]>
Commit | Line | Data |
---|---|---|
beda2356 | 1 | /** @file\r |
2 | VFR file used by the SecureBoot configuration component.\r | |
3 | \r | |
4de754e1 | 4 | Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r |
20333c6d QL |
5 | This program and the accompanying materials\r |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
beda2356 | 8 | http://opensource.org/licenses/bsd-license.php\r |
9 | \r | |
20333c6d | 10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r |
beda2356 | 11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #include "SecureBootConfigNvData.h"\r | |
16 | \r | |
17 | formset\r | |
18 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r | |
19 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r | |
20 | help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r | |
21 | classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r | |
22 | \r | |
23 | varstore SECUREBOOT_CONFIGURATION,\r | |
24 | varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r | |
25 | name = SECUREBOOT_CONFIGURATION,\r | |
26 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r | |
20333c6d | 27 | \r |
ecc722ad | 28 | //\r |
29 | // ##1 Form "Secure Boot Configuration"\r | |
30 | //\r | |
beda2356 | 31 | form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r |
32 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r | |
33 | \r | |
34 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
f71ed839 | 35 | \r |
36 | text\r | |
37 | help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r | |
38 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r | |
39 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r | |
20333c6d | 40 | \r |
ecc722ad | 41 | //\r |
42 | // Display of Check Box: Attempt Secure Boot\r | |
43 | //\r | |
e8903bb7 | 44 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
f71ed839 | 45 | checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r |
beda2356 | 46 | questionid = KEY_SECURE_BOOT_ENABLE,\r |
47 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r | |
48 | help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r | |
8f8ca22e | 49 | flags = INTERACTIVE | RESET_REQUIRED,\r |
ecc722ad | 50 | endcheckbox;\r |
51 | endif;\r | |
20333c6d | 52 | \r |
ecc722ad | 53 | //\r |
54 | // Display of Oneof: 'Secure Boot Mode'\r | |
55 | //\r | |
142d2dcb CZ |
56 | oneof name = SecureBootMode,\r |
57 | questionid = KEY_SECURE_BOOT_MODE,\r | |
58 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r | |
59 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
60 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
61 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r | |
62 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
63 | endoneof;\r | |
20333c6d | 64 | \r |
ecc722ad | 65 | //\r |
12087ff6 | 66 | // Display of 'Current Secure Boot Mode'\r |
ecc722ad | 67 | //\r |
a365eed4 | 68 | suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r |
96832eef CZ |
69 | grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
70 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
71 | prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r | |
72 | help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r | |
73 | flags = INTERACTIVE,\r | |
74 | key = KEY_SECURE_BOOT_OPTION;\r | |
75 | endif;\r | |
ecc722ad | 76 | endif;\r |
96832eef | 77 | \r |
ecc722ad | 78 | endform;\r |
20333c6d | 79 | \r |
ecc722ad | 80 | //\r |
81 | // ##2 Form: 'Custom Secure Boot Options'\r | |
82 | //\r | |
83 | form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r | |
84 | title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r | |
20333c6d | 85 | \r |
ecc722ad | 86 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 87 | \r |
ecc722ad | 88 | goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r |
89 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r | |
90 | help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r | |
91 | flags = INTERACTIVE,\r | |
92 | key = KEY_SECURE_BOOT_PK_OPTION;\r | |
20333c6d | 93 | \r |
ecc722ad | 94 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 95 | \r |
ecc722ad | 96 | goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r |
97 | prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r | |
98 | help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r | |
99 | flags = INTERACTIVE,\r | |
100 | key = KEY_SECURE_BOOT_KEK_OPTION;\r | |
20333c6d | 101 | \r |
ecc722ad | 102 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 103 | \r |
ecc722ad | 104 | goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r |
105 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r | |
106 | help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r | |
107 | flags = INTERACTIVE,\r | |
108 | key = KEY_SECURE_BOOT_DB_OPTION;\r | |
20333c6d | 109 | \r |
ecc722ad | 110 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 111 | \r |
ecc722ad | 112 | goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r |
113 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r | |
114 | help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r | |
115 | flags = INTERACTIVE,\r | |
116 | key = KEY_SECURE_BOOT_DBX_OPTION;\r | |
117 | \r | |
20333c6d QL |
118 | subtitle text = STRING_TOKEN(STR_NULL);\r |
119 | \r | |
120 | goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
121 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r | |
122 | help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r | |
123 | flags = INTERACTIVE,\r | |
124 | key = KEY_SECURE_BOOT_DBT_OPTION;\r | |
125 | \r | |
ecc722ad | 126 | endform;\r |
20333c6d | 127 | \r |
ecc722ad | 128 | //\r |
129 | // ##3 Form: 'PK Options'\r | |
130 | //\r | |
131 | form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
132 | title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r | |
20333c6d | 133 | \r |
ecc722ad | 134 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 135 | \r |
ecc722ad | 136 | //\r |
142d2dcb | 137 | // Display of 'Enroll PK'\r |
