]> git.proxmox.com Git - mirror_edk2.git/blame - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SecurityPkg: Use FileExplorerLib in SecureBootConfigDxe
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
CommitLineData
beda2356 1/** @file\r
2 VFR file used by the SecureBoot configuration component.\r
3\r
762d8ddb 4Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>\r
20333c6d
QL		 5This program and the accompanying materials\r
6are licensed and made available under the terms and conditions of the BSD License\r
7which accompanies this distribution. The full text of the license may be found at\r
beda2356 8http://opensource.org/licenses/bsd-license.php\r
9\r
20333c6d 10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
beda2356 11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
12\r
13**/\r
14\r
15#include "SecureBootConfigNvData.h"\r
16\r
17formset\r
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r
22\r
23 varstore SECUREBOOT_CONFIGURATION,\r
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r
25 name = SECUREBOOT_CONFIGURATION,\r
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r
20333c6d 27\r
ecc722ad 28 //\r
29 // ##1 Form "Secure Boot Configuration"\r
30 //\r
beda2356 31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r
33\r
34 subtitle text = STRING_TOKEN(STR_NULL);\r
f71ed839 35\r
96832eef
CZ		 36 //\r
37 // Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode)\r
38 //\r
39 text\r
40 help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP),\r
41 text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT),\r
42 text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT);\r
43\r
f71ed839 44 text\r
45 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r
46 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
47 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
20333c6d 48\r
ecc722ad 49 //\r
50 // Display of Check Box: Attempt Secure Boot\r
51 //\r
beda2356 52 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
f71ed839 53 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
beda2356 54 questionid = KEY_SECURE_BOOT_ENABLE,\r
55 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
56 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r
8f8ca22e 57 flags = INTERACTIVE | RESET_REQUIRED,\r
ecc722ad 58 endcheckbox;\r
59 endif;\r
20333c6d 60\r
ecc722ad 61 //\r
62 // Display of Oneof: 'Secure Boot Mode'\r
63 //\r
142d2dcb
CZ		 64 oneof name = SecureBootMode,\r
65 questionid = KEY_SECURE_BOOT_MODE,\r
66 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
67 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
68 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
69 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
70 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
71 endoneof;\r
20333c6d 72\r
ecc722ad 73 //\r
96832eef 74 // Display PK include page\r
ecc722ad 75 //\r
a365eed4 76 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
96832eef
CZ		 77 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
78 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
79 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
80 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
81 flags = INTERACTIVE,\r
82 key = KEY_SECURE_BOOT_OPTION;\r
83 endif;\r
ecc722ad 84 endif;\r
96832eef 85\r
ecc722ad 86 endform;\r
20333c6d 87\r
ecc722ad 88 //\r
89 // ##2 Form: 'Custom Secure Boot Options'\r
90 //\r
91 form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r
92 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r
20333c6d 93\r
ecc722ad 94 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 95\r
96832eef
CZ		 96 //\r
97 // Display of SetupMode/UserMode/AuditMode/DeployedMode transition\r
98 //\r
142d2dcb 99 oneof name = TransSecureBootMode,\r
96832eef
CZ		 100 questionid = KEY_TRANS_SECURE_BOOT_MODE,\r
101 prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),\r
102 help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),\r
103 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
104 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE \r
105 OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND\r
106 ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);\r
107 option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;\r
108 endif\r
109 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;\r
110 option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;\r
111 endif\r
112 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;\r
113 option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;\r
114 endif\r
115 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;\r
116 option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;\r
117 endif\r
118\r
142d2dcb 119 endoneof;\r
96832eef
CZ		 120\r
121 subtitle text = STRING_TOKEN(STR_NULL);\r
122\r
ecc722ad 123 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
124 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r
125 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r
126 flags = INTERACTIVE,\r
127 key = KEY_SECURE_BOOT_PK_OPTION;\r
20333c6d 128\r
ecc722ad 129 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 130\r
ecc722ad 131 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
132 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r
133 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r
134 flags = INTERACTIVE,\r
135 key = KEY_SECURE_BOOT_KEK_OPTION;\r
