Class AMT_ProvisioningCertificateHash
Used in features:
Provisioning
Compatible with the following Intel AMT Releases: 3.0,
3.2, 4.0, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0
CIM_ManagedElement
CIM_Credential
AMT_ProvisioningCertificateHash
class AMT_ProvisioningCertificateHash
- extends CIM_Credential
General Information:
A class derived from Credential that describes
provisioning certificate hash entry.
Product Specific
Usage:
Can be used only in Zero-Touch Configuration (Remote
Configuration) and Host-based
Configuration.
Qualifiers:
-------------
Version=6.0.0
Supported Fields
Summary |
string
|
ElementName A
user-friendly name for the object . . .
|
string
|
Description A
friendly-name string.
|
string
|
InstanceID Within the scope of the instantiating Namespace,
InstanceID opaquely and uniquely identifies an instance of this
class.
|
boolean
|
IsDefault Indicates
whether this entry is a factory default . . .
|
uint8
|
HashType The hash
type.
|
uint8[255]
|
HashData Hash value
(length depending on hash type) . . .
|
boolean
|
Enabled Indicates
whether this certificate hash is in use
|
Methods Summary |
|
Create(Instance,
ResourceCreated) Creates a new instance of this class
|
|
Put(Instance) Changes
properties of the selected instance
|
|
Get(Instance) Gets the
representation of the instance
|
|
Delete() Deletes an
instance
|
|
Pull(EnumerationContext,
MaxElements) Pulls instances of this class, following an
Enumerate operation
|
|
Enumerate()
Enumerates the instances of this class
|
|
Release(EnumerationContext)
Releases an enumeration context
|
ElementName
public string ElementName
- General Information:
A user-friendly name for the object. This
property allows each instance to define a user-friendly name in addition to
its key properties, identity data, and description information.
Note that
the Name property of ManagedSystemElement is also defined as a user-friendly
name. But, it is often subclassed to be a Key. It is not reasonable that the
same property can convey both identity and a user-friendly name, without
inconsistencies. Where Name exists and is not a Key (such as for instances of
LogicalDevice), the same information can be present in both the Name and
ElementName properties. Note that if there is an associated instance of
CIM_EnabledLogicalElementCapabilities, restrictions on this properties may
exist as defined in ElementNameMask and MaxElementNameLen properties defined
in that class.
Qualifiers:
-------------
MaxLen=45
Description
public string Description
- General Information:
A friendly-name string.
Product
Specific Usage:
Maximum length: 32
characters.
Qualifiers:
-------------
Override=Description
MaxLen=256
InstanceID
public string InstanceID
- General Information:
Within the scope of the instantiating
Namespace, InstanceID opaquely and uniquely identifies an instance of this
class.
Product Specific Usage:
Value is in format of
'Certificate Hash X', when X is the handle number.
Handle number 0-19:
Default hash - cannot be deleted or created in WSMan.
Handle number 20-22:
Customized hash - can be deleted and created. deleted at unprovisioning.
Handle number 23-32: Default hash - cannot be deleted or created in WSMan.
Value of 'InstanceID' is determined by FW and cannot be modified.
Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=30
IsDefault
public boolean IsDefault
- General Information:
Indicates whether this entry is a factory
default. This property is read-only.
HashType
public uint8 HashType
- General Information:
The hash type.
Product Specific
Usage:
MD5 hash type is not
supported.
Qualifiers:
-------------
ValueMap={0, 1, 2, 3,
6..255}
Values={MD5, SHA1, SHA256, SHA384, Reserved}
In Intel ME 11.0 the default SHA1 certificate hashes were removed from the firmware. Hashes could still be added in manufacturing, or through the MEBX or WS-MAN commands.
Starting from Intel ME 15.0 firmware for desktops, and Intel ME 16.0 firmware for all platforms, Intel is removing support of SHA1 root certificates and RSA key sizes smaller than 2048 bits for Intel AMT provisioning. In those releases and later, it is no longer possible to add SHA1 hashes.
HashData
public uint8[255] HashData
- General Information:
Hash value (length depending on hash type).
This property is read-only.
Product Specific
Usage:
Additional Notes:
1) In Intel AMT Release 6.0 and later
releases, HashData is restricted to a maximum length of 48
bytes
Qualifiers:
-------------
OctetString
MaxLen=256
Enabled
public boolean Enabled
- General Information:
Indicates whether this certificate hash is
in use
Create
public Create([IN]AMT_ProvisioningCertificateHash Instance, [OUT] REF AMT_ProvisioningCertificateHash ResourceCreated)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_ADMINISTRATION_REALM
General
Information:
Creates a new instance of this class
Product
Specific Usage:
The following properties must be included in any
representation of AMT_ProvisioningCertificateHash:
InstanceID
API is blocked in client control mode
Put
public Put([IN]AMT_ProvisioningCertificateHash Instance)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_ADMINISTRATION_REALM
General
Information:
Changes properties of the selected
instance
Product Specific Usage:
The following properties
must be included in any representation of AMT_ProvisioningCertificateHash:
InstanceID
API is blocked in client control mode
Get
public Get([OUT]AMT_ProvisioningCertificateHash Instance)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_ADMINISTRATION_REALM,
ADMIN_SECURITY_GENERAL_INFO_REALM
General Information:
Gets
the representation of the instance
Delete
public Delete()
- Permission Information:
Permitted realms:
ADMIN_SECURITY_ADMINISTRATION_REALM
General
Information:
Deletes an instance
Product Specific
Usage:
API is blocked in client control mode
Pull
public Pull([IN]String EnumerationContext, [IN]String MaxElements)
- Permission Information:
All users permitted to use method, only
instances to whom the user has permissions will be returned
General
Information:
Pulls instances of this class, following an Enumerate
operation
Enumerate
public Enumerate()
- Permission Information:
All users permitted to use
method
General Information:
Enumerates the instances of this
class
Release
public Release([IN]String EnumerationContext)
- Permission Information:
All users permitted to use
method
General Information:
Releases an enumeration
context