ecc722ad | 138 | //\r |
ecc722ad | 139 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r |
140 | goto FORMID_ENROLL_PK_FORM,\r | |
141 | prompt = STRING_TOKEN(STR_ENROLL_PK),\r | |
142 | help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r | |
143 | flags = INTERACTIVE,\r | |
144 | key = KEY_ENROLL_PK;\r | |
145 | endif;\r | |
20333c6d | 146 | \r |
ecc722ad | 147 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 148 | \r |
ecc722ad | 149 | //\r |
20333c6d | 150 | // Display of Check Box: 'Delete Pk'\r |
ecc722ad | 151 | //\r |
152 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r | |
153 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
154 | questionid = KEY_SECURE_BOOT_DELETE_PK,\r | |
20333c6d | 155 | prompt = STRING_TOKEN(STR_DELETE_PK),\r |
ecc722ad | 156 | help = STRING_TOKEN(STR_DELETE_PK_HELP),\r |
0fb450fb | 157 | flags = INTERACTIVE | RESET_REQUIRED,\r |
beda2356 | 158 | endcheckbox;\r |
159 | endif;\r | |
ecc722ad | 160 | endform;\r |
20333c6d | 161 | \r |
ecc722ad | 162 | //\r |
163 | // ##4 Form: 'Enroll PK'\r | |
164 | //\r | |
165 | form formid = FORMID_ENROLL_PK_FORM,\r | |
166 | title = STRING_TOKEN(STR_ENROLL_PK);\r | |
20333c6d | 167 | \r |
ecc722ad | 168 | subtitle text = STRING_TOKEN(STR_NULL);\r |
169 | \r | |
762d8ddb | 170 | goto FORMID_ENROLL_PK_FORM,\r |
ecc722ad | 171 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r |
172 | help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
173 | flags = INTERACTIVE,\r | |
762d8ddb DB |
174 | key = FORMID_ENROLL_PK_FORM;\r |
175 | \r | |
176 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
177 | label FORMID_ENROLL_PK_FORM;\r | |
178 | label LABEL_END;\r | |
179 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
180 | \r | |
181 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
182 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
183 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
184 | flags = INTERACTIVE| RESET_REQUIRED,\r | |
185 | key = KEY_VALUE_SAVE_AND_EXIT_PK;\r | |
186 | \r | |
187 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
188 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
189 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
190 | flags = INTERACTIVE,\r | |
191 | key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r | |
192 | \r | |
ecc722ad | 193 | endform;\r |
20333c6d | 194 | \r |
ecc722ad | 195 | //\r |
196 | // ##5 Form: 'KEK Options'\r | |
197 | //\r | |
198 | form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
199 | title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r | |
200 | \r | |
201 | //\r | |
20333c6d | 202 | // Display of 'Enroll KEK'\r |
ecc722ad | 203 | //\r |
204 | goto FORMID_ENROLL_KEK_FORM,\r | |
205 | prompt = STRING_TOKEN(STR_ENROLL_KEK),\r | |
206 | help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r | |
207 | flags = INTERACTIVE;\r | |
20333c6d QL |
208 | \r |
209 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
210 | \r | |
ecc722ad | 211 | //\r |
20333c6d | 212 | // Display of 'Delete KEK'\r |
ecc722ad | 213 | //\r |
214 | goto FORMID_DELETE_KEK_FORM,\r | |
215 | prompt = STRING_TOKEN(STR_DELETE_KEK),\r | |
216 | help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r | |
217 | flags = INTERACTIVE,\r | |
218 | key = KEY_DELETE_KEK;\r | |
20333c6d QL |
219 | \r |
220 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 221 | endform;\r |
222 | \r | |
223 | //\r | |
20333c6d | 224 | // ##6 Form: 'Enroll KEK'\r |
ecc722ad | 225 | //\r |
226 | form formid = FORMID_ENROLL_KEK_FORM,\r | |
227 | title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r | |
228 | \r | |
229 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
230 | \r | |
762d8ddb | 231 | goto FORMID_ENROLL_KEK_FORM,\r |
ecc722ad | 232 | prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r |
233 | help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r | |
234 | flags = INTERACTIVE,\r | |
235 | key = FORMID_ENROLL_KEK_FORM;\r | |
236 | \r | |
237 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
238 | label FORMID_ENROLL_KEK_FORM;\r | |
239 | label LABEL_END;\r | |
240 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
241 | \r | |
242 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
243 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
244 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
245 | flags = INTERACTIVE,\r | |
246 | key = KEY_SECURE_BOOT_KEK_GUID,\r | |
247 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
248 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
249 | endstring;\r | |
250 | \r | |
251 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
252 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
253 | \r | |
254 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
255 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
256 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
257 | flags = INTERACTIVE,\r | |
258 | key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r | |
20333c6d | 259 | \r |
ecc722ad | 260 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
261 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
262 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
263 | flags = INTERACTIVE,\r | |
264 | key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r | |
265 | \r | |
266 | endform;\r | |
267 | \r | |
268 | //\r | |
269 | // ##7 Form: 'Delete KEK'\r | |
20333c6d | 270 | //\r |
ecc722ad | 271 | form formid = FORMID_DELETE_KEK_FORM,\r |
272 | title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r | |
273 | \r | |
274 | label LABEL_KEK_DELETE;\r | |
275 | label LABEL_END;\r | |
20333c6d | 276 | \r |
ecc722ad | 277 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 278 | \r |
ecc722ad | 279 | endform;\r |
280 | \r | |
281 | //\r | |
282 | // ##8 Form: 'DB Options'\r | |
283 | //\r | |
284 | form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
285 | title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r | |
