2 VFR file used by the SecureBoot configuration component.
4 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "SecureBootConfigNvData.h"
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
29 // ##1 Form "Secure Boot Configuration"
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
34 subtitle text = STRING_TOKEN(STR_NULL);
37 // Define of Check Box: Attempt Secure Boot
40 checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,
41 prompt = STRING_TOKEN(STR_NULL),
42 help = STRING_TOKEN(STR_NULL),
47 // Display of Check Box: Attempt Secure Boot
49 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
50 checkbox varid = SECUREBOOT_CONFIGURATION.SecureBootState,
51 questionid = KEY_SECURE_BOOT_ENABLE,
52 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
53 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
59 // Display of Oneof: 'Secure Boot Mode'
61 oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
62 questionid = KEY_SECURE_BOOT_MODE,
63 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
64 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
66 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
67 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
72 // Display of 'Current Secure Boot Mode'
74 suppressif ideqval SECUREBOOT_CONFIGURATION.SecureBootMode == SECURE_BOOT_MODE_STANDARD;
75 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
76 goto FORMID_SECURE_BOOT_OPTION_FORM,
77 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
78 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
80 key = KEY_SECURE_BOOT_OPTION;
86 // ##2 Form: 'Custom Secure Boot Options'
88 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
89 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
91 subtitle text = STRING_TOKEN(STR_NULL);
93 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
94 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
95 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
97 key = KEY_SECURE_BOOT_PK_OPTION;
99 subtitle text = STRING_TOKEN(STR_NULL);
101 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
102 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
103 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
105 key = KEY_SECURE_BOOT_KEK_OPTION;
107 subtitle text = STRING_TOKEN(STR_NULL);
109 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
110 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
111 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
113 key = KEY_SECURE_BOOT_DB_OPTION;
115 subtitle text = STRING_TOKEN(STR_NULL);
117 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
118 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
119 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
121 key = KEY_SECURE_BOOT_DBX_OPTION;
126 // ##3 Form: 'PK Options'
128 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
129 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
131 subtitle text = STRING_TOKEN(STR_NULL);
134 // Define of Check Box: 'Delete PK'
137 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
138 prompt = STRING_TOKEN(STR_NULL),
139 help = STRING_TOKEN(STR_NULL),
143 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
144 goto FORMID_ENROLL_PK_FORM,
145 prompt = STRING_TOKEN(STR_ENROLL_PK),
146 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
151 subtitle text = STRING_TOKEN(STR_NULL);
154 // Display of Check Box: 'Delete Pk'
156 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
157 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
158 questionid = KEY_SECURE_BOOT_DELETE_PK,
159 prompt = STRING_TOKEN(STR_DELETE_PK),
160 help = STRING_TOKEN(STR_DELETE_PK_HELP),
167 // ##4 Form: 'Enroll PK'
169 form formid = FORMID_ENROLL_PK_FORM,
170 title = STRING_TOKEN(STR_ENROLL_PK);
172 subtitle text = STRING_TOKEN(STR_NULL);
174 goto FORM_FILE_EXPLORER_ID_PK,
175 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
176 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
178 key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
182 // ##5 Form: 'KEK Options'
184 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
185 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
188 // Display of 'Enroll KEK'
190 goto FORMID_ENROLL_KEK_FORM,
191 prompt = STRING_TOKEN(STR_ENROLL_KEK),
192 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
195 subtitle text = STRING_TOKEN(STR_NULL);
198 // Display of 'Delete KEK'
200 goto FORMID_DELETE_KEK_FORM,
201 prompt = STRING_TOKEN(STR_DELETE_KEK),
202 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
204 key = KEY_DELETE_KEK;
206 subtitle text = STRING_TOKEN(STR_NULL);
210 // ##6 Form: 'Enroll KEK'
212 form formid = FORMID_ENROLL_KEK_FORM,
213 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
215 subtitle text = STRING_TOKEN(STR_NULL);
217 goto FORM_FILE_EXPLORER_ID_KEK,
218 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
219 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
221 key = FORMID_ENROLL_KEK_FORM;
223 subtitle text = STRING_TOKEN(STR_NULL);
224 label FORMID_ENROLL_KEK_FORM;
226 subtitle text = STRING_TOKEN(STR_NULL);
228 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
229 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
230 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
232 key = KEY_SECURE_BOOT_KEK_GUID,
233 minsize = SECURE_BOOT_GUID_SIZE,
234 maxsize = SECURE_BOOT_GUID_SIZE,
237 subtitle text = STRING_TOKEN(STR_NULL);
238 subtitle text = STRING_TOKEN(STR_NULL);
240 goto FORMID_SECURE_BOOT_OPTION_FORM,
241 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
242 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
244 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
246 goto FORMID_SECURE_BOOT_OPTION_FORM,
247 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
248 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
250 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
255 // ##7 Form: 'Delete KEK'
257 form formid = FORMID_DELETE_KEK_FORM,
258 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
260 label LABEL_KEK_DELETE;
263 subtitle text = STRING_TOKEN(STR_NULL);
268 // ##8 Form: 'DB Options'
270 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
271 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
273 subtitle text = STRING_TOKEN(STR_NULL);
275 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
276 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
277 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
280 subtitle text = STRING_TOKEN(STR_NULL);
282 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
283 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
284 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
286 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
291 // ##9 Form: 'DBX Options'
293 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
294 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
296 subtitle text = STRING_TOKEN(STR_NULL);
298 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
299 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
300 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
303 subtitle text = STRING_TOKEN(STR_NULL);
305 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
306 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
307 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
309 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
314 // Form: 'Delete Signature' for DB Options.
