]> git.proxmox.com Git - mirror_edk2.git/blame - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SecurityPkg: Replace BSD License with BSD+Patent License
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
CommitLineData
beda2356 1/** @file\r
2 VFR file used by the SecureBoot configuration component.\r
3\r
b3548d32 4Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r
289b714b 5SPDX-License-Identifier: BSD-2-Clause-Patent\r
beda2356 6\r
7**/\r
8\r
9#include "SecureBootConfigNvData.h"\r
10\r
11formset\r
12 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r
13 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r
14 help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r
15 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r
16\r
17 varstore SECUREBOOT_CONFIGURATION,\r
18 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r
19 name = SECUREBOOT_CONFIGURATION,\r
20 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r
20333c6d 21\r
ecc722ad 22 //\r
23 // ##1 Form "Secure Boot Configuration"\r
24 //\r
beda2356 25 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r
26 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r
27\r
28 subtitle text = STRING_TOKEN(STR_NULL);\r
f71ed839 29\r
30 text\r
31 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r
32 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
33 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
20333c6d 34\r
ecc722ad 35 //\r
36 // Display of Check Box: Attempt Secure Boot\r
37 //\r
e8903bb7 38 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
f71ed839 39 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
beda2356 40 questionid = KEY_SECURE_BOOT_ENABLE,\r
41 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
42 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r
8f8ca22e 43 flags = INTERACTIVE | RESET_REQUIRED,\r
ecc722ad 44 endcheckbox;\r
45 endif;\r
20333c6d 46\r
ecc722ad 47 //\r
48 // Display of Oneof: 'Secure Boot Mode'\r
49 //\r
142d2dcb
CZ		 50 oneof name = SecureBootMode,\r
51 questionid = KEY_SECURE_BOOT_MODE,\r
52 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
53 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
54 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
55 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
56 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
57 endoneof;\r
20333c6d 58\r
ecc722ad 59 //\r
12087ff6 60 // Display of 'Current Secure Boot Mode'\r
ecc722ad 61 //\r
a365eed4 62 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
96832eef
CZ		 63 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
64 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
65 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
66 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
67 flags = INTERACTIVE,\r
68 key = KEY_SECURE_BOOT_OPTION;\r
69 endif;\r
ecc722ad 70 endif;\r
96832eef 71\r
ecc722ad 72 endform;\r
20333c6d 73\r
ecc722ad 74 //\r
75 // ##2 Form: 'Custom Secure Boot Options'\r
76 //\r
77 form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r
78 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r
20333c6d 79\r
ecc722ad 80 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 81\r
ecc722ad 82 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
83 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r
84 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r
85 flags = INTERACTIVE,\r
86 key = KEY_SECURE_BOOT_PK_OPTION;\r
20333c6d 87\r
ecc722ad 88 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 89\r
ecc722ad 90 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
91 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r
92 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r
93 flags = INTERACTIVE,\r
94 key = KEY_SECURE_BOOT_KEK_OPTION;\r
20333c6d 95\r
ecc722ad 96 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 97\r
ecc722ad 98 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
99 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r
100 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r
101 flags = INTERACTIVE,\r
102 key = KEY_SECURE_BOOT_DB_OPTION;\r
20333c6d 103\r
ecc722ad 104 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 105\r
ecc722ad 106 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
107 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r
108 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r
109 flags = INTERACTIVE,\r
110 key = KEY_SECURE_BOOT_DBX_OPTION;\r
111\r
20333c6d
QL		 112 subtitle text = STRING_TOKEN(STR_NULL);\r
113\r
114 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
115 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r
116 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r
117 flags = INTERACTIVE,\r
118 key = KEY_SECURE_BOOT_DBT_OPTION;\r
119\r
ecc722ad 120 endform;\r
20333c6d 121\r
ecc722ad 122 //\r
123 // ##3 Form: 'PK Options'\r
124 //\r
125 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
126 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r
20333c6d 127\r
ecc722ad 128 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 129\r
ecc722ad 130 //\r
142d2dcb 131 // Display of 'Enroll PK'\r
ecc722ad 132 //\r
ecc722ad 133 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
134 goto FORMID_ENROLL_PK_FORM,\r
135 prompt = STRING_TOKEN(STR_ENROLL_PK),\r
136 help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r
137 flags = INTERACTIVE,\r
138 key = KEY_ENROLL_PK;\r
139 endif;\r
20333c6d 140\r
ecc722ad 141 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 142\r
ecc722ad 143 //\r
