(R) Software Guard Extensions SDK provides an API to allow you to register functions, or exception handlers, to handle a limited set of hardware exceptions. When one of the enclave supported hardware exceptions occurs within the enclave, the registered exception handlers will be called in a specific order until an exception handler reports that it has handled the exception. For example, issuing a CPUID instruction inside an Enclave will result in a #UD fault (Invalid Opcode Exception). ISV enclave code can call rsgx_register_exception_handler to register a function of type sgx_exception_handler_t to respond to this exception. To check a list of enclave supported exceptions, see Intel(R) Software Guard Extensions Programming Reference.


Custom exception handling is only supported in HW mode. Although the exception handlers can be registered in simulation mode, the exceptions cannot be caught and handled within the enclave.


OCALLs are not allowed in the exception handler.


Custom exception handing only saves general purpose registers in sgx_ exception_info_t. You should be careful when touching other registers in the exception handlers.


If the exception handlers can not handle the exceptions, abort() is called. abort() makes the enclave unusable and generates another exception.