]>
Commit | Line | Data |
---|---|---|
beda2356 | 1 | /** @file\r |
2 | VFR file used by the SecureBoot configuration component.\r | |
3 | \r | |
20333c6d QL |
4 | Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>\r |
5 | This program and the accompanying materials\r | |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
beda2356 | 8 | http://opensource.org/licenses/bsd-license.php\r |
9 | \r | |
20333c6d | 10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r |
beda2356 | 11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #include "SecureBootConfigNvData.h"\r | |
16 | \r | |
17 | formset\r | |
18 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r | |
19 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r | |
20 | help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r | |
21 | classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r | |
22 | \r | |
23 | varstore SECUREBOOT_CONFIGURATION,\r | |
24 | varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r | |
25 | name = SECUREBOOT_CONFIGURATION,\r | |
26 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r | |
20333c6d | 27 | \r |
ecc722ad | 28 | //\r |
29 | // ##1 Form "Secure Boot Configuration"\r | |
30 | //\r | |
beda2356 | 31 | form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r |
32 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r | |
33 | \r | |
34 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
f71ed839 | 35 | \r |
36 | text\r | |
37 | help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r | |
38 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r | |
39 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r | |
20333c6d | 40 | \r |
ecc722ad | 41 | //\r |
42 | // Define of Check Box: Attempt Secure Boot\r | |
43 | //\r | |
beda2356 | 44 | suppressif TRUE;\r |
45 | checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,\r | |
a2f2c258 | 46 | questionid = KEY_HIDE_SECURE_BOOT,\r |
beda2356 | 47 | prompt = STRING_TOKEN(STR_NULL),\r |
48 | help = STRING_TOKEN(STR_NULL),\r | |
a2f2c258 | 49 | flags = INTERACTIVE,\r |
beda2356 | 50 | endcheckbox;\r |
20333c6d QL |
51 | endif;\r |
52 | \r | |
ecc722ad | 53 | //\r |
54 | // Display of Check Box: Attempt Secure Boot\r | |
55 | //\r | |
beda2356 | 56 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r |
f71ed839 | 57 | checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r |
beda2356 | 58 | questionid = KEY_SECURE_BOOT_ENABLE,\r |
59 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r | |
60 | help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r | |
8f8ca22e | 61 | flags = INTERACTIVE | RESET_REQUIRED,\r |
ecc722ad | 62 | endcheckbox;\r |
63 | endif;\r | |
20333c6d | 64 | \r |
ecc722ad | 65 | //\r |
66 | // Display of Oneof: 'Secure Boot Mode'\r | |
67 | //\r | |
a365eed4 FS |
68 | disableif TRUE;\r |
69 | oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,\r | |
70 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r | |
71 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
72 | flags = INTERACTIVE,\r | |
73 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = 0;\r | |
74 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
75 | endoneof;\r | |
76 | endif;\r | |
77 | oneof name = SecureBootMode,\r | |
20333c6d | 78 | questionid = KEY_SECURE_BOOT_MODE,\r |
a365eed4 FS |
79 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r |
80 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
81 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
82 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r | |
83 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
84 | endoneof;\r | |
20333c6d | 85 | \r |
ecc722ad | 86 | //\r |
87 | //\r | |
88 | // Display of 'Current Secure Boot Mode'\r | |
89 | //\r | |
a365eed4 | 90 | suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r |
ecc722ad | 91 | grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
92 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
93 | prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r | |
94 | help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r | |
95 | flags = INTERACTIVE,\r | |
96 | key = KEY_SECURE_BOOT_OPTION;\r | |
97 | endif;\r | |
98 | endif;\r | |
99 | endform;\r | |
20333c6d | 100 | \r |
ecc722ad | 101 | //\r |
102 | // ##2 Form: 'Custom Secure Boot Options'\r | |
103 | //\r | |
104 | form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r | |
105 | title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r | |
20333c6d | 106 | \r |
ecc722ad | 107 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 108 | \r |
ecc722ad | 109 | goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r |
110 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r | |
111 | help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r | |
112 | flags = INTERACTIVE,\r | |
113 | key = KEY_SECURE_BOOT_PK_OPTION;\r | |
20333c6d | 114 | \r |
ecc722ad | 115 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 116 | \r |
ecc722ad | 117 | goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r |
118 | prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r | |
119 | help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r | |
