88 lines
3.3 KiB
Plaintext
88 lines
3.3 KiB
Plaintext
// Copyright (c) 2007-2010, Intel Corporation. All rights reserved.
|
|
[Version ( "7.0.0" ),
|
|
Description (
|
|
"The IPS_TLSProvisioningRecord provides information "
|
|
"related to a single Intel (R) AMT provisioning occurrence that "
|
|
"was performed using a TLS provisioning method - PSK or PKI" )]
|
|
class IPS_TLSProvisioningRecord : IPS_ProvisioningAuditRecord {
|
|
|
|
[Description (
|
|
"Specifies the TLS provisioning method that was used to "
|
|
"provision Intel(R) AMT" ),
|
|
ValueMap { "0", "1", "2", ".." },
|
|
Values { "Unknown", "TLS-PSK", "TLS-PKI", "Reserved" }]
|
|
uint8 ProvisioningTLSMode;
|
|
|
|
[Description (
|
|
"True, if the DNS Suffix used to authorize the "
|
|
"provisioning entityWas set via the MEBx, false if value "
|
|
"was read from the DHCP Server\'s option 15 valueValid "
|
|
"only if TLSProvisioningMethod=\"TLS-PKI\"" )]
|
|
boolean SecureDNS;
|
|
|
|
[Description (
|
|
"True if provisioning was initiated by a host agent. "
|
|
"Valid only if TLSProvisioningMethod=\"TLS-PKI\"" )]
|
|
boolean HostInitiated;
|
|
|
|
[Description (
|
|
"Specifies the CN value in the SSL certificate used by "
|
|
"the provisioning server. Valid only if "
|
|
"TLSProvisioningMethod=\"TLS-PKI\"" ),
|
|
MaxLen ( 255 )]
|
|
string ProvServerFQDN;
|
|
|
|
[Description (
|
|
"The hash algorithm used for SelectedHashData. Valid only "
|
|
"if TLSProvisioningMethod=\"TLS-PKI\"" ),
|
|
valueMap { "0", "1", "2", "3", ".." },
|
|
values { "Unknown", "SHA-1-160", "SHA-2-256", "SHA-2-384",
|
|
"Reserved" }]
|
|
uint8 SelectedHashType;
|
|
|
|
[Description (
|
|
"Hash data - The hash of the root certificate used in the "
|
|
"configuration process. Valid only if TLSProvisioningMethod"
|
|
"=\"TLS-PKI\""
|
|
),
|
|
OctetString]
|
|
uint8 SelectedHashData[];
|
|
|
|
[Description (
|
|
"Notice: the values of this array are actually base64 "
|
|
"encoded values. A list of a maximum of three serial "
|
|
"numbers of the issuing CA certificates. If the "
|
|
"certificate chain has more than three certificates, this "
|
|
"field contains the serial numbers of the last three "
|
|
"certificates. This field has a value only if "
|
|
"TLSProvisioningMethod=\"TLS-PKI\"" ),
|
|
OctetString, MaxLen ( 16 )]
|
|
string CaCertificateSerials[];
|
|
|
|
[Description ( "Valid only if TLSProvisioningMethod=\"TLS-PKI\""
|
|
)]
|
|
boolean AdditionalCaSerialNums;
|
|
|
|
[Description (
|
|
"True if the certificate hash data was set by OEM. Valid "
|
|
"only if TLSProvisioningMethod=\"TLS-PKI\"" )]
|
|
boolean HashIsOemDefault;
|
|
|
|
[Description (
|
|
"Specifies whether the SSL cert validity period was "
|
|
"successfully verified.The host RTC is used as the "
|
|
"reference clock. Note that Intel(R) AMT will not cause a "
|
|
"Provisioning operation to fail even if the certificate "
|
|
"has expired.Valid only if "
|
|
"TLSProvisioningMethod=\"TLS-PKI\"" )]
|
|
boolean IsTimeValid;
|
|
|
|
[Description (
|
|
"The IP address of the Provisioning server that issued "
|
|
"the AMT_SetupAndConfigurationService.CommitChanges() "
|
|
"command, both IPv4 & IPv6 addresses are supported." )]
|
|
string ProvServerIP;
|
|
|
|
|
|
};
|