]> git.proxmox.com Git - mirror_edk2.git/blame - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure...
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
CommitLineData
beda2356 1/** @file\r
2 VFR file used by the SecureBoot configuration component.\r
3\r
20333c6d
QL		 4Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>\r
5This program and the accompanying materials\r
6are licensed and made available under the terms and conditions of the BSD License\r
7which accompanies this distribution. The full text of the license may be found at\r
beda2356 8http://opensource.org/licenses/bsd-license.php\r
9\r
20333c6d 10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
beda2356 11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
12\r
13**/\r
14\r
15#include "SecureBootConfigNvData.h"\r
16\r
17formset\r
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r
22\r
23 varstore SECUREBOOT_CONFIGURATION,\r
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r
25 name = SECUREBOOT_CONFIGURATION,\r
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r
20333c6d 27\r
ecc722ad 28 //\r
29 // ##1 Form "Secure Boot Configuration"\r
30 //\r
beda2356 31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r
33\r
34 subtitle text = STRING_TOKEN(STR_NULL);\r
f71ed839 35\r
36 text\r
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
20333c6d 40\r
ecc722ad 41 //\r
42 // Define of Check Box: Attempt Secure Boot\r
43 //\r
beda2356 44 suppressif TRUE;\r
45 checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,\r
a2f2c258 46 questionid = KEY_HIDE_SECURE_BOOT,\r
beda2356 47 prompt = STRING_TOKEN(STR_NULL),\r
48 help = STRING_TOKEN(STR_NULL),\r
a2f2c258 49 flags = INTERACTIVE,\r
beda2356 50 endcheckbox;\r
20333c6d
QL		 51 endif;\r
52\r
ecc722ad 53 //\r
54 // Display of Check Box: Attempt Secure Boot\r
55 //\r
beda2356 56 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
f71ed839 57 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
beda2356 58 questionid = KEY_SECURE_BOOT_ENABLE,\r
59 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
60 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r
8f8ca22e 61 flags = INTERACTIVE | RESET_REQUIRED,\r
ecc722ad 62 endcheckbox;\r
63 endif;\r
20333c6d 64\r
ecc722ad 65 //\r
66 // Display of Oneof: 'Secure Boot Mode'\r
67 //\r
a365eed4
FS		 68 disableif TRUE;\r
69 oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,\r
70 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
71 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
72 flags = INTERACTIVE,\r
73 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = 0;\r
74 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
75 endoneof;\r
76 endif;\r
77 oneof name = SecureBootMode,\r
20333c6d 78 questionid = KEY_SECURE_BOOT_MODE,\r
a365eed4
FS		 79 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
80 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
81 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
82 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
83 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
84 endoneof;\r
20333c6d 85\r
ecc722ad 86 //\r
87 //\r
88 // Display of 'Current Secure Boot Mode'\r
89 //\r
a365eed4 90 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
ecc722ad 91 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
92 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
93 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
94 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
95 flags = INTERACTIVE,\r
96 key = KEY_SECURE_BOOT_OPTION;\r
97 endif;\r
98 endif;\r
99 endform;\r
20333c6d 100\r
ecc722ad 101 //\r
102 // ##2 Form: 'Custom Secure Boot Options'\r
103 //\r
104 form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r
105 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r
20333c6d 106\r
ecc722ad 107 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 108\r
ecc722ad 109 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
110 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r
111 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r
112 flags = INTERACTIVE,\r
113 key = KEY_SECURE_BOOT_PK_OPTION;\r
20333c6d 114\r
ecc722ad 115 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 116\r
ecc722ad 117 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
118 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r
119 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r
120 flags = INTERACTIVE,\r
121 key = KEY_SECURE_BOOT_KEK_OPTION;\r
20333c6d 122\r
ecc722ad 123 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 124\r
ecc722ad 125 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
126 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r
127 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r
128 flags = INTERACTIVE,\r
129 key = KEY_SECURE_BOOT_DB_OPTION;\r
20333c6d 130\r
ecc722ad 131 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 132\r
ecc722ad 133 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
134 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r
135 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r
136 flags = INTERACTIVE,\r
137 key = KEY_SECURE_BOOT_DBX_OPTION;\r
138\r
20333c6d
QL		 139 subtitle text = STRING_TOKEN(STR_NULL);\r
140\r
141 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
142 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r
143 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r
144 flags = INTERACTIVE,\r
145 key = KEY_SECURE_BOOT_DBT_OPTION;\r
146\r
ecc722ad 147 endform;\r
20333c6d 148\r
ecc722ad 149 //\r