120 | flags = INTERACTIVE,\r | |
121 | key = KEY_SECURE_BOOT_KEK_OPTION;\r | |
20333c6d | 122 | \r |
ecc722ad | 123 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 124 | \r |
ecc722ad | 125 | goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r |
126 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r | |
127 | help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r | |
128 | flags = INTERACTIVE,\r | |
129 | key = KEY_SECURE_BOOT_DB_OPTION;\r | |
20333c6d | 130 | \r |
ecc722ad | 131 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 132 | \r |
ecc722ad | 133 | goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r |
134 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r | |
135 | help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r | |
136 | flags = INTERACTIVE,\r | |
137 | key = KEY_SECURE_BOOT_DBX_OPTION;\r | |
138 | \r | |
20333c6d QL |
139 | subtitle text = STRING_TOKEN(STR_NULL);\r |
140 | \r | |
141 | goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
142 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r | |
143 | help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r | |
144 | flags = INTERACTIVE,\r | |
145 | key = KEY_SECURE_BOOT_DBT_OPTION;\r | |
146 | \r | |
ecc722ad | 147 | endform;\r |
20333c6d | 148 | \r |
ecc722ad | 149 | //\r |
150 | // ##3 Form: 'PK Options'\r | |
151 | //\r | |
152 | form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
153 | title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r | |
20333c6d | 154 | \r |
ecc722ad | 155 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 156 | \r |
ecc722ad | 157 | //\r |
158 | // Define of Check Box: 'Delete PK'\r | |
159 | //\r | |
160 | suppressif TRUE;\r | |
161 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
162 | prompt = STRING_TOKEN(STR_NULL),\r | |
163 | help = STRING_TOKEN(STR_NULL),\r | |
164 | endcheckbox;\r | |
165 | endif;\r | |
20333c6d | 166 | \r |
ecc722ad | 167 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r |
168 | goto FORMID_ENROLL_PK_FORM,\r | |
169 | prompt = STRING_TOKEN(STR_ENROLL_PK),\r | |
170 | help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r | |
171 | flags = INTERACTIVE,\r | |
172 | key = KEY_ENROLL_PK;\r | |
173 | endif;\r | |
20333c6d | 174 | \r |
ecc722ad | 175 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 176 | \r |
ecc722ad | 177 | //\r |
20333c6d | 178 | // Display of Check Box: 'Delete Pk'\r |
ecc722ad | 179 | //\r |
180 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r | |
181 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
182 | questionid = KEY_SECURE_BOOT_DELETE_PK,\r | |
20333c6d | 183 | prompt = STRING_TOKEN(STR_DELETE_PK),\r |
ecc722ad | 184 | help = STRING_TOKEN(STR_DELETE_PK_HELP),\r |
0fb450fb | 185 | flags = INTERACTIVE | RESET_REQUIRED,\r |
beda2356 | 186 | endcheckbox;\r |
187 | endif;\r | |
ecc722ad | 188 | endform;\r |
20333c6d | 189 | \r |
ecc722ad | 190 | //\r |
191 | // ##4 Form: 'Enroll PK'\r | |
192 | //\r | |
193 | form formid = FORMID_ENROLL_PK_FORM,\r | |
194 | title = STRING_TOKEN(STR_ENROLL_PK);\r | |
20333c6d | 195 | \r |
ecc722ad | 196 | subtitle text = STRING_TOKEN(STR_NULL);\r |
197 | \r | |
198 | goto FORM_FILE_EXPLORER_ID_PK,\r | |
199 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
200 | help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
201 | flags = INTERACTIVE,\r | |
202 | key = SECUREBOOT_ADD_PK_FILE_FORM_ID;\r | |
203 | endform;\r | |
20333c6d | 204 | \r |
ecc722ad | 205 | //\r |
206 | // ##5 Form: 'KEK Options'\r | |
207 | //\r | |
208 | form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
209 | title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r | |
210 | \r | |
211 | //\r | |
20333c6d | 212 | // Display of 'Enroll KEK'\r |
ecc722ad | 213 | //\r |
214 | goto FORMID_ENROLL_KEK_FORM,\r | |
215 | prompt = STRING_TOKEN(STR_ENROLL_KEK),\r | |
216 | help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r | |
217 | flags = INTERACTIVE;\r | |
20333c6d QL |
218 | \r |
219 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
220 | \r | |
ecc722ad | 221 | //\r |
20333c6d | 222 | // Display of 'Delete KEK'\r |
ecc722ad | 223 | //\r |
224 | goto FORMID_DELETE_KEK_FORM,\r | |
225 | prompt = STRING_TOKEN(STR_DELETE_KEK),\r | |
226 | help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r | |
227 | flags = INTERACTIVE,\r | |
228 | key = KEY_DELETE_KEK;\r | |
20333c6d QL |
229 | \r |
230 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 231 | endform;\r |
232 | \r | |
233 | //\r | |
20333c6d | 234 | // ##6 Form: 'Enroll KEK'\r |
ecc722ad | 235 | //\r |
236 | form formid = FORMID_ENROLL_KEK_FORM,\r | |
237 | title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r | |
238 | \r | |
239 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
240 | \r | |
241 | goto FORM_FILE_EXPLORER_ID_KEK,\r | |
242 | prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r | |
243 | help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r | |
244 | flags = INTERACTIVE,\r | |
245 | key = FORMID_ENROLL_KEK_FORM;\r | |
246 | \r | |
247 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