286 | \r | |
287 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
288 | \r | |
289 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
290 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
291 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
292 | flags = 0;\r | |
293 | \r | |
294 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
295 | \r | |
296 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
297 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
298 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
299 | flags = INTERACTIVE,\r | |
300 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r | |
20333c6d | 301 | \r |
ecc722ad | 302 | endform;\r |
303 | \r | |
304 | //\r | |
305 | // ##9 Form: 'DBX Options'\r | |
306 | //\r | |
307 | form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
308 | title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r | |
309 | \r | |
310 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
311 | \r | |
312 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
313 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
314 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
315 | flags = 0;\r | |
316 | \r | |
317 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
318 | \r | |
319 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
320 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
321 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
322 | flags = INTERACTIVE,\r | |
323 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;\r | |
324 | \r | |
325 | endform;\r | |
326 | \r | |
20333c6d QL |
327 | //\r |
328 | // ##9 Form: 'DBT Options'\r | |
329 | //\r | |
330 | form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
331 | title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r | |
332 | \r | |
333 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
334 | \r | |
335 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
336 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
337 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
338 | flags = 0;\r | |
339 | \r | |
340 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
341 | \r | |
342 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
343 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
344 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
345 | flags = INTERACTIVE,\r | |
346 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r | |
347 | \r | |
348 | endform;\r | |
349 | \r | |
ecc722ad | 350 | //\r |
351 | // Form: 'Delete Signature' for DB Options.\r | |
352 | //\r | |
353 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
354 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
355 | \r | |
356 | label LABEL_DB_DELETE;\r | |
357 | label LABEL_END;\r | |
358 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d | 359 | \r |
ecc722ad | 360 | endform;\r |
361 | \r | |
362 | //\r | |
363 | // Form: 'Delete Signature' for DBX Options.\r | |
364 | //\r | |
365 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
366 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
367 | \r | |
368 | label LABEL_DBX_DELETE;\r | |
369 | label LABEL_END;\r | |
370 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d QL |
371 | \r |
372 | endform;\r | |
373 | \r | |
374 | //\r | |
375 | // Form: 'Delete Signature' for DBT Options.\r | |
376 | //\r | |
377 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
378 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
379 | \r | |
380 | label LABEL_DBT_DELETE;\r | |
381 | label LABEL_END;\r | |
382 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
383 | \r | |
ecc722ad | 384 | endform;\r |
385 | \r | |
386 | //\r | |
387 | // Form: 'Enroll Signature' for DB options.\r | |
388 | //\r | |
389 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
390 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
391 | \r | |
392 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
393 | \r | |
762d8ddb | 394 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r |
ecc722ad | 395 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
396 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
397 | flags = INTERACTIVE,\r | |
398 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
399 | \r | |
400 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
401 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
402 | label LABEL_END;\r | |
403 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
404 | \r | |
405 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
406 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
407 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
408 | flags = INTERACTIVE,\r | |
409 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r | |
410 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
411 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
412 | endstring;\r | |
413 | \r | |
414 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
415 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
416 | \r | |
417 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
418 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
419 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
420 | flags = INTERACTIVE,\r | |
421 | key = KEY_VALUE_SAVE_AND_EXIT_DB;\r | |
20333c6d | 422 | \r |
ecc722ad | 423 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
424 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
425 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
426 | flags = INTERACTIVE,\r | |
427 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r | |
428 | \r | |
429 | endform;\r | |
430 | \r | |
431 | //\r | |
432 | // Form: 'Enroll Signature' for DBX options.\r | |
433 | //\r | |
434 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
435 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
436 | \r | |
437 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
438 | \r | |
762d8ddb | 439 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r |