150 // ##3 Form: 'PK Options'\r
151 //\r
152 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
153 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r
20333c6d 154\r
ecc722ad 155 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 156\r
ecc722ad 157 //\r
158 // Define of Check Box: 'Delete PK'\r
159 //\r
160 suppressif TRUE;\r
161 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
162 prompt = STRING_TOKEN(STR_NULL),\r
163 help = STRING_TOKEN(STR_NULL),\r
164 endcheckbox;\r
165 endif;\r
20333c6d 166\r
ecc722ad 167 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
168 goto FORMID_ENROLL_PK_FORM,\r
169 prompt = STRING_TOKEN(STR_ENROLL_PK),\r
170 help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r
171 flags = INTERACTIVE,\r
172 key = KEY_ENROLL_PK;\r
173 endif;\r
20333c6d 174\r
ecc722ad 175 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 176\r
ecc722ad 177 //\r
20333c6d 178 // Display of Check Box: 'Delete Pk'\r
ecc722ad 179 //\r
180 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
181 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
182 questionid = KEY_SECURE_BOOT_DELETE_PK,\r
20333c6d 183 prompt = STRING_TOKEN(STR_DELETE_PK),\r
ecc722ad 184 help = STRING_TOKEN(STR_DELETE_PK_HELP),\r
0fb450fb 185 flags = INTERACTIVE | RESET_REQUIRED,\r
beda2356 186 endcheckbox;\r
187 endif;\r
ecc722ad 188 endform;\r
20333c6d 189\r
ecc722ad 190 //\r
191 // ##4 Form: 'Enroll PK'\r
192 //\r
193 form formid = FORMID_ENROLL_PK_FORM,\r
194 title = STRING_TOKEN(STR_ENROLL_PK);\r
20333c6d 195\r
ecc722ad 196 subtitle text = STRING_TOKEN(STR_NULL);\r
197\r
198 goto FORM_FILE_EXPLORER_ID_PK,\r
199 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
200 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
201 flags = INTERACTIVE,\r
202 key = SECUREBOOT_ADD_PK_FILE_FORM_ID;\r
203 endform;\r
20333c6d 204\r
ecc722ad 205 //\r
206 // ##5 Form: 'KEK Options'\r
207 //\r
208 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
209 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r
210\r
211 //\r
20333c6d 212 // Display of 'Enroll KEK'\r
ecc722ad 213 //\r
214 goto FORMID_ENROLL_KEK_FORM,\r
215 prompt = STRING_TOKEN(STR_ENROLL_KEK),\r
216 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r
217 flags = INTERACTIVE;\r
20333c6d
QL		 218\r
219 subtitle text = STRING_TOKEN(STR_NULL);\r
220\r
ecc722ad 221 //\r
20333c6d 222 // Display of 'Delete KEK'\r
ecc722ad 223 //\r
224 goto FORMID_DELETE_KEK_FORM,\r
225 prompt = STRING_TOKEN(STR_DELETE_KEK),\r
226 help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r
227 flags = INTERACTIVE,\r
228 key = KEY_DELETE_KEK;\r
20333c6d
QL		 229\r
230 subtitle text = STRING_TOKEN(STR_NULL);\r
ecc722ad 231 endform;\r
232\r
233 //\r
20333c6d 234 // ##6 Form: 'Enroll KEK'\r
ecc722ad 235 //\r
236 form formid = FORMID_ENROLL_KEK_FORM,\r
237 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r
238\r
239 subtitle text = STRING_TOKEN(STR_NULL);\r
240\r
241 goto FORM_FILE_EXPLORER_ID_KEK,\r
242 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
243 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
244 flags = INTERACTIVE,\r
245 key = FORMID_ENROLL_KEK_FORM;\r
246\r
247 subtitle text = STRING_TOKEN(STR_NULL);\r
248 label FORMID_ENROLL_KEK_FORM;\r
249 label LABEL_END;\r
250 subtitle text = STRING_TOKEN(STR_NULL);\r
251\r
252 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
253 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
254 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
255 flags = INTERACTIVE,\r
256 key = KEY_SECURE_BOOT_KEK_GUID,\r
257 minsize = SECURE_BOOT_GUID_SIZE,\r
258 maxsize = SECURE_BOOT_GUID_SIZE,\r
259 endstring;\r
260\r
261 subtitle text = STRING_TOKEN(STR_NULL);\r
262 subtitle text = STRING_TOKEN(STR_NULL);\r
263\r
264 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
265 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
266 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
267 flags = INTERACTIVE,\r
268 key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r
20333c6d 269\r
ecc722ad 270 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
271 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
272 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
273 flags = INTERACTIVE,\r
274 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r
275\r
276 endform;\r
277\r
278 //\r
279 // ##7 Form: 'Delete KEK'\r
20333c6d 280 //\r
ecc722ad 281 form formid = FORMID_DELETE_KEK_FORM,\r
282 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r
283\r
284 label LABEL_KEK_DELETE;\r
285 label LABEL_END;\r
20333c6d 286\r
ecc722ad 287 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 288\r
ecc722ad 289 endform;\r
290\r
291 //\r
292 // ##8 Form: 'DB Options'\r
293 //\r
294 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
295 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r
296\r
297 subtitle text = STRING_TOKEN(STR_NULL);\r
298\r
299 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
300 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
301 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
302 flags = 0;\r
303\r
304 subtitle text = STRING_TOKEN(STR_NULL);\r
305\r
306 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
307 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
308 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
309 flags = INTERACTIVE,\r
310 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r
20333c6d 311\r
ecc722ad 312 endform;\r
313\r
314 //\r
315 // ##9 Form: 'DBX Options'\r
316 //\r