248 | label FORMID_ENROLL_KEK_FORM;\r | |
249 | label LABEL_END;\r | |
250 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
251 | \r | |
252 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
253 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
254 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
255 | flags = INTERACTIVE,\r | |
256 | key = KEY_SECURE_BOOT_KEK_GUID,\r | |
257 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
258 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
259 | endstring;\r | |
260 | \r | |
261 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
262 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
263 | \r | |
264 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
265 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
266 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
267 | flags = INTERACTIVE,\r | |
268 | key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r | |
20333c6d | 269 | \r |
ecc722ad | 270 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
271 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
272 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
273 | flags = INTERACTIVE,\r | |
274 | key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r | |
275 | \r | |
276 | endform;\r | |
277 | \r | |
278 | //\r | |
279 | // ##7 Form: 'Delete KEK'\r | |
20333c6d | 280 | //\r |
ecc722ad | 281 | form formid = FORMID_DELETE_KEK_FORM,\r |
282 | title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r | |
283 | \r | |
284 | label LABEL_KEK_DELETE;\r | |
285 | label LABEL_END;\r | |
20333c6d | 286 | \r |
ecc722ad | 287 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 288 | \r |
ecc722ad | 289 | endform;\r |
290 | \r | |
291 | //\r | |
292 | // ##8 Form: 'DB Options'\r | |
293 | //\r | |
294 | form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
295 | title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r | |
296 | \r | |
297 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
298 | \r | |
299 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
300 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
301 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
302 | flags = 0;\r | |
303 | \r | |
304 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
305 | \r | |
306 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
307 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
308 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
309 | flags = INTERACTIVE,\r | |
310 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r | |
20333c6d | 311 | \r |
ecc722ad | 312 | endform;\r |
313 | \r | |
314 | //\r | |
315 | // ##9 Form: 'DBX Options'\r | |
316 | //\r | |
317 | form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
318 | title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r | |
319 | \r | |
320 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
321 | \r | |
322 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
323 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
324 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
325 | flags = 0;\r | |
326 | \r | |
327 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
328 | \r | |
329 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
330 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
331 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
332 | flags = INTERACTIVE,\r | |
333 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;\r | |
334 | \r | |
335 | endform;\r | |
336 | \r | |
20333c6d QL |
337 | //\r |
338 | // ##9 Form: 'DBT Options'\r | |
339 | //\r | |
340 | form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
341 | title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r | |
342 | \r | |
343 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
344 | \r | |
345 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
346 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
347 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
348 | flags = 0;\r | |
349 | \r | |
350 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
351 | \r | |
352 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
353 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
354 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
355 | flags = INTERACTIVE,\r | |
356 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r | |
357 | \r | |
358 | endform;\r | |
359 | \r | |
ecc722ad | 360 | //\r |
361 | // Form: 'Delete Signature' for DB Options.\r | |
362 | //\r | |
363 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
364 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
365 | \r | |
366 | label LABEL_DB_DELETE;\r | |
367 | label LABEL_END;\r | |
368 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d | 369 | \r |
ecc722ad | 370 | endform;\r |
371 | \r | |
372 | //\r | |
373 | // Form: 'Delete Signature' for DBX Options.\r | |
374 | //\r | |
375 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
376 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
377 | \r | |
378 | label LABEL_DBX_DELETE;\r | |
379 | label LABEL_END;\r | |
380 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d QL |
381 | \r |
