]>
Commit | Line | Data |
---|---|---|
beda2356 | 1 | /** @file\r |
2 | VFR file used by the SecureBoot configuration component.\r | |
3 | \r | |
762d8ddb | 4 | Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>\r |
20333c6d QL |
5 | This program and the accompanying materials\r |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
beda2356 | 8 | http://opensource.org/licenses/bsd-license.php\r |
9 | \r | |
20333c6d | 10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r |
beda2356 | 11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #include "SecureBootConfigNvData.h"\r | |
16 | \r | |
17 | formset\r | |
18 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r | |
19 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r | |
20 | help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r | |
21 | classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r | |
22 | \r | |
23 | varstore SECUREBOOT_CONFIGURATION,\r | |
24 | varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r | |
25 | name = SECUREBOOT_CONFIGURATION,\r | |
26 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r | |
20333c6d | 27 | \r |
ecc722ad | 28 | //\r |
29 | // ##1 Form "Secure Boot Configuration"\r | |
30 | //\r | |
beda2356 | 31 | form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r |
32 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r | |
33 | \r | |
34 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
f71ed839 | 35 | \r |
96832eef CZ |
36 | //\r |
37 | // Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode)\r | |
38 | //\r | |
39 | text\r | |
40 | help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP),\r | |
41 | text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT),\r | |
42 | text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT);\r | |
43 | \r | |
f71ed839 | 44 | text\r |
45 | help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r | |
46 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r | |
47 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r | |
20333c6d | 48 | \r |
ecc722ad | 49 | //\r |
50 | // Display of Check Box: Attempt Secure Boot\r | |
51 | //\r | |
beda2356 | 52 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r |
f71ed839 | 53 | checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r |
beda2356 | 54 | questionid = KEY_SECURE_BOOT_ENABLE,\r |
55 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r | |
56 | help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r | |
8f8ca22e | 57 | flags = INTERACTIVE | RESET_REQUIRED,\r |
ecc722ad | 58 | endcheckbox;\r |
59 | endif;\r | |
20333c6d | 60 | \r |
ecc722ad | 61 | //\r |
62 | // Display of Oneof: 'Secure Boot Mode'\r | |
63 | //\r | |
142d2dcb CZ |
64 | oneof name = SecureBootMode,\r |
65 | questionid = KEY_SECURE_BOOT_MODE,\r | |
66 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r | |
67 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
68 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
69 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r | |
70 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
71 | endoneof;\r | |
20333c6d | 72 | \r |
ecc722ad | 73 | //\r |
96832eef | 74 | // Display PK include page\r |
ecc722ad | 75 | //\r |
a365eed4 | 76 | suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r |
96832eef CZ |
77 | grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
78 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
79 | prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r | |
80 | help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r | |
81 | flags = INTERACTIVE,\r | |
82 | key = KEY_SECURE_BOOT_OPTION;\r | |
83 | endif;\r | |
ecc722ad | 84 | endif;\r |
96832eef | 85 | \r |
ecc722ad | 86 | endform;\r |
20333c6d | 87 | \r |
ecc722ad | 88 | //\r |
89 | // ##2 Form: 'Custom Secure Boot Options'\r | |
90 | //\r | |
91 | form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r | |
92 | title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r | |
20333c6d | 93 | \r |
ecc722ad | 94 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 95 | \r |
96832eef CZ |
96 | //\r |
97 | // Display of SetupMode/UserMode/AuditMode/DeployedMode transition\r | |
98 | //\r | |
142d2dcb | 99 | oneof name = TransSecureBootMode,\r |
96832eef CZ |
100 | questionid = KEY_TRANS_SECURE_BOOT_MODE,\r |
101 | prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),\r | |
102 | help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),\r | |
103 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
104 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE \r | |
105 | OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND\r | |
106 | ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);\r | |
107 | option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;\r | |
108 | endif\r | |
109 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;\r | |
110 | option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;\r | |
111 | endif\r | |
112 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;\r | |
113 | option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;\r | |
114 | endif\r | |
115 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;\r | |
116 | option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;\r | |
117 | endif\r | |
118 | \r | |
142d2dcb | 119 | endoneof;\r |
96832eef CZ |
120 | \r |
121 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
122 | \r | |
ecc722ad | 123 | goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r |
124 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r | |
125 | help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r | |
126 | flags = INTERACTIVE,\r | |
127 | key = KEY_SECURE_BOOT_PK_OPTION;\r | |
20333c6d | 128 | \r |
ecc722ad | 129 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 130 | \r |
ecc722ad | 131 | goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r |
132 | prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r | |
133 | help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r | |
134 | flags = INTERACTIVE,\r | |
135 | key = KEY_SECURE_BOOT_KEK_OPTION;\r | |
20333c6d | 136 | \r |
ecc722ad | 137 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 138 | \r |