20333c6d 144 // Display of Check Box: 'Delete Pk'\r
ecc722ad 145 //\r
146 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
147 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
148 questionid = KEY_SECURE_BOOT_DELETE_PK,\r
20333c6d 149 prompt = STRING_TOKEN(STR_DELETE_PK),\r
ecc722ad 150 help = STRING_TOKEN(STR_DELETE_PK_HELP),\r
0fb450fb 151 flags = INTERACTIVE | RESET_REQUIRED,\r
beda2356 152 endcheckbox;\r
153 endif;\r
ecc722ad 154 endform;\r
20333c6d 155\r
ecc722ad 156 //\r
157 // ##4 Form: 'Enroll PK'\r
158 //\r
159 form formid = FORMID_ENROLL_PK_FORM,\r
160 title = STRING_TOKEN(STR_ENROLL_PK);\r
20333c6d 161\r
ecc722ad 162 subtitle text = STRING_TOKEN(STR_NULL);\r
163\r
762d8ddb 164 goto FORMID_ENROLL_PK_FORM,\r
ecc722ad 165 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
166 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
167 flags = INTERACTIVE,\r
762d8ddb
DB		 168 key = FORMID_ENROLL_PK_FORM;\r
169\r
170 subtitle text = STRING_TOKEN(STR_NULL);\r
171 label FORMID_ENROLL_PK_FORM;\r
172 label LABEL_END;\r
173 subtitle text = STRING_TOKEN(STR_NULL);\r
174\r
175 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
176 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
177 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
178 flags = INTERACTIVE| RESET_REQUIRED,\r
179 key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
180\r
181 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
182 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
183 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
184 flags = INTERACTIVE,\r
185 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
186\r
ecc722ad 187 endform;\r
20333c6d 188\r
ecc722ad 189 //\r
190 // ##5 Form: 'KEK Options'\r
191 //\r
192 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
193 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r
194\r
195 //\r
20333c6d 196 // Display of 'Enroll KEK'\r
ecc722ad 197 //\r
198 goto FORMID_ENROLL_KEK_FORM,\r
199 prompt = STRING_TOKEN(STR_ENROLL_KEK),\r
200 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r
201 flags = INTERACTIVE;\r
20333c6d
QL		 202\r
203 subtitle text = STRING_TOKEN(STR_NULL);\r
204\r
ecc722ad 205 //\r
20333c6d 206 // Display of 'Delete KEK'\r
ecc722ad 207 //\r
208 goto FORMID_DELETE_KEK_FORM,\r
209 prompt = STRING_TOKEN(STR_DELETE_KEK),\r
210 help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r
211 flags = INTERACTIVE,\r
212 key = KEY_DELETE_KEK;\r
20333c6d
QL		 213\r
214 subtitle text = STRING_TOKEN(STR_NULL);\r
ecc722ad 215 endform;\r
216\r
217 //\r
20333c6d 218 // ##6 Form: 'Enroll KEK'\r
ecc722ad 219 //\r
220 form formid = FORMID_ENROLL_KEK_FORM,\r
221 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r
222\r
223 subtitle text = STRING_TOKEN(STR_NULL);\r
224\r
762d8ddb 225 goto FORMID_ENROLL_KEK_FORM,\r
ecc722ad 226 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
227 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
228 flags = INTERACTIVE,\r
229 key = FORMID_ENROLL_KEK_FORM;\r
230\r
231 subtitle text = STRING_TOKEN(STR_NULL);\r
232 label FORMID_ENROLL_KEK_FORM;\r
233 label LABEL_END;\r
234 subtitle text = STRING_TOKEN(STR_NULL);\r
235\r
236 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
237 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
238 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
239 flags = INTERACTIVE,\r
240 key = KEY_SECURE_BOOT_KEK_GUID,\r
241 minsize = SECURE_BOOT_GUID_SIZE,\r
242 maxsize = SECURE_BOOT_GUID_SIZE,\r
243 endstring;\r
244\r
245 subtitle text = STRING_TOKEN(STR_NULL);\r
246 subtitle text = STRING_TOKEN(STR_NULL);\r
247\r
248 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
249 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
250 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
251 flags = INTERACTIVE,\r
252 key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r
20333c6d 253\r
ecc722ad 254 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
255 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
256 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
257 flags = INTERACTIVE,\r
258 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r
259\r
260 endform;\r
261\r
262 //\r
263 // ##7 Form: 'Delete KEK'\r
20333c6d 264 //\r
ecc722ad 265 form formid = FORMID_DELETE_KEK_FORM,\r
266 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r
267\r
268 label LABEL_KEK_DELETE;\r
269 label LABEL_END;\r
20333c6d 270\r
ecc722ad 271 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 272\r
ecc722ad 273 endform;\r
274\r
275 //\r
276 // ##8 Form: 'DB Options'\r
277 //\r
278 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
279 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r
280\r
281 subtitle text = STRING_TOKEN(STR_NULL);\r
282\r
283 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
284 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
285 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
286 flags = 0;\r
287\r
288 subtitle text = STRING_TOKEN(STR_NULL);\r
289\r
290 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
291 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
292 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
293 flags = INTERACTIVE,\r
294 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r
20333c6d 295\r
ecc722ad 296 endform;\r
297\r
298 //\r
299 // ##9 Form: 'DBX Options'\r
300 //\r
301 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
302 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r
303\r
304 subtitle text = STRING_TOKEN(STR_NULL);\r
305\r
