]>
Commit | Line | Data |
---|---|---|
beda2356 | 1 | /** @file\r |
2 | VFR file used by the SecureBoot configuration component.\r | |
3 | \r | |
b3548d32 | 4 | Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r |
289b714b | 5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
beda2356 | 6 | \r |
7 | **/\r | |
8 | \r | |
9 | #include "SecureBootConfigNvData.h"\r | |
10 | \r | |
11 | formset\r | |
12 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r | |
13 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r | |
14 | help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r | |
15 | classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r | |
16 | \r | |
17 | varstore SECUREBOOT_CONFIGURATION,\r | |
18 | varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r | |
19 | name = SECUREBOOT_CONFIGURATION,\r | |
20 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r | |
20333c6d | 21 | \r |
ecc722ad | 22 | //\r |
23 | // ##1 Form "Secure Boot Configuration"\r | |
24 | //\r | |
beda2356 | 25 | form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r |
26 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r | |
27 | \r | |
28 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
f71ed839 | 29 | \r |
30 | text\r | |
31 | help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r | |
32 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r | |
33 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r | |
20333c6d | 34 | \r |
ecc722ad | 35 | //\r |
36 | // Display of Check Box: Attempt Secure Boot\r | |
37 | //\r | |
e8903bb7 | 38 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
f71ed839 | 39 | checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r |
beda2356 | 40 | questionid = KEY_SECURE_BOOT_ENABLE,\r |
41 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r | |
42 | help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r | |
8f8ca22e | 43 | flags = INTERACTIVE | RESET_REQUIRED,\r |
ecc722ad | 44 | endcheckbox;\r |
45 | endif;\r | |
20333c6d | 46 | \r |
ecc722ad | 47 | //\r |
48 | // Display of Oneof: 'Secure Boot Mode'\r | |
49 | //\r | |
142d2dcb CZ |
50 | oneof name = SecureBootMode,\r |
51 | questionid = KEY_SECURE_BOOT_MODE,\r | |
52 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r | |
53 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
54 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
55 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r | |
56 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
57 | endoneof;\r | |
20333c6d | 58 | \r |
ecc722ad | 59 | //\r |
12087ff6 | 60 | // Display of 'Current Secure Boot Mode'\r |
ecc722ad | 61 | //\r |
a365eed4 | 62 | suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r |
96832eef CZ |
63 | grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
64 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
65 | prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r | |
66 | help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r | |
67 | flags = INTERACTIVE,\r | |
68 | key = KEY_SECURE_BOOT_OPTION;\r | |
69 | endif;\r | |
ecc722ad | 70 | endif;\r |
96832eef | 71 | \r |
ecc722ad | 72 | endform;\r |
20333c6d | 73 | \r |
ecc722ad | 74 | //\r |
75 | // ##2 Form: 'Custom Secure Boot Options'\r | |
76 | //\r | |
77 | form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r | |
78 | title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r | |
20333c6d | 79 | \r |
ecc722ad | 80 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 81 | \r |
ecc722ad | 82 | goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r |
83 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r | |
84 | help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r | |
85 | flags = INTERACTIVE,\r | |
86 | key = KEY_SECURE_BOOT_PK_OPTION;\r | |
20333c6d | 87 | \r |
ecc722ad | 88 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 89 | \r |
ecc722ad | 90 | goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r |
91 | prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r | |
92 | help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r | |
93 | flags = INTERACTIVE,\r | |
94 | key = KEY_SECURE_BOOT_KEK_OPTION;\r | |
20333c6d | 95 | \r |
ecc722ad | 96 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 97 | \r |
ecc722ad | 98 | goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r |
99 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r | |
100 | help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r | |
101 | flags = INTERACTIVE,\r | |
102 | key = KEY_SECURE_BOOT_DB_OPTION;\r | |
20333c6d | 103 | \r |
ecc722ad | 104 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 105 | \r |
ecc722ad | 106 | goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r |
107 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r | |
108 | help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r | |
109 | flags = INTERACTIVE,\r | |
110 | key = KEY_SECURE_BOOT_DBX_OPTION;\r | |
111 | \r | |
20333c6d QL |
112 | subtitle text = STRING_TOKEN(STR_NULL);\r |
113 | \r | |
114 | goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
115 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r | |
116 | help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r | |
117 | flags = INTERACTIVE,\r | |
118 | key = KEY_SECURE_BOOT_DBT_OPTION;\r | |
119 | \r | |
ecc722ad | 120 | endform;\r |
20333c6d | 121 | \r |
ecc722ad | 122 | //\r |
123 | // ##3 Form: 'PK Options'\r | |
124 | //\r | |
125 | form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
126 | title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r | |
20333c6d | 127 | \r |
ecc722ad | 128 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 129 | \r |
ecc722ad | 130 | //\r |
142d2dcb | 131 | // Display of 'Enroll PK'\r |
ecc722ad | 132 | //\r |
ecc722ad | 133 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r |
134 | goto FORMID_ENROLL_PK_FORM,\r | |
135 | prompt = STRING_TOKEN(STR_ENROLL_PK),\r | |
136 | help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r | |
137 | flags = INTERACTIVE,\r | |
138 | key = KEY_ENROLL_PK;\r | |
139 | endif;\r | |
20333c6d | 140 | \r |
ecc722ad | 141 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 142 | \r |
ecc722ad | 143 | //\r |
20333c6d | 144 | // Display of Check Box: 'Delete Pk'\r |
ecc722ad | 145 | //\r |
146 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r | |
