Commit | Line | Data |
---|---|---|
beda2356 | 1 | /** @file\r |
2 | VFR file used by the SecureBoot configuration component.\r | |
3 | \r | |
b3548d32 | 4 | Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r |
289b714b | 5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
beda2356 | 6 | \r |
7 | **/\r | |
8 | \r | |
9 | #include "SecureBootConfigNvData.h"\r | |
10 | \r | |
11 | formset\r | |
12 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r | |
13 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r | |
14 | help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r | |
15 | classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r | |
16 | \r | |
17 | varstore SECUREBOOT_CONFIGURATION,\r | |
18 | varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r | |
19 | name = SECUREBOOT_CONFIGURATION,\r | |
20 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r | |
20333c6d | 21 | \r |
ecc722ad | 22 | //\r |
23 | // ##1 Form "Secure Boot Configuration"\r | |
24 | //\r | |
beda2356 | 25 | form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r |
26 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r | |
27 | \r | |
28 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
f71ed839 | 29 | \r |
30 | text\r | |
31 | help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r | |
32 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r | |
33 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r | |
20333c6d | 34 | \r |
ecc722ad | 35 | //\r |
36 | // Display of Check Box: Attempt Secure Boot\r | |
37 | //\r | |
e8903bb7 | 38 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
f71ed839 | 39 | checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r |
beda2356 | 40 | questionid = KEY_SECURE_BOOT_ENABLE,\r |
41 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r | |
42 | help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r | |
8f8ca22e | 43 | flags = INTERACTIVE | RESET_REQUIRED,\r |
ecc722ad | 44 | endcheckbox;\r |
45 | endif;\r | |
20333c6d | 46 | \r |
ecc722ad | 47 | //\r |
48 | // Display of Oneof: 'Secure Boot Mode'\r | |
49 | //\r | |
142d2dcb CZ |
50 | oneof name = SecureBootMode,\r |
51 | questionid = KEY_SECURE_BOOT_MODE,\r | |
52 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r | |
53 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
54 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
55 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r | |
56 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
57 | endoneof;\r | |
20333c6d | 58 | \r |
ecc722ad | 59 | //\r |
12087ff6 | 60 | // Display of 'Current Secure Boot Mode'\r |
ecc722ad | 61 | //\r |
a365eed4 | 62 | suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r |
96832eef CZ |
63 | grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
64 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
65 | prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r | |
66 | help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r | |
67 | flags = INTERACTIVE,\r | |
68 | key = KEY_SECURE_BOOT_OPTION;\r | |
69 | endif;\r | |
ecc722ad | 70 | endif;\r |
96832eef | 71 | \r |
55266a9b GB |
72 | text\r |
73 | help = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS_HELP),\r | |
74 | text = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS),\r | |
75 | flags = INTERACTIVE,\r | |
76 | key = KEY_SECURE_BOOT_RESET_TO_DEFAULT;\r | |
77 | \r | |
ecc722ad | 78 | endform;\r |
20333c6d | 79 | \r |
ecc722ad | 80 | //\r |
81 | // ##2 Form: 'Custom Secure Boot Options'\r | |
82 | //\r | |
83 | form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r | |
84 | title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r | |
20333c6d | 85 | \r |
ecc722ad | 86 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 87 | \r |
ecc722ad | 88 | goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r |
89 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r | |
90 | help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r | |
91 | flags = INTERACTIVE,\r | |
92 | key = KEY_SECURE_BOOT_PK_OPTION;\r | |
20333c6d | 93 | \r |
ecc722ad | 94 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 95 | \r |
ecc722ad | 96 | goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r |
97 | prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r | |
98 | help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r | |
99 | flags = INTERACTIVE,\r | |
100 | key = KEY_SECURE_BOOT_KEK_OPTION;\r | |
20333c6d | 101 | \r |
ecc722ad | 102 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 103 | \r |
ecc722ad | 104 | goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r |
105 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r | |
106 | help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r | |
107 | flags = INTERACTIVE,\r | |
108 | key = KEY_SECURE_BOOT_DB_OPTION;\r | |
20333c6d | 109 | \r |
ecc722ad | 110 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 111 | \r |
ecc722ad | 112 | goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r |
113 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r | |
114 | help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r | |
115 | flags = INTERACTIVE,\r | |
116 | key = KEY_SECURE_BOOT_DBX_OPTION;\r | |
117 | \r | |
20333c6d QL |
118 | subtitle text = STRING_TOKEN(STR_NULL);\r |
119 | \r | |
120 | goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
121 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r | |
122 | help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r | |
123 | flags = INTERACTIVE,\r | |
124 | key = KEY_SECURE_BOOT_DBT_OPTION;\r | |
125 | \r | |
ecc722ad | 126 | endform;\r |
20333c6d | 127 | \r |
ecc722ad | 128 | //\r |
129 | // ##3 Form: 'PK Options'\r | |
130 | //\r | |
131 | form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
132 | title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r | |
20333c6d | 133 | \r |
ecc722ad | 134 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 135 | \r |
ecc722ad | 136 | //\r |
142d2dcb | 137 | // Display of 'Enroll PK'\r |
ecc722ad | 138 | //\r |
ecc722ad | 139 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r |
140 | goto FORMID_ENROLL_PK_FORM,\r | |
141 | prompt = STRING_TOKEN(STR_ENROLL_PK),\r | |
142 | help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r | |
143 | flags = INTERACTIVE,\r | |
144 | key = KEY_ENROLL_PK;\r | |
145 | endif;\r | |
20333c6d | 146 | \r |