306 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
307 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
308 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
309 flags = 0;\r
310\r
311 subtitle text = STRING_TOKEN(STR_NULL);\r
312\r
85974aef 313 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
ecc722ad 314 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
315 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
316 flags = INTERACTIVE,\r
85974aef 317 key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;\r
ecc722ad 318\r
319 endform;\r
320\r
20333c6d
QL		 321 //\r
322 // ##9 Form: 'DBT Options'\r
323 //\r
324 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
325 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r
326\r
327 subtitle text = STRING_TOKEN(STR_NULL);\r
328\r
329 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
330 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
331 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
332 flags = 0;\r
333\r
334 subtitle text = STRING_TOKEN(STR_NULL);\r
335\r
336 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
337 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
338 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
339 flags = INTERACTIVE,\r
340 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r
341\r
342 endform;\r
343\r
ecc722ad 344 //\r
345 // Form: 'Delete Signature' for DB Options.\r
346 //\r
347 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
348 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
349\r
350 label LABEL_DB_DELETE;\r
351 label LABEL_END;\r
352 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 353\r
ecc722ad 354 endform;\r
355\r
356 //\r
85974aef 357 // Form: Display Signature List.\r
ecc722ad 358 //\r
85974aef 359 form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
360 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);\r
361\r
362 subtitle text = STRING_TOKEN(STR_NULL);\r
363\r
364 grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;\r
365 label LABEL_DELETE_ALL_LIST_BUTTON;\r
366 //\r
367 // Will create a goto button dynamically here.\r
368 //\r
369 label LABEL_END;\r
370 endif;\r
371\r
372 subtitle text = STRING_TOKEN(STR_NULL);\r
373 label LABEL_SIGNATURE_LIST_START;\r
374 label LABEL_END;\r
375 subtitle text = STRING_TOKEN(STR_NULL);\r
ecc722ad 376\r
85974aef 377 endform;\r
378\r
379 //\r
380 // Form: Display Signature Data.\r
381 //\r
382 form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,\r
383 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);\r
384\r
385 subtitle text = STRING_TOKEN(STR_NULL);\r
386\r
387 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
388 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),\r
389 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),\r
390 flags = INTERACTIVE,\r
391 key = KEY_SECURE_BOOT_DELETE_ALL_DATA;\r
392\r
393 grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;\r
394 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
395 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),\r
396 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),\r
397 flags = INTERACTIVE,\r
398 key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;\r
399 endif;\r
400\r
401 subtitle text = STRING_TOKEN(STR_NULL);\r
402 label LABEL_SIGNATURE_DATA_START;\r
ecc722ad 403 label LABEL_END;\r
404 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d
QL		 405\r
406 endform;\r
407\r
85974aef 408\r
20333c6d
QL		 409 //\r
410 // Form: 'Delete Signature' for DBT Options.\r
411 //\r
412 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
413 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
414\r
415 label LABEL_DBT_DELETE;\r
416 label LABEL_END;\r
417 subtitle text = STRING_TOKEN(STR_NULL);\r
418\r
ecc722ad 419 endform;\r
420\r
421 //\r
422 // Form: 'Enroll Signature' for DB options.\r
423 //\r
424 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
425 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
426\r
427 subtitle text = STRING_TOKEN(STR_NULL);\r
428\r
762d8ddb 429 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
ecc722ad 430 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
431 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
432 flags = INTERACTIVE,\r
433 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
434\r
435 subtitle text = STRING_TOKEN(STR_NULL);\r
436 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
437 label LABEL_END;\r
438 subtitle text = STRING_TOKEN(STR_NULL);\r
439\r
440 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
441 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
442 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
443 flags = INTERACTIVE,\r
444 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r
445 minsize = SECURE_BOOT_GUID_SIZE,\r
446 maxsize = SECURE_BOOT_GUID_SIZE,\r
447 endstring;\r
448\r
449 subtitle text = STRING_TOKEN(STR_NULL);\r
450 subtitle text = STRING_TOKEN(STR_NULL);\r
451\r
452 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
453 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
454 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
455 flags = INTERACTIVE,\r
456 key = KEY_VALUE_SAVE_AND_EXIT_DB;\r
20333c6d 457\r
ecc722ad 458 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
459 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
460 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
461 flags = INTERACTIVE,\r
462 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r
463\r
464 endform;\r
465\r
466 //\r
