lvfengfree/serverRoom
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
serverRoom/backend-csharp/amt-sdk-20-0-0-1/WS-ManagementCSModule/Src/WSMAN MOFs/IPS_HostBasedSetupService.mof

217 lines
9.5 KiB
Plaintext
Raw Blame History

// Copyright (c) 2007-2011, Intel Corporation. All rights reserved.
[Experimental, Version ( "8.0.0" ),
Description (
"Describes the Host Based Setup Service, which is the logic in "
"Intel(R) AMT that responds to setup requests initiated from "
"the host using OS Administrator credentials. Also provides a "
"method to upgrade to Admin Control mode that can be initiated "
"remotely." )]
class IPS_HostBasedSetupService : CIM_SecurityService {
[Description (
"An enumeration value that indicates the control mode of "
"the Intel(R) AMT subsystem after provisioning. This "
"property is read-only" ),
ValueMap { "0", "1", "2", ".." },
Values { "Not provisioned", "Client", "Admin", "Reserved" }]
uint8 CurrentControlMode;
[Description (
"An array of values that indicates which control modes "
"this machine is allowed to be in. This property is "
"read-only. \"Client\" can only be removed using the "
"\"DisableClientControlMode\" method." ),
ValueMap { "0", "1", "2", ".." },
Values { "Not provisioned", "Client", "Admin", "Reserved" }]
uint8 AllowedControlModes[];
[Description (
"Nonce value randomly generated by Intel(R) AMT, used as "
"input to the Setup APIs. This value will be regenerated "
"following an unprovision event and after a successful "
"setup.It may also be regenerated following ME resets." ),
OctetString]
uint8 ConfigurationNonce[];
[Description (
"Status of \"AddNextCertInChain\" progress. "
"This property is read-only. " ),
ValueMap { "0", "1", "2", ".." },
Values { "Not Started", "Chain In-Progress", "Chain Complete", "Reserved" }]
uint8 CertChainStatus;
[Description (
"Setup Intel(R) AMT from local host. This function "
"requires OS administrator rights, and moves Intel(R) AMT "
"from \"Pre Provisioned\" state to \"Post Provisioned\" "
"state. The control mode after this method is run will be "
"\"Client\". This method also allows the configuring "
"agent to sign the setup operation with a certificate. "
"The certificate hash will be kept in the corresponding "
"provisioning record" ),
ValueMap { "0", "1", "2", "3", "4", "5", "6", ".." },
Values { "SUCCESS", "INTERNAL ERROR", "INVALID STATE",
"INVALID PARAM", "METHOD DISABLED", "AUTH_FAILED",
"FLASH_WRITE_LIMIT_EXCEEDED", "Reserved" }]
uint32 Setup(
[Required, IN, Description (
"The encryption type of the network admin password. "
"Only HTTP-MD5 is supported. The values are the "
"same as the "
"CIM_Account.UserPasswordEncryptionAlgorithm field" ),
ValueMap { "0", "1", "2", ".." },
Values { "None", "Other", "HTTP Digest MD5(A1)",
"DMTF Reserved" }]
uint16 NetAdminPassEncryptionType,
[Required, IN, Description (
"New network admin password to be set by this "
"command, encrypted using the encryption type "
"algorithm" ),
OctetString]
string NetworkAdminPassword[1],
[IN, Description (
"A random nonce value generated by the "
"configuration agent.Required if the digital "
"signature is provided.needs to be concatenated "
"after the configuration nonce and signed together "
"with the attached certificate\'s private key" ),
OctetString]
uint8 McNonce[],
[IN, Description (
"The certificate used to sign the setup "
"operation. If the digital signature is "
"provided, Intel(R) AMT will only validate the format "
"of the certificate and that it was used to sign "
"the nonces. If the operation is successful it "
"will save the certificate hash in the "
"corresponding provisioning record" ),
OctetString]
uint8 Certificate[],
[IN, Description (
"The signing algorithm used to sign the setup operation."