382 | endform;\r | |
383 | \r | |
384 | //\r | |
385 | // Form: 'Delete Signature' for DBT Options.\r | |
386 | //\r | |
387 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
388 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
389 | \r | |
390 | label LABEL_DBT_DELETE;\r | |
391 | label LABEL_END;\r | |
392 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
393 | \r | |
ecc722ad | 394 | endform;\r |
395 | \r | |
396 | //\r | |
397 | // Form: 'Enroll Signature' for DB options.\r | |
398 | //\r | |
399 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
400 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
401 | \r | |
402 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
403 | \r | |
404 | goto FORM_FILE_EXPLORER_ID_DB,\r | |
405 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
406 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
407 | flags = INTERACTIVE,\r | |
408 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
409 | \r | |
410 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
411 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
412 | label LABEL_END;\r | |
413 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
414 | \r | |
415 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
416 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
417 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
418 | flags = INTERACTIVE,\r | |
419 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r | |
420 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
421 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
422 | endstring;\r | |
423 | \r | |
424 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
425 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
426 | \r | |
427 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
428 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
429 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
430 | flags = INTERACTIVE,\r | |
431 | key = KEY_VALUE_SAVE_AND_EXIT_DB;\r | |
20333c6d | 432 | \r |
ecc722ad | 433 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
434 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
435 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
436 | flags = INTERACTIVE,\r | |
437 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r | |
438 | \r | |
439 | endform;\r | |
440 | \r | |
441 | //\r | |
442 | // Form: 'Enroll Signature' for DBX options.\r | |
443 | //\r | |
444 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
445 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
446 | \r | |
447 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
448 | \r | |
449 | goto FORM_FILE_EXPLORER_ID_DBX,\r | |
450 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
451 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
452 | flags = INTERACTIVE,\r | |
453 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
454 | \r | |
ecc722ad | 455 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r |
456 | label LABEL_END;\r | |
457 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
458 | \r | |
459 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
460 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
461 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
462 | flags = INTERACTIVE,\r | |
463 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r | |
464 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
465 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
466 | endstring;\r | |
467 | \r | |
20333c6d QL |
468 | oneof name = SignatureFormatInDbx,\r |
469 | varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r | |
470 | prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r | |
471 | help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r | |
472 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;\r | |
473 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;\r | |
474 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;\r | |
475 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;\r | |
476 | endoneof;\r | |
477 | \r | |
478 | suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;\r | |
479 | checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r | |
480 | prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r | |
481 | help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r | |
482 | flags = INTERACTIVE,\r | |
483 | endcheckbox;\r | |
484 | \r | |
485 | suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r | |
486 | date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r | |
487 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r | |
488 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r | |
489 | flags = STORAGE_NORMAL,\r | |
490 | enddate;\r | |
491 | \r | |
492 | time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r | |
493 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r | |
494 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r | |
495 | flags = STORAGE_NORMAL,\r | |
496 | endtime;\r | |
497 | endif;\r | |
498 | endif;\r | |
499 | \r | |
ecc722ad | 500 | subtitle text = STRING_TOKEN(STR_NULL);\r |
501 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