ecc722ad | 139 | goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r |
140 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r | |
141 | help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r | |
142 | flags = INTERACTIVE,\r | |
143 | key = KEY_SECURE_BOOT_DB_OPTION;\r | |
20333c6d | 144 | \r |
ecc722ad | 145 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 146 | \r |
ecc722ad | 147 | goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r |
148 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r | |
149 | help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r | |
150 | flags = INTERACTIVE,\r | |
151 | key = KEY_SECURE_BOOT_DBX_OPTION;\r | |
152 | \r | |
20333c6d QL |
153 | subtitle text = STRING_TOKEN(STR_NULL);\r |
154 | \r | |
155 | goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
156 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r | |
157 | help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r | |
158 | flags = INTERACTIVE,\r | |
159 | key = KEY_SECURE_BOOT_DBT_OPTION;\r | |
160 | \r | |
ecc722ad | 161 | endform;\r |
20333c6d | 162 | \r |
ecc722ad | 163 | //\r |
164 | // ##3 Form: 'PK Options'\r | |
165 | //\r | |
166 | form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
167 | title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r | |
20333c6d | 168 | \r |
ecc722ad | 169 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 170 | \r |
ecc722ad | 171 | //\r |
142d2dcb | 172 | // Display of 'Enroll PK'\r |
ecc722ad | 173 | //\r |
ecc722ad | 174 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r |
175 | goto FORMID_ENROLL_PK_FORM,\r | |
176 | prompt = STRING_TOKEN(STR_ENROLL_PK),\r | |
177 | help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r | |
178 | flags = INTERACTIVE,\r | |
179 | key = KEY_ENROLL_PK;\r | |
180 | endif;\r | |
20333c6d | 181 | \r |
ecc722ad | 182 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 183 | \r |
ecc722ad | 184 | //\r |
20333c6d | 185 | // Display of Check Box: 'Delete Pk'\r |
ecc722ad | 186 | //\r |
187 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r | |
188 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
189 | questionid = KEY_SECURE_BOOT_DELETE_PK,\r | |
20333c6d | 190 | prompt = STRING_TOKEN(STR_DELETE_PK),\r |
ecc722ad | 191 | help = STRING_TOKEN(STR_DELETE_PK_HELP),\r |
0fb450fb | 192 | flags = INTERACTIVE | RESET_REQUIRED,\r |
beda2356 | 193 | endcheckbox;\r |
194 | endif;\r | |
ecc722ad | 195 | endform;\r |
20333c6d | 196 | \r |
ecc722ad | 197 | //\r |
198 | // ##4 Form: 'Enroll PK'\r | |
199 | //\r | |
200 | form formid = FORMID_ENROLL_PK_FORM,\r | |
201 | title = STRING_TOKEN(STR_ENROLL_PK);\r | |
20333c6d | 202 | \r |
ecc722ad | 203 | subtitle text = STRING_TOKEN(STR_NULL);\r |
204 | \r | |
762d8ddb | 205 | goto FORMID_ENROLL_PK_FORM,\r |
ecc722ad | 206 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r |
207 | help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
208 | flags = INTERACTIVE,\r | |
762d8ddb DB |
209 | key = FORMID_ENROLL_PK_FORM;\r |
210 | \r | |
211 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
212 | label FORMID_ENROLL_PK_FORM;\r | |
213 | label LABEL_END;\r | |
214 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
215 | \r | |
216 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
217 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
218 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
219 | flags = INTERACTIVE| RESET_REQUIRED,\r | |
220 | key = KEY_VALUE_SAVE_AND_EXIT_PK;\r | |
221 | \r | |
222 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
223 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
224 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
225 | flags = INTERACTIVE,\r | |
226 | key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r | |
227 | \r | |
ecc722ad | 228 | endform;\r |
20333c6d | 229 | \r |
ecc722ad | 230 | //\r |
231 | // ##5 Form: 'KEK Options'\r | |
232 | //\r | |
233 | form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
234 | title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r | |
235 | \r | |
236 | //\r | |
20333c6d | 237 | // Display of 'Enroll KEK'\r |
ecc722ad | 238 | //\r |
239 | goto FORMID_ENROLL_KEK_FORM,\r | |
240 | prompt = STRING_TOKEN(STR_ENROLL_KEK),\r | |
241 | help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r | |
242 | flags = INTERACTIVE;\r | |
20333c6d QL |
243 | \r |
244 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
245 | \r | |
ecc722ad | 246 | //\r |
20333c6d | 247 | // Display of 'Delete KEK'\r |
ecc722ad | 248 | //\r |
249 | goto FORMID_DELETE_KEK_FORM,\r | |
250 | prompt = STRING_TOKEN(STR_DELETE_KEK),\r | |
251 | help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r | |
252 | flags = INTERACTIVE,\r | |
253 | key = KEY_DELETE_KEK;\r | |
20333c6d QL |
254 | \r |
255 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 256 | endform;\r |
257 | \r | |
258 | //\r | |
20333c6d | 259 | // ##6 Form: 'Enroll KEK'\r |
ecc722ad | 260 | //\r |
261 | form formid = FORMID_ENROLL_KEK_FORM,\r | |
262 | title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r | |
263 | \r | |
264 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
265 | \r | |
762d8ddb | 266 | goto FORMID_ENROLL_KEK_FORM,\r |
ecc722ad | 267 | prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r |
268 | help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r | |
269 | flags = INTERACTIVE,\r | |
270 | key = FORMID_ENROLL_KEK_FORM;\r | |
271 | \r | |
272 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
273 | label FORMID_ENROLL_KEK_FORM;\r | |
274 | label LABEL_END;\r | |
275 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
276 | \r | |
277 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
278 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
279 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
280 | flags = INTERACTIVE,\r | |
281 | key = KEY_SECURE_BOOT_KEK_GUID,\r | |
282 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
283 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
284 | endstring;\r | |
285 | \r | |
286 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
287 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