),
ValueMap { "0", "1", "2", ".." },
Values { "None", "Other", "RSA_SHA-2_256",
"DMTF Reserved" }]
uint16 SigningAlgorithm,
[IN, Description (
"A digital signature of the ConfigurationNonce and "
"the McNonce concatenated. If this information is "
"provided, AMT will validate the signature before "
"accepting the command." ),
OctetString]
uint8 DigitalSignature[]);
[Description (
"Add a certificate to the provisioning certificate chain, "
"to be used by AdminSetup or UpgradeClientToAdmin "
"methods." ),
ValueMap {"0", "1", "2","3","4","5",".."},
Values {"SUCCESS", "INVALID PARAM", "INTERNAL_ERROR",
"INVALID STATE", "CERT_VERIFY_FAILED","CERT_CHAIN_LENGTH_EXCEEDED","Reserved"}]
uint32 AddNextCertInChain(
[Required, IN, Description (
"The next certificate to add to the chain" ),
OctetString]
uint8 NextCertificate[],
[IN, Description (
"true, when the current certificate is leaf "
"certificate" )]
boolean IsLeafCertificate,
[IN, Description (
"true, when the current certificate is root. Marks end of the certificate chain" )]
boolean IsRootCertificate
);
[Description (
"Setup Intel(R) AMT from the local host, resulting in "
"Admin Setup Mode. Requires OS administrator rights, and "
"moves Intel(R) AMT from \"Pre Provisioned\" state to "
"\"Post Provisioned\" state. The control mode after this "
"method is run will be \"Admin\"." ),
ValueMap { "0", "1", "2", "3", "4", "5", "6", "2066" },
Values { "SUCCESS", "INTERNAL ERROR", "INVALID STATE",
"INVALID PARAM", "Reserved0", "AUTH_FAILED",
"FLASH_WRITE_LIMIT_EXCEEDED", "UNSUPPORTED" }]
uint32 AdminSetup(
[Required, IN, Description (
"The encryption type of the network admin password. "
"Only HTTP-MD5 is supported. The values are the "
"same as the "
"CIM_Account.UserPasswordEncryptionAlgorithm field" ),
ValueMap { "0", "1", "2", ".." },
Values { "None", "Other", "HTTP Digest MD5(A1)",
"DMTF Reserved" }]
uint16 NetAdminPassEncryptionType,
[Required, IN, Description (
"New network admin password to be set by this "
"command, encrypted using the encryption type "
"algorithm" ),
OctetString]
string NetworkAdminPassword[1],
[IN, Description (
"A random nonce value generated by the "
"configuration agent.Required if the digital "
"signature is provided.needs to be concatenated "
"after the configuration nonce and signed together "
"with the attached certificate\'s private key" ),
OctetString]
uint8 McNonce[],
[IN, Description (
"The signing algorithm used to sign the setup operation."
),
ValueMap { "0", "1", "2", ".." },
Values { "None", "Other", "RSA_SHA-2_256",
"DMTF Reserved" }]
uint16 SigningAlgorithm,
[IN, Description (
"A digital signature of the ConfigurationNonce and "
"the McNonce concatenated. If this information is "
"provided, AMT will validate the signature before "
"accepting the command." ),
OctetString]
uint8 DigitalSignature[]);
[Description (
"Upgrade Intel(R) AMT from Client to Admin Control "
"Mode. Requires AMT administrator rights, and that the "
"machine has been previously provisioned in Client "
"control mode." ),
ValueMap { "0", "1", "2", "3", "4", "5", "6", ".." },
Values { "SUCCESS", "INTERNAL ERROR", "INVALID STATE",
"INVALID PARAM", "Reserved", "AUTH_FAILED",
"FLASH_WRITE_LIMIT_EXCEEDED", "Reserved" }]
uint32 UpgradeClientToAdmin(
[IN, Description (
"A random nonce value generated by the "
"configuration agent.Required if the digital "
"signature is provided.needs to be concatenated "
"after the configuration nonce and signed together "
"with the attached certificate\'s private key" ),
OctetString]
uint8 McNonce[],
[IN, Description (
"The signing algorithm used to sign the setup operation."
),
ValueMap { "0", "1", "2", ".." },
Values { "None", "Other", "RSA_SHA-2_256",
"DMTF Reserved" }]
uint16 SigningAlgorithm,
[IN, Description (
"A digital signature of the ConfigurationNonce and "
"the McNonce concatenated.If this information is "
"provided, AMT will validate the signature before "
"accepting the command." ),
OctetString]
uint8 DigitalSignature[]);
[Description (
"Do not allow provisioning the machine in Client Control mode."
),
ValueMap { "0", "1", ".." },
Values { "SUCCESS", "INTERNAL ERROR", "Reserved" }]
uint32 DisableClientControlMode(
);
};
Reference in New Issue View Git Blame Copy Permalink