Function rcl_get_secure_root

• Defined in File security.h

Function Documentation

char *rcl_get_secure_root(const char *name, const rcl_allocator_t *allocator)

Return the secure root given a enclave name.

Return the security directory associated with the enclave name.

The value of the environment variable ROS_SECURITY_KEYSTORE is used as a root. The specific directory to be used is found from that root using the name passed. E.g. for a context named “/a/b/c” and root “/r”, the secure root path will be “/r/a/b/c”, where the delimiter “/” is native for target file system (e.g. “\” for _WIN32).

However, this expansion can be overridden by setting the secure enclave override environment (ROS_SECURITY_ENCLAVE_OVERRIDE) variable, allowing users to explicitly specify the exact enclave name to be utilized. Such an override is useful for applications where the enclave is non-deterministic before runtime, or when testing and using additional tools that may not otherwise be easily provisioned.

Parameters:

• name – [in] validated name (a single token)

• allocator – [in] the allocator to use for allocation

Returns:

Machine specific (absolute) enclave directory path or NULL on failure. Returned pointer must be deallocated by the caller of this function