147 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
148 | questionid = KEY_SECURE_BOOT_DELETE_PK,\r | |
20333c6d | 149 | prompt = STRING_TOKEN(STR_DELETE_PK),\r |
ecc722ad | 150 | help = STRING_TOKEN(STR_DELETE_PK_HELP),\r |
0fb450fb | 151 | flags = INTERACTIVE | RESET_REQUIRED,\r |
beda2356 | 152 | endcheckbox;\r |
153 | endif;\r | |
ecc722ad | 154 | endform;\r |
20333c6d | 155 | \r |
ecc722ad | 156 | //\r |
157 | // ##4 Form: 'Enroll PK'\r | |
158 | //\r | |
159 | form formid = FORMID_ENROLL_PK_FORM,\r | |
160 | title = STRING_TOKEN(STR_ENROLL_PK);\r | |
20333c6d | 161 | \r |
ecc722ad | 162 | subtitle text = STRING_TOKEN(STR_NULL);\r |
163 | \r | |
762d8ddb | 164 | goto FORMID_ENROLL_PK_FORM,\r |
ecc722ad | 165 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r |
166 | help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
167 | flags = INTERACTIVE,\r | |
762d8ddb DB |
168 | key = FORMID_ENROLL_PK_FORM;\r |
169 | \r | |
170 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
171 | label FORMID_ENROLL_PK_FORM;\r | |
172 | label LABEL_END;\r | |
173 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
174 | \r | |
175 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
176 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
177 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
178 | flags = INTERACTIVE| RESET_REQUIRED,\r | |
179 | key = KEY_VALUE_SAVE_AND_EXIT_PK;\r | |
180 | \r | |
181 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
182 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
183 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
184 | flags = INTERACTIVE,\r | |
185 | key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r | |
186 | \r | |
ecc722ad | 187 | endform;\r |
20333c6d | 188 | \r |
ecc722ad | 189 | //\r |
190 | // ##5 Form: 'KEK Options'\r | |
191 | //\r | |
192 | form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
193 | title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r | |
194 | \r | |
195 | //\r | |
20333c6d | 196 | // Display of 'Enroll KEK'\r |
ecc722ad | 197 | //\r |
198 | goto FORMID_ENROLL_KEK_FORM,\r | |
199 | prompt = STRING_TOKEN(STR_ENROLL_KEK),\r | |
200 | help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r | |
201 | flags = INTERACTIVE;\r | |
20333c6d QL |
202 | \r |
203 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
204 | \r | |
ecc722ad | 205 | //\r |
20333c6d | 206 | // Display of 'Delete KEK'\r |
ecc722ad | 207 | //\r |
208 | goto FORMID_DELETE_KEK_FORM,\r | |
209 | prompt = STRING_TOKEN(STR_DELETE_KEK),\r | |
210 | help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r | |
211 | flags = INTERACTIVE,\r | |
212 | key = KEY_DELETE_KEK;\r | |
20333c6d QL |
213 | \r |
214 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 215 | endform;\r |
216 | \r | |
217 | //\r | |
20333c6d | 218 | // ##6 Form: 'Enroll KEK'\r |
ecc722ad | 219 | //\r |
220 | form formid = FORMID_ENROLL_KEK_FORM,\r | |
221 | title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r | |
222 | \r | |
223 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
224 | \r | |
762d8ddb | 225 | goto FORMID_ENROLL_KEK_FORM,\r |
ecc722ad | 226 | prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r |
227 | help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r | |
228 | flags = INTERACTIVE,\r | |
229 | key = FORMID_ENROLL_KEK_FORM;\r | |
230 | \r | |
231 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
232 | label FORMID_ENROLL_KEK_FORM;\r | |
233 | label LABEL_END;\r | |
234 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
235 | \r | |
236 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
237 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
238 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
239 | flags = INTERACTIVE,\r | |
240 | key = KEY_SECURE_BOOT_KEK_GUID,\r | |
241 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
242 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
243 | endstring;\r | |
244 | \r | |
245 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
246 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
247 | \r | |
248 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
249 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
250 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
251 | flags = INTERACTIVE,\r | |
252 | key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r | |
20333c6d | 253 | \r |
ecc722ad | 254 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
255 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
256 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
257 | flags = INTERACTIVE,\r | |
258 | key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r | |
259 | \r | |
260 | endform;\r | |
261 | \r | |
262 | //\r | |
263 | // ##7 Form: 'Delete KEK'\r | |
20333c6d | 264 | //\r |
ecc722ad | 265 | form formid = FORMID_DELETE_KEK_FORM,\r |
266 | title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r | |
267 | \r | |
268 | label LABEL_KEK_DELETE;\r | |
269 | label LABEL_END;\r | |
20333c6d | 270 | \r |
ecc722ad | 271 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 272 | \r |
ecc722ad | 273 | endform;\r |
274 | \r | |
275 | //\r | |
276 | // ##8 Form: 'DB Options'\r | |
277 | //\r | |
278 | form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
279 | title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r | |
280 | \r | |
281 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
282 | \r | |
283 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
284 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
285 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
286 | flags = 0;\r | |
287 | \r | |
288 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
289 | \r | |
290 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
291 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
292 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
293 | flags = INTERACTIVE,\r | |
294 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r | |
20333c6d | 295 | \r |
ecc722ad | 296 | endform;\r |
297 | \r | |
298 | //\r | |
299 | // ##9 Form: 'DBX Options'\r | |
300 | //\r | |
301 | form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
302 | title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r | |
303 | \r | |
304 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
305 | \r | |
