Intel Extensible Firmware Interface User Manual
Page 697
Protocols
— Network Support
Version 1.10
12/01/02
15-91
This identifies the section in the signer’s information file corresponding to the section with the
same name in the manifest file described earlier. The string
“
memory:UpdateRequestParameters
” must appear exactly as shown.
Digest-Algorithms: SHA-1
This enumerates the digest algorithms for which integrity data is included for the corresponding
manifest section. Strings identifying digest algorithms are the same as in the manifest file. The
digest algorithms specified here must match those specified in the manifest file. For every digest
algorithm
XXX
listed, there must also be a corresponding
XXX-Digest
line.
SHA-1-Digest: (base-64 representation of a SHA-1 digest of the
corresponding manifest section)
Gives the corresponding digest value for the corresponding manifest section. The value is base-
64 encoded. Note that for the purpose of computing the hash of the manifest section, the manifest
section starts at the beginning of the opening “
Name:
” keyword and continues up to, but not
including, the next section’s “
Name:
” keyword or the end-of-file. Thus the hash includes the
blank line(s) at the end of a section and any newline(s) preceding the next “
Name:
” keyword or
end-of-file.
//**********************************************************
// Signature Block File Example
//**********************************************************
A signature block file is a raw binary file (not base-64 encoded) that is a PKCS#7 defined format
signature block. The signature block covers exactly the contents of the signer’s information file.
There must be a correspondence between the name of the signer’s information file and the
signature block file. The base name matches, and the three-character extension is modified to
reflect the signature algorithm used according to the following rules:
• DSA signature algorithm (which uses SHA-1 hash): extension is DSA.
• RSA signature algorithm with MD5 hash: extension is RSA.