|
private CheckPolicy ( string branchIdToFind, |
||
| branchIdToFind | string | |
| matchingAce | ||
| return | void | |
/// <summary>
/// Run a path on the policy tree. The path is identified by the leaf identifier string. A session is
/// created and returned. If allowErrors is true then errors returned do not cause an exception (but
/// are returned in the response code).
/// </summary>
/// <param name="tpm"></param>
/// <param name="policySession"></param>
/// <param name="branchToEvaluate"></param>
/// <param name="allowErrors"></param>
/// <returns></returns>
public TpmRc RunPolicy(Tpm2 tpm, PolicyTree policyTree, string branchToEvaluate = null, bool allowErrors = false)
{
policyTree.AllowErrorsInPolicyEval = allowErrors;
PolicyAce leafAce = null;
// First, check that the policy is OK.
policyTree.CheckPolicy(branchToEvaluate, ref leafAce);
if (leafAce == null)
{
Globs.Throw("RunPolicy: Branch identifier " + branchToEvaluate + " does not exist");
}
var responseCode = TpmRc.Success;
try
{
if (allowErrors)
{
tpm._DisableExceptions();
}
tpm._InitializeSession(this);
// Walk up the tree from the leaf..
PolicyAce nextAce = leafAce;
while (nextAce != null)
{
responseCode = nextAce.Execute(tpm, this, policyTree);
if (responseCode != TpmRc.Success)
{
break;
}
// ..and continue along the path to the root
nextAce = nextAce.PreviousAce;
}
}
finally
{
if (allowErrors)
{
tpm._EnableExceptions();
}
}
return(responseCode);
}
/// <summary>
/// Run a path on the policy tree. The path is identified by the leaf identifier string. A session is
/// created and returned. If allowErrors is true then errors returned do not cause an exception (but
/// are returned in the response code).
/// </summary>
/// <param name="tpm"></param>
/// <param name="policySession"></param>
/// <param name="branchToEvaluate"></param>
/// <param name="allowErrors"></param>
/// <returns></returns>
public TpmRc RunPolicy(Tpm2 tpm, PolicyTree policyTree, string branchToEvaluate = null, bool allowErrors = false)
{
policyTree.AllowErrorsInPolicyEval = allowErrors;
PolicyAce leafAce = null;
// First, check that the policy is OK.
policyTree.CheckPolicy(branchToEvaluate, ref leafAce);
if (leafAce == null)
{
Globs.Throw("RunPolicy: Branch identifier " + branchToEvaluate + " does not exist");
}
var responseCode = TpmRc.Success;
try
{
if (allowErrors)
{
tpm._DisableExceptions();
}
tpm._InitializeSession(this);
// Walk up the tree from the leaf..
PolicyAce nextAce = leafAce;
while (nextAce != null)
{
responseCode = nextAce.Execute(tpm, this, policyTree);
if (responseCode != TpmRc.Success)
{
break;
}
// ..and continue along the path to the root
nextAce = nextAce.PreviousAce;
}
}
finally
{
if (allowErrors)
{
tpm._EnableExceptions();
}
}
return responseCode;
}