306 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
307 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
308 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
309 | flags = 0;\r | |
310 | \r | |
311 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
312 | \r | |
85974aef | 313 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r |
ecc722ad | 314 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r |
315 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
316 | flags = INTERACTIVE,\r | |
85974aef | 317 | key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;\r |
ecc722ad | 318 | \r |
319 | endform;\r | |
320 | \r | |
20333c6d QL |
321 | //\r |
322 | // ##9 Form: 'DBT Options'\r | |
323 | //\r | |
324 | form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
325 | title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r | |
326 | \r | |
327 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
328 | \r | |
329 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
330 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
331 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
332 | flags = 0;\r | |
333 | \r | |
334 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
335 | \r | |
336 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
337 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
338 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
339 | flags = INTERACTIVE,\r | |
340 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r | |
341 | \r | |
342 | endform;\r | |
343 | \r | |
ecc722ad | 344 | //\r |
345 | // Form: 'Delete Signature' for DB Options.\r | |
346 | //\r | |
347 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
348 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
349 | \r | |
350 | label LABEL_DB_DELETE;\r | |
351 | label LABEL_END;\r | |
352 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d | 353 | \r |
ecc722ad | 354 | endform;\r |
355 | \r | |
356 | //\r | |
85974aef | 357 | // Form: Display Signature List.\r |
ecc722ad | 358 | //\r |
85974aef | 359 | form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r |
360 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);\r | |
361 | \r | |
362 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
363 | \r | |
364 | grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;\r | |
365 | label LABEL_DELETE_ALL_LIST_BUTTON;\r | |
366 | //\r | |
367 | // Will create a goto button dynamically here.\r | |
368 | //\r | |
369 | label LABEL_END;\r | |
370 | endif;\r | |
371 | \r | |
372 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
373 | label LABEL_SIGNATURE_LIST_START;\r | |
374 | label LABEL_END;\r | |
375 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 376 | \r |
85974aef | 377 | endform;\r |
378 | \r | |
379 | //\r | |
380 | // Form: Display Signature Data.\r | |
381 | //\r | |
382 | form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,\r | |
383 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);\r | |
384 | \r | |
385 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
386 | \r | |
387 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
388 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),\r | |
389 | help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),\r | |
390 | flags = INTERACTIVE,\r | |
391 | key = KEY_SECURE_BOOT_DELETE_ALL_DATA;\r | |
392 | \r | |
393 | grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;\r | |
394 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
395 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),\r | |
396 | help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),\r | |
397 | flags = INTERACTIVE,\r | |
398 | key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;\r | |
399 | endif;\r | |
400 | \r | |
401 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
402 | label LABEL_SIGNATURE_DATA_START;\r | |
ecc722ad | 403 | label LABEL_END;\r |
404 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d QL |
405 | \r |
406 | endform;\r | |
407 | \r | |
85974aef | 408 | \r |
20333c6d QL |
409 | //\r |
410 | // Form: 'Delete Signature' for DBT Options.\r | |
411 | //\r | |
412 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
413 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
414 | \r | |
415 | label LABEL_DBT_DELETE;\r | |
416 | label LABEL_END;\r | |
417 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
418 | \r | |
ecc722ad | 419 | endform;\r |
420 | \r | |
421 | //\r | |
422 | // Form: 'Enroll Signature' for DB options.\r | |
423 | //\r | |
424 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
425 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
426 | \r | |
427 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
428 | \r | |
762d8ddb | 429 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r |
ecc722ad | 430 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
431 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
432 | flags = INTERACTIVE,\r | |
433 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
434 | \r | |
435 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
436 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
437 | label LABEL_END;\r | |
438 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
439 | \r | |
440 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
441 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
442 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
443 | flags = INTERACTIVE,\r | |
444 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r | |
445 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
446 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
447 | endstring;\r | |
448 | \r | |
449 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
450 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
451 | \r | |
452 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
453 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
454 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
455 | flags = INTERACTIVE,\r | |
456 | key = KEY_VALUE_SAVE_AND_EXIT_DB;\r | |
20333c6d | 457 | \r |
ecc722ad | 458 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
459 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
460 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
461 | flags = INTERACTIVE,\r | |
462 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r | |