20333c6d 136\r
ecc722ad 137 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 138\r
ecc722ad 139 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
140 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r
141 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r
142 flags = INTERACTIVE,\r
143 key = KEY_SECURE_BOOT_DB_OPTION;\r
20333c6d 144\r
ecc722ad 145 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 146\r
ecc722ad 147 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
148 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r
149 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r
150 flags = INTERACTIVE,\r
151 key = KEY_SECURE_BOOT_DBX_OPTION;\r
152\r
20333c6d
QL		 153 subtitle text = STRING_TOKEN(STR_NULL);\r
154\r
155 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
156 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r
157 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r
158 flags = INTERACTIVE,\r
159 key = KEY_SECURE_BOOT_DBT_OPTION;\r
160\r
ecc722ad 161 endform;\r
20333c6d 162\r
ecc722ad 163 //\r
164 // ##3 Form: 'PK Options'\r
165 //\r
166 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
167 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r
20333c6d 168\r
ecc722ad 169 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 170\r
ecc722ad 171 //\r
142d2dcb 172 // Display of 'Enroll PK'\r
ecc722ad 173 //\r
ecc722ad 174 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
175 goto FORMID_ENROLL_PK_FORM,\r
176 prompt = STRING_TOKEN(STR_ENROLL_PK),\r
177 help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r
178 flags = INTERACTIVE,\r
179 key = KEY_ENROLL_PK;\r
180 endif;\r
20333c6d 181\r
ecc722ad 182 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 183\r
ecc722ad 184 //\r
20333c6d 185 // Display of Check Box: 'Delete Pk'\r
ecc722ad 186 //\r
187 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
188 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
189 questionid = KEY_SECURE_BOOT_DELETE_PK,\r
20333c6d 190 prompt = STRING_TOKEN(STR_DELETE_PK),\r
ecc722ad 191 help = STRING_TOKEN(STR_DELETE_PK_HELP),\r
0fb450fb 192 flags = INTERACTIVE | RESET_REQUIRED,\r
beda2356 193 endcheckbox;\r
194 endif;\r
ecc722ad 195 endform;\r
20333c6d 196\r
ecc722ad 197 //\r
198 // ##4 Form: 'Enroll PK'\r
199 //\r
200 form formid = FORMID_ENROLL_PK_FORM,\r
201 title = STRING_TOKEN(STR_ENROLL_PK);\r
20333c6d 202\r
ecc722ad 203 subtitle text = STRING_TOKEN(STR_NULL);\r
204\r
762d8ddb 205 goto FORMID_ENROLL_PK_FORM,\r
ecc722ad 206 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
207 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
208 flags = INTERACTIVE,\r
762d8ddb
DB		 209 key = FORMID_ENROLL_PK_FORM;\r
210\r
211 subtitle text = STRING_TOKEN(STR_NULL);\r
212 label FORMID_ENROLL_PK_FORM;\r
213 label LABEL_END;\r
214 subtitle text = STRING_TOKEN(STR_NULL);\r
215\r
216 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
217 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
218 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
219 flags = INTERACTIVE| RESET_REQUIRED,\r
220 key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
221\r
222 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
223 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
224 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
225 flags = INTERACTIVE,\r
226 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
227\r
ecc722ad 228 endform;\r
20333c6d 229\r
ecc722ad 230 //\r
231 // ##5 Form: 'KEK Options'\r
232 //\r
233 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
234 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r
235\r
236 //\r
20333c6d 237 // Display of 'Enroll KEK'\r
ecc722ad 238 //\r
239 goto FORMID_ENROLL_KEK_FORM,\r
240 prompt = STRING_TOKEN(STR_ENROLL_KEK),\r
241 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r
242 flags = INTERACTIVE;\r
20333c6d
QL		 243\r
244 subtitle text = STRING_TOKEN(STR_NULL);\r
245\r
ecc722ad 246 //\r
20333c6d 247 // Display of 'Delete KEK'\r
ecc722ad 248 //\r
249 goto FORMID_DELETE_KEK_FORM,\r
250 prompt = STRING_TOKEN(STR_DELETE_KEK),\r
251 help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r
252 flags = INTERACTIVE,\r
253 key = KEY_DELETE_KEK;\r
20333c6d
QL		 254\r
255 subtitle text = STRING_TOKEN(STR_NULL);\r
ecc722ad 256 endform;\r
257\r
258 //\r
20333c6d 259 // ##6 Form: 'Enroll KEK'\r
ecc722ad 260 //\r
261 form formid = FORMID_ENROLL_KEK_FORM,\r
262 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r
263\r
264 subtitle text = STRING_TOKEN(STR_NULL);\r
265\r
762d8ddb 266 goto FORMID_ENROLL_KEK_FORM,\r
ecc722ad 267 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
268 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
269 flags = INTERACTIVE,\r
270 key = FORMID_ENROLL_KEK_FORM;\r
271\r
272 subtitle text = STRING_TOKEN(STR_NULL);\r
273 label FORMID_ENROLL_KEK_FORM;\r
274 label LABEL_END;\r
275 subtitle text = STRING_TOKEN(STR_NULL);\r
276\r
277 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
278 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
279 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
280 flags = INTERACTIVE,\r
281 key = KEY_SECURE_BOOT_KEK_GUID,\r
282 minsize = SECURE_BOOT_GUID_SIZE,\r
283 maxsize = SECURE_BOOT_GUID_SIZE,\r
284 endstring;\r
285\r
286 subtitle text = STRING_TOKEN(STR_NULL);\r
287 subtitle text = STRING_TOKEN(STR_NULL);\r
288\r