ecc722ad | 147 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 148 | \r |
ecc722ad | 149 | //\r |
20333c6d | 150 | // Display of Check Box: 'Delete Pk'\r |
ecc722ad | 151 | //\r |
152 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r | |
153 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
154 | questionid = KEY_SECURE_BOOT_DELETE_PK,\r | |
20333c6d | 155 | prompt = STRING_TOKEN(STR_DELETE_PK),\r |
ecc722ad | 156 | help = STRING_TOKEN(STR_DELETE_PK_HELP),\r |
0fb450fb | 157 | flags = INTERACTIVE | RESET_REQUIRED,\r |
beda2356 | 158 | endcheckbox;\r |
159 | endif;\r | |
ecc722ad | 160 | endform;\r |
20333c6d | 161 | \r |
ecc722ad | 162 | //\r |
163 | // ##4 Form: 'Enroll PK'\r | |
164 | //\r | |
165 | form formid = FORMID_ENROLL_PK_FORM,\r | |
166 | title = STRING_TOKEN(STR_ENROLL_PK);\r | |
20333c6d | 167 | \r |
ecc722ad | 168 | subtitle text = STRING_TOKEN(STR_NULL);\r |
169 | \r | |
762d8ddb | 170 | goto FORMID_ENROLL_PK_FORM,\r |
ecc722ad | 171 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r |
172 | help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
173 | flags = INTERACTIVE,\r | |
762d8ddb DB |
174 | key = FORMID_ENROLL_PK_FORM;\r |
175 | \r | |
176 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
177 | label FORMID_ENROLL_PK_FORM;\r | |
178 | label LABEL_END;\r | |
179 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
180 | \r | |
181 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
182 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
183 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
184 | flags = INTERACTIVE| RESET_REQUIRED,\r | |
185 | key = KEY_VALUE_SAVE_AND_EXIT_PK;\r | |
186 | \r | |
187 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
188 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
189 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
190 | flags = INTERACTIVE,\r | |
191 | key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r | |
192 | \r | |
ecc722ad | 193 | endform;\r |
20333c6d | 194 | \r |
ecc722ad | 195 | //\r |
196 | // ##5 Form: 'KEK Options'\r | |
197 | //\r | |
198 | form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
199 | title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r | |
200 | \r | |
201 | //\r | |
20333c6d | 202 | // Display of 'Enroll KEK'\r |
ecc722ad | 203 | //\r |
204 | goto FORMID_ENROLL_KEK_FORM,\r | |
205 | prompt = STRING_TOKEN(STR_ENROLL_KEK),\r | |
206 | help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r | |
207 | flags = INTERACTIVE;\r | |
20333c6d QL |
208 | \r |
209 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
210 | \r | |
ecc722ad | 211 | //\r |
20333c6d | 212 | // Display of 'Delete KEK'\r |
ecc722ad | 213 | //\r |
214 | goto FORMID_DELETE_KEK_FORM,\r | |
215 | prompt = STRING_TOKEN(STR_DELETE_KEK),\r | |
216 | help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r | |
217 | flags = INTERACTIVE,\r | |
218 | key = KEY_DELETE_KEK;\r | |
20333c6d QL |
219 | \r |
220 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 221 | endform;\r |
222 | \r | |
223 | //\r | |
20333c6d | 224 | // ##6 Form: 'Enroll KEK'\r |
ecc722ad | 225 | //\r |
226 | form formid = FORMID_ENROLL_KEK_FORM,\r | |
227 | title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r | |
228 | \r | |
229 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
230 | \r | |
762d8ddb | 231 | goto FORMID_ENROLL_KEK_FORM,\r |
ecc722ad | 232 | prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r |
233 | help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r | |
234 | flags = INTERACTIVE,\r | |
235 | key = FORMID_ENROLL_KEK_FORM;\r | |
236 | \r | |
237 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
238 | label FORMID_ENROLL_KEK_FORM;\r | |
239 | label LABEL_END;\r | |
240 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
241 | \r | |
242 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
243 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
244 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
245 | flags = INTERACTIVE,\r | |
246 | key = KEY_SECURE_BOOT_KEK_GUID,\r | |
247 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
248 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
249 | endstring;\r | |
250 | \r | |
251 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
252 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
253 | \r | |
254 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
255 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
256 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
257 | flags = INTERACTIVE,\r | |
258 | key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r | |
20333c6d | 259 | \r |
ecc722ad | 260 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
261 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
262 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
263 | flags = INTERACTIVE,\r | |
264 | key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r | |
265 | \r | |
266 | endform;\r | |
267 | \r | |
268 | //\r | |
269 | // ##7 Form: 'Delete KEK'\r | |
20333c6d | 270 | //\r |
ecc722ad | 271 | form formid = FORMID_DELETE_KEK_FORM,\r |
272 | title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r | |
273 | \r | |
274 | label LABEL_KEK_DELETE;\r | |
275 | label LABEL_END;\r | |
20333c6d | 276 | \r |
ecc722ad | 277 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 278 | \r |
ecc722ad | 279 | endform;\r |
280 | \r | |
281 | //\r | |
282 | // ##8 Form: 'DB Options'\r | |
283 | //\r | |
284 | form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
285 | title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r | |
286 | \r | |
287 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
288 | \r | |
289 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
290 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
291 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
292 | flags = 0;\r | |
293 | \r | |
294 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
295 | \r | |
296 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
297 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
298 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
299 | flags = INTERACTIVE,\r | |
300 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r | |
20333c6d | 301 | \r |
ecc722ad | 302 | endform;\r |
303 | \r | |
304 | //\r | |
305 | // ##9 Form: 'DBX Options'\r | |
306 | //\r | |
307 | form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