463 | \r | |
464 | endform;\r | |
465 | \r | |
466 | //\r | |
467 | // Form: 'Enroll Signature' for DBX options.\r | |
468 | //\r | |
469 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
470 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
471 | \r | |
472 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
473 | \r | |
762d8ddb | 474 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r |
ecc722ad | 475 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
476 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
477 | flags = INTERACTIVE,\r | |
478 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
479 | \r | |
ecc722ad | 480 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r |
481 | label LABEL_END;\r | |
482 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
483 | \r | |
4de754e1 ZC |
484 | grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r |
485 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
486 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
487 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
488 | flags = INTERACTIVE,\r | |
489 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r | |
490 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
491 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
492 | endstring;\r | |
493 | endif;\r | |
ecc722ad | 494 | \r |
4de754e1 ZC |
495 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r |
496 | oneof name = X509SignatureFormatInDbx,\r | |
497 | varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r | |
498 | prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r | |
499 | help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r | |
500 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r | |
501 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r | |
502 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r | |
503 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r | |
504 | endoneof;\r | |
505 | endif;\r | |
506 | \r | |
507 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r | |
508 | text\r | |
509 | help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r | |
510 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
511 | text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r | |
512 | endif;\r | |
513 | \r | |
514 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r | |
515 | text\r | |
516 | help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r | |
517 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
518 | text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r | |
519 | endif;\r | |
20333c6d | 520 | \r |
e9429e79 | 521 | suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r |
20333c6d QL |
522 | checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r |
523 | prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r | |
524 | help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r | |
525 | flags = INTERACTIVE,\r | |
526 | endcheckbox;\r | |
527 | \r | |
528 | suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r | |
529 | date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r | |
530 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r | |
531 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r | |
532 | flags = STORAGE_NORMAL,\r | |
533 | enddate;\r | |
534 | \r | |
535 | time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r | |
536 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r | |
537 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r | |
538 | flags = STORAGE_NORMAL,\r | |
539 | endtime;\r | |
540 | endif;\r | |
541 | endif;\r | |
542 | \r | |
ecc722ad | 543 | subtitle text = STRING_TOKEN(STR_NULL);\r |
544 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
545 | \r | |
546 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
547 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
548 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
549 | flags = INTERACTIVE,\r | |
550 | key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r | |
20333c6d | 551 | \r |
ecc722ad | 552 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
553 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
554 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
555 | flags = INTERACTIVE,\r | |
556 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r | |
557 | \r | |
558 | endform;\r | |
559 | \r | |
20333c6d QL |
560 | //\r |
561 | // Form: 'Enroll Signature' for DBT options.\r | |
562 | //\r | |
563 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
564 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
565 | \r | |
566 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
567 | \r | |
762d8ddb | 568 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r |
20333c6d QL |
569 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r |
570 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
571 | flags = INTERACTIVE,\r | |
572 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
573 | \r | |
574 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
575 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
576 | label LABEL_END;\r | |
577 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
578 | \r | |
579 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
580 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
581 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
582 | flags = INTERACTIVE,\r | |
583 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r | |
584 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
585 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
586 | endstring;\r | |
587 | \r | |
588 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
589 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
590 | \r | |
591 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
592 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
593 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
594 | flags = INTERACTIVE,\r | |
595 | key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r | |
596 | \r | |
597 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
598 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
599 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
600 | flags = INTERACTIVE,\r | |
601 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r | |
602 | \r | |
603 | endform;\r | |
604 | \r | |
b3548d32 | 605 | endformset;\r |