Efi_bis.updatebootobjectauthorization(), Updatebootobjectauthorization(), Func – Intel Extensible Firmware Interface User Manual

Protocols

— Network Support

Version 1.10

12/01/02

15-87

EFI_BIS.UpdateBootObjectAuthorization()

Summary

Updates one of the configurable parameters of the Boot Object Authorization set (Boot Object
Authorization Certificate or Boot Authorization Check Flag).

Prototype

typedef
EFI_STATUS
(EFIAPI *EFI_BIS_UPDATE_BOOT_OBJECT_AUTHORIZATION)(
IN BIS_APPLICATION_HANDLE

AppHandle,

IN EFI_BIS_DATA

*RequestCredential,

OUT EFI_BIS_DATA

**NewUpdateToken

);

Parameters

AppHandle

An opaque handle that identifies the caller’s instance of initialization of
the BIS service. Type

BIS_APPLICATION_HANDLE

is defined in the

Initialize()

function description.

RequestCredential

This is a Signed Manifest with embedded attributes that carry the details
of the requested update. The required syntax of the Signed Manifest is
described in the Related Definition for Manifest Syntax below. The key
used to sign the request credential must be the private key corresponding
to the public key in the platform’s configured Boot Object Authorization
Certificate. Authority to update parameters in the Boot Object
Authorization set cannot be delegated.

If there is no Boot Object Authorization Certificate, the request
credential may be signed with any private key. In this case, this function
interacts with the user in a platform-specific way to determine whether
the operation should succeed. Type

EFI_BIS_DATA

is defined in the

Initialize()

function description.

NewUpdateToken

The function writes an allocated

EFI_BIS_DATA*

containing the new

unique update token value. The caller must eventually free the memory
allocated by this function using the function

Free()

. Type

EFI_BIS_DATA

is defined in the

Initialize()

function

description.