288 | \r | |
289 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
290 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
291 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
292 | flags = INTERACTIVE,\r | |
293 | key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r | |
20333c6d | 294 | \r |
ecc722ad | 295 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
296 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
297 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
298 | flags = INTERACTIVE,\r | |
299 | key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r | |
300 | \r | |
301 | endform;\r | |
302 | \r | |
303 | //\r | |
304 | // ##7 Form: 'Delete KEK'\r | |
20333c6d | 305 | //\r |
ecc722ad | 306 | form formid = FORMID_DELETE_KEK_FORM,\r |
307 | title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r | |
308 | \r | |
309 | label LABEL_KEK_DELETE;\r | |
310 | label LABEL_END;\r | |
20333c6d | 311 | \r |
ecc722ad | 312 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 313 | \r |
ecc722ad | 314 | endform;\r |
315 | \r | |
316 | //\r | |
317 | // ##8 Form: 'DB Options'\r | |
318 | //\r | |
319 | form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
320 | title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r | |
321 | \r | |
322 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
323 | \r | |
324 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
325 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
326 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
327 | flags = 0;\r | |
328 | \r | |
329 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
330 | \r | |
331 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
332 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
333 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
334 | flags = INTERACTIVE,\r | |
335 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r | |
20333c6d | 336 | \r |
ecc722ad | 337 | endform;\r |
338 | \r | |
339 | //\r | |
340 | // ##9 Form: 'DBX Options'\r | |
341 | //\r | |
342 | form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
343 | title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r | |
344 | \r | |
345 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
346 | \r | |
347 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
348 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
349 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
350 | flags = 0;\r | |
351 | \r | |
352 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
353 | \r | |
354 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
355 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
356 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
357 | flags = INTERACTIVE,\r | |
358 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;\r | |
359 | \r | |
360 | endform;\r | |
361 | \r | |
20333c6d QL |
362 | //\r |
363 | // ##9 Form: 'DBT Options'\r | |
364 | //\r | |
365 | form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
366 | title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r | |
367 | \r | |
368 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
369 | \r | |
370 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
371 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
372 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
373 | flags = 0;\r | |
374 | \r | |
375 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
376 | \r | |
377 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
378 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
379 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
380 | flags = INTERACTIVE,\r | |
381 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r | |
382 | \r | |
383 | endform;\r | |
384 | \r | |
ecc722ad | 385 | //\r |
386 | // Form: 'Delete Signature' for DB Options.\r | |
387 | //\r | |
388 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
389 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
390 | \r | |
391 | label LABEL_DB_DELETE;\r | |
392 | label LABEL_END;\r | |
393 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d | 394 | \r |
ecc722ad | 395 | endform;\r |
396 | \r | |
397 | //\r | |
398 | // Form: 'Delete Signature' for DBX Options.\r | |
399 | //\r | |
400 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
401 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
402 | \r | |
403 | label LABEL_DBX_DELETE;\r | |
404 | label LABEL_END;\r | |
405 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d QL |
406 | \r |
407 | endform;\r | |
408 | \r | |
409 | //\r | |
410 | // Form: 'Delete Signature' for DBT Options.\r | |
411 | //\r | |
412 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
413 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
414 | \r | |
415 | label LABEL_DBT_DELETE;\r | |
416 | label LABEL_END;\r | |
417 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
418 | \r | |
ecc722ad | 419 | endform;\r |
420 | \r | |
421 | //\r | |
422 | // Form: 'Enroll Signature' for DB options.\r | |
423 | //\r | |
424 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
425 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
426 | \r | |
427 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
428 | \r | |
762d8ddb | 429 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r |
ecc722ad | 430 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
431 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
432 | flags = INTERACTIVE,\r | |
433 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
434 | \r | |
435 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
436 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
437 | label LABEL_END;\r | |
438 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
439 | \r | |
440 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
441 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
442 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
443 | flags = INTERACTIVE,\r | |
444 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r | |
445 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
446 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
447 | endstring;\r | |
448 | \r | |