502 | \r | |
503 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
504 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
505 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
506 | flags = INTERACTIVE,\r | |
507 | key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r | |
20333c6d | 508 | \r |
ecc722ad | 509 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
510 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
511 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
512 | flags = INTERACTIVE,\r | |
513 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r | |
514 | \r | |
515 | endform;\r | |
516 | \r | |
20333c6d QL |
517 | //\r |
518 | // Form: 'Enroll Signature' for DBT options.\r | |
519 | //\r | |
520 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
521 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
522 | \r | |
523 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
524 | \r | |
525 | goto FORM_FILE_EXPLORER_ID_DBT,\r | |
526 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
527 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
528 | flags = INTERACTIVE,\r | |
529 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
530 | \r | |
531 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
532 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
533 | label LABEL_END;\r | |
534 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
535 | \r | |
536 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
537 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
538 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
539 | flags = INTERACTIVE,\r | |
540 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r | |
541 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
542 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
543 | endstring;\r | |
544 | \r | |
545 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
546 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
547 | \r | |
548 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
549 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
550 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
551 | flags = INTERACTIVE,\r | |
552 | key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r | |
553 | \r | |
554 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
555 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
556 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
557 | flags = INTERACTIVE,\r | |
558 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r | |
559 | \r | |
560 | endform;\r | |
561 | \r | |
ecc722ad | 562 | //\r |
563 | // File Explorer for PK\r | |
564 | //\r | |
565 | form formid = FORM_FILE_EXPLORER_ID_PK,\r | |
566 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
567 | \r | |
568 | label FORM_FILE_EXPLORER_ID;\r | |
569 | label LABEL_END;\r | |
570 | endform;\r | |
20333c6d | 571 | \r |
ecc722ad | 572 | //\r |
573 | // File Explorer for KEK\r | |
574 | //\r | |
575 | form formid = FORM_FILE_EXPLORER_ID_KEK,\r | |
576 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
577 | \r | |
578 | label FORM_FILE_EXPLORER_ID;\r | |
579 | label LABEL_END;\r | |
580 | endform;\r | |
581 | \r | |
582 | //\r | |
583 | // File Explorer for DB\r | |
584 | //\r | |
585 | form formid = FORM_FILE_EXPLORER_ID_DB,\r | |
586 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
587 | \r | |
588 | label FORM_FILE_EXPLORER_ID;\r | |
589 | label LABEL_END;\r | |
590 | endform;\r | |
591 | \r | |
592 | //\r | |
593 | // File Explorer for DBX\r | |
594 | //\r | |
595 | form formid = FORM_FILE_EXPLORER_ID_DBX,\r | |
596 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
597 | \r | |
598 | label FORM_FILE_EXPLORER_ID;\r | |
599 | label LABEL_END;\r | |
600 | endform;\r | |
601 | \r | |
20333c6d QL |
602 | //\r |
603 | // File Explorer for DBT\r | |
604 | //\r | |
605 | form formid = FORM_FILE_EXPLORER_ID_DBT,\r | |
606 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
607 | \r | |
608 | label FORM_FILE_EXPLORER_ID;\r | |
609 | label LABEL_END;\r | |
610 | endform;\r | |
ecc722ad | 611 | \r |
612 | //\r | |
613 | // Enroll Pk from File Commit Form\r | |
614 | //\r | |
615 | form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,\r | |
616 | title = STRING_TOKEN(STR_SAVE_PK_FILE);\r | |
617 | \r | |
618 | label SECUREBOOT_ADD_PK_FILE_FORM_ID;\r | |
619 | label LABEL_END;\r | |
20333c6d | 620 | \r |
ecc722ad | 621 | subtitle text = STRING_TOKEN(STR_NULL);\r |
622 | \r | |
623 | text\r | |
624 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
625 | text = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
20333c6d | 626 | text = STRING_TOKEN(STR_NULL),\r |
ecc722ad | 627 | flags = INTERACTIVE,\r |
628 | key = KEY_VALUE_SAVE_AND_EXIT_PK;\r | |
629 | \r | |
630 | text\r | |
631 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
632 | text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
20333c6d | 633 | text = STRING_TOKEN(STR_NULL),\r |
ecc722ad | 634 | flags = INTERACTIVE,\r |
635 | key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r | |
beda2356 | 636 | \r |
637 | endform;\r | |
638 | \r | |
20333c6d | 639 | endformset; |