317 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
318 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r
319\r
320 subtitle text = STRING_TOKEN(STR_NULL);\r
321\r
322 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
323 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
324 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
325 flags = 0;\r
326\r
327 subtitle text = STRING_TOKEN(STR_NULL);\r
328\r
329 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
330 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
331 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
332 flags = INTERACTIVE,\r
333 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;\r
334\r
335 endform;\r
336\r
20333c6d
QL		 337 //\r
338 // ##9 Form: 'DBT Options'\r
339 //\r
340 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
341 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r
342\r
343 subtitle text = STRING_TOKEN(STR_NULL);\r
344\r
345 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
346 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
347 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
348 flags = 0;\r
349\r
350 subtitle text = STRING_TOKEN(STR_NULL);\r
351\r
352 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
353 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
354 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
355 flags = INTERACTIVE,\r
356 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r
357\r
358 endform;\r
359\r
ecc722ad 360 //\r
361 // Form: 'Delete Signature' for DB Options.\r
362 //\r
363 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
364 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
365\r
366 label LABEL_DB_DELETE;\r
367 label LABEL_END;\r
368 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 369\r
ecc722ad 370 endform;\r
371\r
372 //\r
373 // Form: 'Delete Signature' for DBX Options.\r
374 //\r
375 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
376 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
377\r
378 label LABEL_DBX_DELETE;\r
379 label LABEL_END;\r
380 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d
QL		 381\r
382 endform;\r
383\r
384 //\r
385 // Form: 'Delete Signature' for DBT Options.\r
386 //\r
387 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
388 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
389\r
390 label LABEL_DBT_DELETE;\r
391 label LABEL_END;\r
392 subtitle text = STRING_TOKEN(STR_NULL);\r
393\r
ecc722ad 394 endform;\r
395\r
396 //\r
397 // Form: 'Enroll Signature' for DB options.\r
398 //\r
399 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
400 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
401\r
402 subtitle text = STRING_TOKEN(STR_NULL);\r
403\r
404 goto FORM_FILE_EXPLORER_ID_DB,\r
405 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
406 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
407 flags = INTERACTIVE,\r
408 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
409\r
410 subtitle text = STRING_TOKEN(STR_NULL);\r
411 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
412 label LABEL_END;\r
413 subtitle text = STRING_TOKEN(STR_NULL);\r
414\r
415 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
416 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
417 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
418 flags = INTERACTIVE,\r
419 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r
420 minsize = SECURE_BOOT_GUID_SIZE,\r
421 maxsize = SECURE_BOOT_GUID_SIZE,\r
422 endstring;\r
423\r
424 subtitle text = STRING_TOKEN(STR_NULL);\r
425 subtitle text = STRING_TOKEN(STR_NULL);\r
426\r
427 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
428 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
429 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
430 flags = INTERACTIVE,\r
431 key = KEY_VALUE_SAVE_AND_EXIT_DB;\r
20333c6d 432\r
ecc722ad 433 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
434 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
435 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
436 flags = INTERACTIVE,\r
437 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r
438\r
439 endform;\r
440\r
441 //\r
442 // Form: 'Enroll Signature' for DBX options.\r
443 //\r
444 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
445 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
446\r
447 subtitle text = STRING_TOKEN(STR_NULL);\r
448\r
449 goto FORM_FILE_EXPLORER_ID_DBX,\r
450 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
451 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
452 flags = INTERACTIVE,\r
453 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
454\r
ecc722ad 455 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
456 label LABEL_END;\r
457 subtitle text = STRING_TOKEN(STR_NULL);\r
458\r
459 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
460 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
461 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
462 flags = INTERACTIVE,\r
463 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
464 minsize = SECURE_BOOT_GUID_SIZE,\r
465 maxsize = SECURE_BOOT_GUID_SIZE,\r
466 endstring;\r
467\r
20333c6d
QL		 468 oneof name = SignatureFormatInDbx,\r
469 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
470 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
471 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
472 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;\r
473 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;\r
474 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;\r