449 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
450 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
451 | \r | |
452 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
453 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
454 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
455 | flags = INTERACTIVE,\r | |
456 | key = KEY_VALUE_SAVE_AND_EXIT_DB;\r | |
20333c6d | 457 | \r |
ecc722ad | 458 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
459 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
460 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
461 | flags = INTERACTIVE,\r | |
462 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r | |
463 | \r | |
464 | endform;\r | |
465 | \r | |
466 | //\r | |
467 | // Form: 'Enroll Signature' for DBX options.\r | |
468 | //\r | |
469 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
470 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
471 | \r | |
472 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
473 | \r | |
762d8ddb | 474 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r |
ecc722ad | 475 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
476 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
477 | flags = INTERACTIVE,\r | |
478 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
479 | \r | |
ecc722ad | 480 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r |
481 | label LABEL_END;\r | |
482 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
483 | \r | |
484 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
485 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
486 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
487 | flags = INTERACTIVE,\r | |
488 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r | |
489 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
490 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
491 | endstring;\r | |
492 | \r | |
20333c6d QL |
493 | oneof name = SignatureFormatInDbx,\r |
494 | varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r | |
495 | prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r | |
496 | help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r | |
497 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;\r | |
498 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;\r | |
499 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;\r | |
500 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;\r | |
501 | endoneof;\r | |
502 | \r | |
503 | suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;\r | |
504 | checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r | |
505 | prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r | |
506 | help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r | |
507 | flags = INTERACTIVE,\r | |
508 | endcheckbox;\r | |
509 | \r | |
510 | suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r | |
511 | date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r | |
512 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r | |
513 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r | |
514 | flags = STORAGE_NORMAL,\r | |
515 | enddate;\r | |
516 | \r | |
517 | time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r | |
518 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r | |
519 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r | |
520 | flags = STORAGE_NORMAL,\r | |
521 | endtime;\r | |
522 | endif;\r | |
523 | endif;\r | |
524 | \r | |
ecc722ad | 525 | subtitle text = STRING_TOKEN(STR_NULL);\r |
526 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
527 | \r | |
528 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
529 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
530 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
531 | flags = INTERACTIVE,\r | |
532 | key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r | |
20333c6d | 533 | \r |
ecc722ad | 534 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
535 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
536 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
537 | flags = INTERACTIVE,\r | |
538 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r | |
539 | \r | |
540 | endform;\r | |
541 | \r | |
20333c6d QL |
542 | //\r |
543 | // Form: 'Enroll Signature' for DBT options.\r | |
544 | //\r | |
545 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
546 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
547 | \r | |
548 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
549 | \r | |
762d8ddb | 550 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r |
20333c6d QL |
551 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
552 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
553 | flags = INTERACTIVE,\r | |
554 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
555 | \r | |
556 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
557 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
558 | label LABEL_END;\r | |
559 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
560 | \r | |
561 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
562 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
563 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
564 | flags = INTERACTIVE,\r | |
565 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r | |
566 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
567 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
568 | endstring;\r | |
569 | \r | |
570 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
571 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
572 | \r | |
573 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
574 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
575 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
576 | flags = INTERACTIVE,\r | |
577 | key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r | |
578 | \r | |
579 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
580 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
581 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
582 | flags = INTERACTIVE,\r | |
583 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r | |
584 | \r | |
585 | endform;\r | |
586 | \r | |
20333c6d | 587 | endformset; |