289 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
290 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
291 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
292 flags = INTERACTIVE,\r
293 key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r
20333c6d 294\r
ecc722ad 295 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
296 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
297 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
298 flags = INTERACTIVE,\r
299 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r
300\r
301 endform;\r
302\r
303 //\r
304 // ##7 Form: 'Delete KEK'\r
20333c6d 305 //\r
ecc722ad 306 form formid = FORMID_DELETE_KEK_FORM,\r
307 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r
308\r
309 label LABEL_KEK_DELETE;\r
310 label LABEL_END;\r
20333c6d 311\r
ecc722ad 312 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 313\r
ecc722ad 314 endform;\r
315\r
316 //\r
317 // ##8 Form: 'DB Options'\r
318 //\r
319 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
320 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r
321\r
322 subtitle text = STRING_TOKEN(STR_NULL);\r
323\r
324 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
325 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
326 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
327 flags = 0;\r
328\r
329 subtitle text = STRING_TOKEN(STR_NULL);\r
330\r
331 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
332 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
333 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
334 flags = INTERACTIVE,\r
335 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r
20333c6d 336\r
ecc722ad 337 endform;\r
338\r
339 //\r
340 // ##9 Form: 'DBX Options'\r
341 //\r
342 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
343 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r
344\r
345 subtitle text = STRING_TOKEN(STR_NULL);\r
346\r
347 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
348 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
349 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
350 flags = 0;\r
351\r
352 subtitle text = STRING_TOKEN(STR_NULL);\r
353\r
354 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
355 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
356 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
357 flags = INTERACTIVE,\r
358 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;\r
359\r
360 endform;\r
361\r
20333c6d
QL		 362 //\r
363 // ##9 Form: 'DBT Options'\r
364 //\r
365 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
366 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r
367\r
368 subtitle text = STRING_TOKEN(STR_NULL);\r
369\r
370 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
371 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
372 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
373 flags = 0;\r
374\r
375 subtitle text = STRING_TOKEN(STR_NULL);\r
376\r
377 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
378 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
379 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
380 flags = INTERACTIVE,\r
381 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r
382\r
383 endform;\r
384\r
ecc722ad 385 //\r
386 // Form: 'Delete Signature' for DB Options.\r
387 //\r
388 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
389 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
390\r
391 label LABEL_DB_DELETE;\r
392 label LABEL_END;\r
393 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 394\r
ecc722ad 395 endform;\r
396\r
397 //\r
398 // Form: 'Delete Signature' for DBX Options.\r
399 //\r
400 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
401 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
402\r
403 label LABEL_DBX_DELETE;\r
404 label LABEL_END;\r
405 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d
QL		 406\r
407 endform;\r
408\r
409 //\r
410 // Form: 'Delete Signature' for DBT Options.\r
411 //\r
412 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
413 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
414\r
415 label LABEL_DBT_DELETE;\r
416 label LABEL_END;\r
417 subtitle text = STRING_TOKEN(STR_NULL);\r
418\r
ecc722ad 419 endform;\r
420\r
421 //\r
422 // Form: 'Enroll Signature' for DB options.\r
423 //\r
424 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
425 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
426\r
427 subtitle text = STRING_TOKEN(STR_NULL);\r
428\r
762d8ddb 429 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
ecc722ad 430 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
431 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
432 flags = INTERACTIVE,\r
433 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
434\r
435 subtitle text = STRING_TOKEN(STR_NULL);\r
436 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
437 label LABEL_END;\r
438 subtitle text = STRING_TOKEN(STR_NULL);\r
439\r
440 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
441 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
442 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
443 flags = INTERACTIVE,\r
444 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r
445 minsize = SECURE_BOOT_GUID_SIZE,\r
446 maxsize = SECURE_BOOT_GUID_SIZE,\r
447 endstring;\r
448\r
449 subtitle text = STRING_TOKEN(STR_NULL);\r
450 subtitle text = STRING_TOKEN(STR_NULL);\r