308 | title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r | |
309 | \r | |
310 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
311 | \r | |
312 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
313 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
314 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
315 | flags = 0;\r | |
316 | \r | |
317 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
318 | \r | |
85974aef | 319 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r |
ecc722ad | 320 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r |
321 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
322 | flags = INTERACTIVE,\r | |
85974aef | 323 | key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;\r |
ecc722ad | 324 | \r |
325 | endform;\r | |
326 | \r | |
20333c6d QL |
327 | //\r |
328 | // ##9 Form: 'DBT Options'\r | |
329 | //\r | |
330 | form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
331 | title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r | |
332 | \r | |
333 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
334 | \r | |
335 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
336 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
337 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
338 | flags = 0;\r | |
339 | \r | |
340 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
341 | \r | |
342 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
343 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
344 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
345 | flags = INTERACTIVE,\r | |
346 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r | |
347 | \r | |
348 | endform;\r | |
349 | \r | |
ecc722ad | 350 | //\r |
351 | // Form: 'Delete Signature' for DB Options.\r | |
352 | //\r | |
353 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
354 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
355 | \r | |
356 | label LABEL_DB_DELETE;\r | |
357 | label LABEL_END;\r | |
358 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d | 359 | \r |
ecc722ad | 360 | endform;\r |
361 | \r | |
362 | //\r | |
85974aef | 363 | // Form: Display Signature List.\r |
ecc722ad | 364 | //\r |
85974aef | 365 | form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r |
366 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);\r | |
367 | \r | |
368 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
369 | \r | |
370 | grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;\r | |
371 | label LABEL_DELETE_ALL_LIST_BUTTON;\r | |
372 | //\r | |
373 | // Will create a goto button dynamically here.\r | |
374 | //\r | |
375 | label LABEL_END;\r | |
376 | endif;\r | |
377 | \r | |
378 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
379 | label LABEL_SIGNATURE_LIST_START;\r | |
380 | label LABEL_END;\r | |
381 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 382 | \r |
85974aef | 383 | endform;\r |
384 | \r | |
385 | //\r | |
386 | // Form: Display Signature Data.\r | |
387 | //\r | |
388 | form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,\r | |
389 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);\r | |
390 | \r | |
391 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
392 | \r | |
393 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
394 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),\r | |
395 | help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),\r | |
396 | flags = INTERACTIVE,\r | |
397 | key = KEY_SECURE_BOOT_DELETE_ALL_DATA;\r | |
398 | \r | |
399 | grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;\r | |
400 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
401 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),\r | |
402 | help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),\r | |
403 | flags = INTERACTIVE,\r | |
404 | key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;\r | |
405 | endif;\r | |
406 | \r | |
407 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
408 | label LABEL_SIGNATURE_DATA_START;\r | |
ecc722ad | 409 | label LABEL_END;\r |
410 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d QL |
411 | \r |
412 | endform;\r | |
413 | \r | |
85974aef | 414 | \r |
20333c6d QL |
415 | //\r |
416 | // Form: 'Delete Signature' for DBT Options.\r | |
417 | //\r | |
418 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
419 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
420 | \r | |
421 | label LABEL_DBT_DELETE;\r | |
422 | label LABEL_END;\r | |
423 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
424 | \r | |
ecc722ad | 425 | endform;\r |
426 | \r | |
427 | //\r | |
428 | // Form: 'Enroll Signature' for DB options.\r | |
429 | //\r | |
430 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
431 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
432 | \r | |
433 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
434 | \r | |
762d8ddb | 435 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r |
ecc722ad | 436 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
437 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
438 | flags = INTERACTIVE,\r | |
439 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
440 | \r | |
441 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
442 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
443 | label LABEL_END;\r | |
444 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
445 | \r | |
446 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
447 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
448 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
449 | flags = INTERACTIVE,\r | |
450 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r | |
451 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
452 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
453 | endstring;\r | |
454 | \r | |
455 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
456 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
457 | \r | |
458 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
459 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
460 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
461 | flags = INTERACTIVE,\r | |
462 | key = KEY_VALUE_SAVE_AND_EXIT_DB;\r | |
20333c6d | 463 | \r |
ecc722ad | 464 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
465 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
466 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
467 | flags = INTERACTIVE,\r | |