316 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
317 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
319 label LABEL_DB_DELETE;
321 subtitle text = STRING_TOKEN(STR_NULL);
326 // Form: 'Delete Signature' for DBX Options.
328 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
329 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
331 label LABEL_DBX_DELETE;
333 subtitle text = STRING_TOKEN(STR_NULL);
338 // Form: 'Enroll Signature' for DB options.
340 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
341 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
343 subtitle text = STRING_TOKEN(STR_NULL);
345 goto FORM_FILE_EXPLORER_ID_DB,
346 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
347 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
349 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
351 subtitle text = STRING_TOKEN(STR_NULL);
352 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
354 subtitle text = STRING_TOKEN(STR_NULL);
356 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
357 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
358 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
360 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
361 minsize = SECURE_BOOT_GUID_SIZE,
362 maxsize = SECURE_BOOT_GUID_SIZE,
365 subtitle text = STRING_TOKEN(STR_NULL);
366 subtitle text = STRING_TOKEN(STR_NULL);
368 goto FORMID_SECURE_BOOT_OPTION_FORM,
369 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
370 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
372 key = KEY_VALUE_SAVE_AND_EXIT_DB;
374 goto FORMID_SECURE_BOOT_OPTION_FORM,
375 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
376 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
378 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
383 // Form: 'Enroll Signature' for DBX options.
385 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
386 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
388 subtitle text = STRING_TOKEN(STR_NULL);
390 goto FORM_FILE_EXPLORER_ID_DBX,
391 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
392 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
394 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
396 subtitle text = STRING_TOKEN(STR_NULL);
397 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
399 subtitle text = STRING_TOKEN(STR_NULL);
401 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
402 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
403 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
405 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
406 minsize = SECURE_BOOT_GUID_SIZE,
407 maxsize = SECURE_BOOT_GUID_SIZE,
410 subtitle text = STRING_TOKEN(STR_NULL);
411 subtitle text = STRING_TOKEN(STR_NULL);
413 goto FORMID_SECURE_BOOT_OPTION_FORM,
414 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
415 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
417 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
419 goto FORMID_SECURE_BOOT_OPTION_FORM,
420 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
421 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
423 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
428 // File Explorer for PK
430 form formid = FORM_FILE_EXPLORER_ID_PK,
431 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
433 label FORM_FILE_EXPLORER_ID;
438 // File Explorer for KEK
440 form formid = FORM_FILE_EXPLORER_ID_KEK,
441 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
443 label FORM_FILE_EXPLORER_ID;
448 // File Explorer for DB
450 form formid = FORM_FILE_EXPLORER_ID_DB,
451 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
453 label FORM_FILE_EXPLORER_ID;
458 // File Explorer for DBX
460 form formid = FORM_FILE_EXPLORER_ID_DBX,
461 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
463 label FORM_FILE_EXPLORER_ID;
469 // Enroll Pk from File Commit Form
471 form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,
472 title = STRING_TOKEN(STR_SAVE_PK_FILE);
474 label SECUREBOOT_ADD_PK_FILE_FORM_ID;
477 subtitle text = STRING_TOKEN(STR_NULL);
480 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
481 text = STRING_TOKEN(STR_SAVE_AND_EXIT),
482 text = STRING_TOKEN(STR_NULL),
484 key = KEY_VALUE_SAVE_AND_EXIT_PK;
487 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
488 text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
489 text = STRING_TOKEN(STR_NULL),
491 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;