Filter
Top Products
Protocols — Network Support
Version 1.10 12/01/02 15-89
The left-hand string must appear exactly as shown. The right-hand string must be a unique GUID
for every manifest file created. The Win32 function UuidCreate() can be used for this on Win32
systems. The GUID is a binary value that must be base-64 encoded. Base-64 is a simple
encoding scheme for representing binary values that uses only printing characters. Base-64
encoding is described in [BASE-64].
Name: memory:UpdateRequestParameters
This identifies the manifest section that carries a dummy zero-length data object serving as the
collection point for the attribute values appearing later in this manifest section (lines prefixed
with “X-Intel-BIS-”). The string “memory:UpdateRequestParameters” must
appear exactly as shown.
Digest-Algorithms: SHA-1
This enumerates the digest algorithms for which integrity data is included for the data object.
These are required even though the data object is zero-length. For systems with DSA signing,
SHA-1 hash, and 1024-bit key length, the digest algorithm must be “SHA-1.” For systems with
RSA signing, MD5 hash, and 512-bit key length, the digest algorithm must be “MD5.” Multiple
algorithms can be specified as a whitespace-separated list. For every digest algorithm XXX listed,
there must also be a corresponding XXX-Digest line.
SHA-1-Digest: (base-64 representation of a SHA-1 digest of zero-length
buffer)
Gives the corresponding digest value for the dummy zero-length data object. The value is base-
64 encoded. Note that for both MD5 and SHA-1, the digest value for a zero-length data object is
not zero.
X-Intel-BIS-ParameterSet: (base-64 representation of
BootObjectAuthorizationSetGUID)
A named attribute value that distinguishes updates of BIS parameters from updates of other
parameters. The left-hand attribute-name keyword must appear exactly as shown. The GUID
value for the right-hand side is always the same, and can be found under the preprocessor symbol
BOOT_OBJECT_AUTHORIZATION_PARMSET_GUIDVALUE. The representation inserted into
the manifest is base-64 encoded.
Note the “X-Intel-BIS-” prefix on this and the following attributes. The “X-” part of the
prefix was chosen to avoid collisions with future reserved keywords defined by future versions of
the signed manifest specification. The “Intel-BIS-” part of the prefix was chosen to avoid
collisions with other user-defined attribute names within the user-defined attribute name space.
X-Intel-BIS-ParameterSetToken: (base-64 representation of the current
update token)
A named attribute value that makes this update of BIS parameters different from any other on the
same target platform. The left-hand attribute-name keyword must appear exactly as shown. The
value for the right-hand side is generally different for each update-request manifest generated.
The value to be base-64 encoded is retrieved through the functions
GetBootObjectAuthorizationUpdateToken()
or
UpdateBootObjectAuthorization()
.
X-Intel-BIS-ParameterId: (base-64 representation of
“BootObjectAuthorizationCertificate” or
“BootAuthorizationCheckFlag”)