475 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;\r
476 endoneof;\r
477\r
478 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;\r
479 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
480 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
481 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
482 flags = INTERACTIVE,\r
483 endcheckbox;\r
484\r
485 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r
486 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r
487 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r
488 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r
489 flags = STORAGE_NORMAL,\r
490 enddate;\r
491\r
492 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r
493 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r
494 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r
495 flags = STORAGE_NORMAL,\r
496 endtime;\r
497 endif;\r
498 endif;\r
499\r
ecc722ad 500 subtitle text = STRING_TOKEN(STR_NULL);\r
501 subtitle text = STRING_TOKEN(STR_NULL);\r
502\r
503 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
504 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
505 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
506 flags = INTERACTIVE,\r
507 key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r
20333c6d 508\r
ecc722ad 509 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
510 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
511 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
512 flags = INTERACTIVE,\r
513 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r
514\r
515 endform;\r
516\r
20333c6d
QL		 517 //\r
518 // Form: 'Enroll Signature' for DBT options.\r
519 //\r
520 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
521 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
522\r
523 subtitle text = STRING_TOKEN(STR_NULL);\r
524\r
525 goto FORM_FILE_EXPLORER_ID_DBT,\r
526 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
527 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
528 flags = INTERACTIVE,\r
529 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
530\r
531 subtitle text = STRING_TOKEN(STR_NULL);\r
532 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
533 label LABEL_END;\r
534 subtitle text = STRING_TOKEN(STR_NULL);\r
535\r
536 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
537 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
538 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
539 flags = INTERACTIVE,\r
540 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r
541 minsize = SECURE_BOOT_GUID_SIZE,\r
542 maxsize = SECURE_BOOT_GUID_SIZE,\r
543 endstring;\r
544\r
545 subtitle text = STRING_TOKEN(STR_NULL);\r
546 subtitle text = STRING_TOKEN(STR_NULL);\r
547\r
548 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
549 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
550 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
551 flags = INTERACTIVE,\r
552 key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r
553\r
554 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
555 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
556 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
557 flags = INTERACTIVE,\r
558 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r
559\r
560 endform;\r
561\r
ecc722ad 562 //\r
563 // File Explorer for PK\r
564 //\r
565 form formid = FORM_FILE_EXPLORER_ID_PK,\r
566 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
567\r
568 label FORM_FILE_EXPLORER_ID;\r
569 label LABEL_END;\r
570 endform;\r
20333c6d 571\r
ecc722ad 572 //\r
573 // File Explorer for KEK\r
574 //\r
575 form formid = FORM_FILE_EXPLORER_ID_KEK,\r
576 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
577\r
578 label FORM_FILE_EXPLORER_ID;\r
579 label LABEL_END;\r
580 endform;\r
581\r
582 //\r
583 // File Explorer for DB\r
584 //\r
585 form formid = FORM_FILE_EXPLORER_ID_DB,\r
586 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
587\r
588 label FORM_FILE_EXPLORER_ID;\r
589 label LABEL_END;\r
590 endform;\r
591\r
592 //\r
593 // File Explorer for DBX\r
594 //\r
595 form formid = FORM_FILE_EXPLORER_ID_DBX,\r
596 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
597\r
598 label FORM_FILE_EXPLORER_ID;\r
599 label LABEL_END;\r
600 endform;\r
601\r
20333c6d
QL		 602 //\r
603 // File Explorer for DBT\r
604 //\r
605 form formid = FORM_FILE_EXPLORER_ID_DBT,\r
606 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
607\r
608 label FORM_FILE_EXPLORER_ID;\r
609 label LABEL_END;\r
610 endform;\r
ecc722ad 611\r
612 //\r
613 // Enroll Pk from File Commit Form\r
614 //\r
615 form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,\r
616 title = STRING_TOKEN(STR_SAVE_PK_FILE);\r
617\r
618 label SECUREBOOT_ADD_PK_FILE_FORM_ID;\r
619 label LABEL_END;\r
20333c6d 620\r
ecc722ad 621 subtitle text = STRING_TOKEN(STR_NULL);\r
622\r
623 text\r
624 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
625 text = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
20333c6d 626 text = STRING_TOKEN(STR_NULL),\r
ecc722ad 627 flags = INTERACTIVE,\r
628 key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
629\r
630 text\r
631 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
632 text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
20333c6d 633 text = STRING_TOKEN(STR_NULL),\r
ecc722ad 634 flags = INTERACTIVE,\r
635 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
beda2356 636\r
637 endform;\r
638\r
20333c6d 639endformset;
EFI Development Kit II mirror for PVE