468 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r | |
469 | \r | |
470 | endform;\r | |
471 | \r | |
472 | //\r | |
473 | // Form: 'Enroll Signature' for DBX options.\r | |
474 | //\r | |
475 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
476 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
477 | \r | |
478 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
479 | \r | |
762d8ddb | 480 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r |
ecc722ad | 481 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
482 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
483 | flags = INTERACTIVE,\r | |
484 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
485 | \r | |
ecc722ad | 486 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r |
487 | label LABEL_END;\r | |
488 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
489 | \r | |
4de754e1 ZC |
490 | grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r |
491 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
492 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
493 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
494 | flags = INTERACTIVE,\r | |
495 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r | |
496 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
497 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
498 | endstring;\r | |
499 | endif;\r | |
ecc722ad | 500 | \r |
4de754e1 ZC |
501 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r |
502 | oneof name = X509SignatureFormatInDbx,\r | |
503 | varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r | |
504 | prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r | |
505 | help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r | |
506 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r | |
507 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r | |
508 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r | |
509 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r | |
510 | endoneof;\r | |
511 | endif;\r | |
512 | \r | |
513 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r | |
514 | text\r | |
515 | help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r | |
516 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
517 | text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r | |
518 | endif;\r | |
519 | \r | |
520 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r | |
521 | text\r | |
522 | help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r | |
523 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
524 | text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r | |
525 | endif;\r | |
20333c6d | 526 | \r |
e9429e79 | 527 | suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r |
20333c6d QL |
528 | checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r |
529 | prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r | |
530 | help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r | |
531 | flags = INTERACTIVE,\r | |
532 | endcheckbox;\r | |
533 | \r | |
534 | suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r | |
535 | date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r | |
536 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r | |
537 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r | |
538 | flags = STORAGE_NORMAL,\r | |
539 | enddate;\r | |
540 | \r | |
541 | time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r | |
542 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r | |
543 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r | |
544 | flags = STORAGE_NORMAL,\r | |
545 | endtime;\r | |
546 | endif;\r | |
547 | endif;\r | |
548 | \r | |
ecc722ad | 549 | subtitle text = STRING_TOKEN(STR_NULL);\r |
550 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
551 | \r | |
552 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
553 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
554 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
555 | flags = INTERACTIVE,\r | |
556 | key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r | |
20333c6d | 557 | \r |
ecc722ad | 558 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
559 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
560 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
561 | flags = INTERACTIVE,\r | |
562 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r | |
563 | \r | |
564 | endform;\r | |
565 | \r | |
20333c6d QL |
566 | //\r |
567 | // Form: 'Enroll Signature' for DBT options.\r | |
568 | //\r | |
569 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
570 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
571 | \r | |
572 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
573 | \r | |
762d8ddb | 574 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r |
20333c6d QL |
575 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
576 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
577 | flags = INTERACTIVE,\r | |
578 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
579 | \r | |
580 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
581 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
582 | label LABEL_END;\r | |
583 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
584 | \r | |
585 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
586 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
587 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
588 | flags = INTERACTIVE,\r | |
589 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r | |
590 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
591 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
592 | endstring;\r | |
593 | \r | |
594 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
595 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
596 | \r | |
597 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
598 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
599 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
600 | flags = INTERACTIVE,\r | |
601 | key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r | |
602 | \r | |
603 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
604 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
605 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
606 | flags = INTERACTIVE,\r | |
607 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r | |
608 | \r | |
609 | endform;\r | |
610 | \r | |
b3548d32 | 611 | endformset;\r |