ecc722ad | 440 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
441 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
442 | flags = INTERACTIVE,\r | |
443 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
444 | \r | |
ecc722ad | 445 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r |
446 | label LABEL_END;\r | |
447 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
448 | \r | |
4de754e1 ZC |
449 | grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r |
450 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
451 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
452 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
453 | flags = INTERACTIVE,\r | |
454 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r | |
455 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
456 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
457 | endstring;\r | |
458 | endif;\r | |
ecc722ad | 459 | \r |
4de754e1 ZC |
460 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r |
461 | oneof name = X509SignatureFormatInDbx,\r | |
462 | varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r | |
463 | prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r | |
464 | help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r | |
465 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r | |
466 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r | |
467 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r | |
468 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r | |
469 | endoneof;\r | |
470 | endif;\r | |
471 | \r | |
472 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r | |
473 | text\r | |
474 | help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r | |
475 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
476 | text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r | |
477 | endif;\r | |
478 | \r | |
479 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r | |
480 | text\r | |
481 | help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r | |
482 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
483 | text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r | |
484 | endif;\r | |
20333c6d | 485 | \r |
e9429e79 | 486 | suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r |
20333c6d QL |
487 | checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r |
488 | prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r | |
489 | help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r | |
490 | flags = INTERACTIVE,\r | |
491 | endcheckbox;\r | |
492 | \r | |
493 | suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r | |
494 | date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r | |
495 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r | |
496 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r | |
497 | flags = STORAGE_NORMAL,\r | |
498 | enddate;\r | |
499 | \r | |
500 | time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r | |
501 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r | |
502 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r | |
503 | flags = STORAGE_NORMAL,\r | |
504 | endtime;\r | |
505 | endif;\r | |
506 | endif;\r | |
507 | \r | |
ecc722ad | 508 | subtitle text = STRING_TOKEN(STR_NULL);\r |
509 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
510 | \r | |
511 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
512 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
513 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
514 | flags = INTERACTIVE,\r | |
515 | key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r | |
20333c6d | 516 | \r |
ecc722ad | 517 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
518 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
519 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
520 | flags = INTERACTIVE,\r | |
521 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r | |
522 | \r | |
523 | endform;\r | |
524 | \r | |
20333c6d QL |
525 | //\r |
526 | // Form: 'Enroll Signature' for DBT options.\r | |
527 | //\r | |
528 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
529 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
530 | \r | |
531 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
532 | \r | |
762d8ddb | 533 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r |
20333c6d QL |
534 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
535 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
536 | flags = INTERACTIVE,\r | |
537 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
538 | \r | |
539 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
540 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
541 | label LABEL_END;\r | |
542 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
543 | \r | |
544 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
545 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
546 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
547 | flags = INTERACTIVE,\r | |
548 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r | |
549 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
550 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
551 | endstring;\r | |
552 | \r | |
553 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
554 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
555 | \r | |
556 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
557 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
558 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
559 | flags = INTERACTIVE,\r | |
560 | key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r | |
561 | \r | |
562 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
563 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
564 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
565 | flags = INTERACTIVE,\r | |
566 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r | |
567 | \r | |
568 | endform;\r | |
569 | \r | |
20333c6d | 570 | endformset; |