public TpmRc RunPolicy(Tpm2 tpm, PolicyTree policyTree, string branchToEvaluate = null, bool allowErrors = false)
{
policyTree.AllowErrorsInPolicyEval = allowErrors;
PolicyAce leafAce = null;
// First, check that the policy is OK.
policyTree.CheckPolicy(branchToEvaluate, ref leafAce);
if (leafAce == null)
{
Globs.Throw("RunPolicy: Branch identifier " + branchToEvaluate + " does not exist");
}
var responseCode = TpmRc.Success;
try
{
if (allowErrors)
{
tpm._DisableExceptions();
}
tpm._InitializeSession(this);
// Walk up the tree from the leaf..
PolicyAce nextAce = leafAce;
while (nextAce != null)
{
responseCode = nextAce.Execute(tpm, this, policyTree);
if (responseCode != TpmRc.Success)
{
break;
}
// ..and continue along the path to the root
nextAce = nextAce.PreviousAce;
}
}
finally
{
if (allowErrors)
{
tpm._EnableExceptions();
}
}
return responseCode;
}
} // class AuthSession