467 // Form: 'Enroll Signature' for DBX options.\r
468 //\r
469 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
470 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
471\r
472 subtitle text = STRING_TOKEN(STR_NULL);\r
473\r
762d8ddb 474 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
ecc722ad 475 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
476 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
477 flags = INTERACTIVE,\r
478 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
479\r
ecc722ad 480 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
481 label LABEL_END;\r
482 subtitle text = STRING_TOKEN(STR_NULL);\r
483\r
4de754e1
ZC		 484 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
485 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
486 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
487 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
488 flags = INTERACTIVE,\r
489 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
490 minsize = SECURE_BOOT_GUID_SIZE,\r
491 maxsize = SECURE_BOOT_GUID_SIZE,\r
492 endstring;\r
493 endif;\r
ecc722ad 494\r
4de754e1
ZC		 495 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r
496 oneof name = X509SignatureFormatInDbx,\r
497 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
498 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
499 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
500 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r
501 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r
502 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r
503 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r
504 endoneof;\r
505 endif;\r
506\r
507 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r
508 text\r
509 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r
510 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
511 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r
512 endif;\r
513\r
514 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
515 text\r
516 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r
517 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
518 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r
519 endif;\r
20333c6d 520\r
e9429e79 521 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r
20333c6d
QL		 522 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
523 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
524 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
525 flags = INTERACTIVE,\r
526 endcheckbox;\r
527\r
528 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r
529 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r
530 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r
531 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r
532 flags = STORAGE_NORMAL,\r
533 enddate;\r
534\r
535 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r
536 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r
537 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r
538 flags = STORAGE_NORMAL,\r
539 endtime;\r
540 endif;\r
541 endif;\r
542\r
ecc722ad 543 subtitle text = STRING_TOKEN(STR_NULL);\r
544 subtitle text = STRING_TOKEN(STR_NULL);\r
545\r
546 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
547 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
548 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
549 flags = INTERACTIVE,\r
550 key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r
20333c6d 551\r
ecc722ad 552 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
553 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
554 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
555 flags = INTERACTIVE,\r
556 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r
557\r
558 endform;\r
559\r
20333c6d
QL		 560 //\r
561 // Form: 'Enroll Signature' for DBT options.\r
562 //\r
563 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
564 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
565\r
566 subtitle text = STRING_TOKEN(STR_NULL);\r
567\r
762d8ddb 568 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
20333c6d
QL		 569 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
570 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
571 flags = INTERACTIVE,\r
572 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
573\r
574 subtitle text = STRING_TOKEN(STR_NULL);\r
575 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
576 label LABEL_END;\r
577 subtitle text = STRING_TOKEN(STR_NULL);\r
578\r
579 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
580 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
581 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
582 flags = INTERACTIVE,\r
583 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r
584 minsize = SECURE_BOOT_GUID_SIZE,\r
585 maxsize = SECURE_BOOT_GUID_SIZE,\r
586 endstring;\r
587\r
588 subtitle text = STRING_TOKEN(STR_NULL);\r
589 subtitle text = STRING_TOKEN(STR_NULL);\r
590\r
591 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
592 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
593 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
594 flags = INTERACTIVE,\r
595 key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r
596\r
597 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
598 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
599 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
600 flags = INTERACTIVE,\r
601 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r
602\r
603 endform;\r
604\r
b3548d32 605endformset;\r
EFI Development Kit II mirror for PVE