451\r
452 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
453 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
454 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
455 flags = INTERACTIVE,\r
456 key = KEY_VALUE_SAVE_AND_EXIT_DB;\r
20333c6d 457\r
ecc722ad 458 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
459 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
460 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
461 flags = INTERACTIVE,\r
462 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r
463\r
464 endform;\r
465\r
466 //\r
467 // Form: 'Enroll Signature' for DBX options.\r
468 //\r
469 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
470 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
471\r
472 subtitle text = STRING_TOKEN(STR_NULL);\r
473\r
762d8ddb 474 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
ecc722ad 475 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
476 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
477 flags = INTERACTIVE,\r
478 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
479\r
ecc722ad 480 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
481 label LABEL_END;\r
482 subtitle text = STRING_TOKEN(STR_NULL);\r
483\r
484 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
485 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
486 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
487 flags = INTERACTIVE,\r
488 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
489 minsize = SECURE_BOOT_GUID_SIZE,\r
490 maxsize = SECURE_BOOT_GUID_SIZE,\r
491 endstring;\r
492\r
20333c6d
QL		 493 oneof name = SignatureFormatInDbx,\r
494 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
495 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
496 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
497 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;\r
498 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;\r
499 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;\r
500 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;\r
501 endoneof;\r
502\r
503 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;\r
504 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
505 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
506 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
507 flags = INTERACTIVE,\r
508 endcheckbox;\r
509\r
510 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r
511 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r
512 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r
513 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r
514 flags = STORAGE_NORMAL,\r
515 enddate;\r
516\r
517 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r
518 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r
519 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r
520 flags = STORAGE_NORMAL,\r
521 endtime;\r
522 endif;\r
523 endif;\r
524\r
ecc722ad 525 subtitle text = STRING_TOKEN(STR_NULL);\r
526 subtitle text = STRING_TOKEN(STR_NULL);\r
527\r
528 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
529 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
530 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
531 flags = INTERACTIVE,\r
532 key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r
20333c6d 533\r
ecc722ad 534 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
535 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
536 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
537 flags = INTERACTIVE,\r
538 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r
539\r
540 endform;\r
541\r
20333c6d
QL		 542 //\r
543 // Form: 'Enroll Signature' for DBT options.\r
544 //\r
545 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
546 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
547\r
548 subtitle text = STRING_TOKEN(STR_NULL);\r
549\r
762d8ddb 550 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
20333c6d
QL		 551 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
552 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
553 flags = INTERACTIVE,\r
554 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
555\r
556 subtitle text = STRING_TOKEN(STR_NULL);\r
557 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
558 label LABEL_END;\r
559 subtitle text = STRING_TOKEN(STR_NULL);\r
560\r
561 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
562 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
563 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
564 flags = INTERACTIVE,\r
565 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r
566 minsize = SECURE_BOOT_GUID_SIZE,\r
567 maxsize = SECURE_BOOT_GUID_SIZE,\r
568 endstring;\r
569\r
570 subtitle text = STRING_TOKEN(STR_NULL);\r
571 subtitle text = STRING_TOKEN(STR_NULL);\r
572\r
573 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
574 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
575 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
576 flags = INTERACTIVE,\r
577 key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r
578\r
579 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
580 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
581 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
582 flags = INTERACTIVE,\r
583 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r
584\r
585 endform;\r
586\r
20333c6d 587endformset;
EFI Development Kit II mirror for PVE