Filter
Top Products
Extensible Firmware Interface Specification
15-96 12/01/02 Version 1.10
Related Definitions
//**********************************************************
// Manifest Syntax
//**********************************************************
The Signed Manifest consists of three parts grouped together into an Electronic Shrink Wrap
archive as described in [SM spec]: a manifest file, a signer’s information file, and a signature block
file. These three parts along with examples are described in the following sections. In these
examples, text in parentheses is a description of the text that would appear in the signed manifest.
Text outside of parentheses must appear exactly as shown. Also note that manifest files and
signer’s information files must conform to a 72-byte line-length limit. Continuation lines (lines
beginning with a single “space” character) are used for lines longer than 72 bytes. The examples
given here follow this rule for continuation lines.
Note that the manifest file and signer’s information file parts of a Signed Manifest are ASCII (not
Unicode) text files. In cases where these files contain a base-64 encoded string, the string is an
ASCII (not Unicode) string before base-64 encoding.
//**********************************************************
// Manifest File Example
//**********************************************************
The manifest file must include a section referring to a memory-type data object with the reserved
name as shown in the example below. This data object is the Boot Object to be verified. An
example manifest file is shown below.
Manifest-Version: 2.0
ManifestPersistentId: (base-64 representation of a unique GUID)
Name: memory:BootObject
Digest-Algorithms: SHA-1
SHA-1-Digest: (base-64 representation of a SHA-1 digest of the
boot object)
A line-by-line description of this manifest file is as follows.
Manifest-Version: 2.0
This is a standard header line that all signed manifests have. It must appear exactly as shown.
ManifestPersistentId: (base-64 representation of a unique GUID)
The left-hand string must appear exactly as shown. The right-hand string must be a unique GUID
for every manifest file created. The Win32 function UuidCreate() can be used for this on Win32
systems. The GUID is a binary value that must be base-64 encoded. Base-64 is a simple encoding
scheme for representing binary values that uses only printing characters. Base-64 encoding is
described in [BASE-64].
Name: memory:BootObject