]> git.proxmox.com Git - mirror_edk2.git/blame - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SecurityPkg/SecureBootConfigImpl.c: Secure Boot DBX UI Enhancement
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
CommitLineData
beda2356 1/** @file\r
2 VFR file used by the SecureBoot configuration component.\r
3\r
4de754e1 4Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r
20333c6d
QL		 5This program and the accompanying materials\r
6are licensed and made available under the terms and conditions of the BSD License\r
7which accompanies this distribution. The full text of the license may be found at\r
beda2356 8http://opensource.org/licenses/bsd-license.php\r
9\r
20333c6d 10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
beda2356 11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
12\r
13**/\r
14\r
15#include "SecureBootConfigNvData.h"\r
16\r
17formset\r
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r
22\r
23 varstore SECUREBOOT_CONFIGURATION,\r
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r
25 name = SECUREBOOT_CONFIGURATION,\r
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r
20333c6d 27\r
ecc722ad 28 //\r
29 // ##1 Form "Secure Boot Configuration"\r
30 //\r
beda2356 31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r
33\r
34 subtitle text = STRING_TOKEN(STR_NULL);\r
f71ed839 35\r
36 text\r
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
20333c6d 40\r
ecc722ad 41 //\r
42 // Display of Check Box: Attempt Secure Boot\r
43 //\r
e8903bb7 44 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
f71ed839 45 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
beda2356 46 questionid = KEY_SECURE_BOOT_ENABLE,\r
47 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
48 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r
8f8ca22e 49 flags = INTERACTIVE | RESET_REQUIRED,\r
ecc722ad 50 endcheckbox;\r
51 endif;\r
20333c6d 52\r
ecc722ad 53 //\r
54 // Display of Oneof: 'Secure Boot Mode'\r
55 //\r
142d2dcb
CZ		 56 oneof name = SecureBootMode,\r
57 questionid = KEY_SECURE_BOOT_MODE,\r
58 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
59 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
60 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
61 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
62 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
63 endoneof;\r
20333c6d 64\r
ecc722ad 65 //\r
12087ff6 66 // Display of 'Current Secure Boot Mode'\r
ecc722ad 67 //\r
a365eed4 68 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
96832eef
CZ		 69 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
70 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
71 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
72 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
73 flags = INTERACTIVE,\r
74 key = KEY_SECURE_BOOT_OPTION;\r
75 endif;\r
ecc722ad 76 endif;\r
96832eef 77\r
ecc722ad 78 endform;\r
20333c6d 79\r
ecc722ad 80 //\r
81 // ##2 Form: 'Custom Secure Boot Options'\r
82 //\r
83 form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r
84 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r
20333c6d 85\r
ecc722ad 86 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 87\r
ecc722ad 88 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
89 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r
90 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r
91 flags = INTERACTIVE,\r
92 key = KEY_SECURE_BOOT_PK_OPTION;\r
20333c6d 93\r
ecc722ad 94 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 95\r
ecc722ad 96 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
97 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r
98 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r
99 flags = INTERACTIVE,\r
100 key = KEY_SECURE_BOOT_KEK_OPTION;\r
20333c6d 101\r
ecc722ad 102 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 103\r
ecc722ad 104 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
105 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r
106 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r
107 flags = INTERACTIVE,\r
108 key = KEY_SECURE_BOOT_DB_OPTION;\r
20333c6d 109\r
ecc722ad 110 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 111\r
ecc722ad 112 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
113 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r
114 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r
115 flags = INTERACTIVE,\r
116 key = KEY_SECURE_BOOT_DBX_OPTION;\r
117\r
20333c6d
QL		 118 subtitle text = STRING_TOKEN(STR_NULL);\r
119\r
120 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
121 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r
122 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r
123 flags = INTERACTIVE,\r
124 key = KEY_SECURE_BOOT_DBT_OPTION;\r
125\r
ecc722ad 126 endform;\r
20333c6d 127\r
ecc722ad 128 //\r
129 // ##3 Form: 'PK Options'\r
130 //\r
131 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
132 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r
20333c6d 133\r
ecc722ad 134 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 135\r
ecc722ad 136 //\r
142d2dcb 137 // Display of 'Enroll PK'\r
ecc722ad 138 //\r
ecc722ad 139 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
140 goto FORMID_ENROLL_PK_FORM,\r
141 prompt = STRING_TOKEN(STR_ENROLL_PK),\r
142 help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r
143 flags = INTERACTIVE,\r
144 key = KEY_ENROLL_PK;\r
145 endif;\r
20333c6d 146\r
ecc722ad 147 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 148\r
ecc722ad 149 //\r
20333c6d 150 // Display of Check Box: 'Delete Pk'\r
ecc722ad 151 //\r
152 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
153 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
154 questionid = KEY_SECURE_BOOT_DELETE_PK,\r
20333c6d 155 prompt = STRING_TOKEN(STR_DELETE_PK),\r
ecc722ad 156 help = STRING_TOKEN(STR_DELETE_PK_HELP),\r
0fb450fb 157 flags = INTERACTIVE | RESET_REQUIRED,\r
beda2356 158 endcheckbox;\r
159 endif;\r
ecc722ad 160 endform;\r
20333c6d 161\r
ecc722ad 162 //\r
163 // ##4 Form: 'Enroll PK'\r
164 //\r
165 form formid = FORMID_ENROLL_PK_FORM,\r
166 title = STRING_TOKEN(STR_ENROLL_PK);\r
20333c6d 167\r
ecc722ad 168 subtitle text = STRING_TOKEN(STR_NULL);\r
169\r
762d8ddb 170 goto FORMID_ENROLL_PK_FORM,\r
ecc722ad 171 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
172 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
173 flags = INTERACTIVE,\r
762d8ddb
DB		 174 key = FORMID_ENROLL_PK_FORM;\r
175\r
176 subtitle text = STRING_TOKEN(STR_NULL);\r
177 label FORMID_ENROLL_PK_FORM;\r
178 label LABEL_END;\r
179 subtitle text = STRING_TOKEN(STR_NULL);\r
180\r
181 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
182 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
183 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
184 flags = INTERACTIVE| RESET_REQUIRED,\r
185 key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
186\r
187 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
188 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
189 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
190 flags = INTERACTIVE,\r
191 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
192\r
ecc722ad 193 endform;\r
20333c6d 194\r
ecc722ad 195 //\r
196 // ##5 Form: 'KEK Options'\r
197 //\r
198 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
199 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r
200\r
201 //\r
20333c6d 202 // Display of 'Enroll KEK'\r
ecc722ad 203 //\r
204 goto FORMID_ENROLL_KEK_FORM,\r
205 prompt = STRING_TOKEN(STR_ENROLL_KEK),\r
206 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r
207 flags = INTERACTIVE;\r
20333c6d
QL		 208\r
209 subtitle text = STRING_TOKEN(STR_NULL);\r
210\r
ecc722ad 211 //\r
20333c6d 212 // Display of 'Delete KEK'\r
ecc722ad 213 //\r
214 goto FORMID_DELETE_KEK_FORM,\r
215 prompt = STRING_TOKEN(STR_DELETE_KEK),\r
216 help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r
217 flags = INTERACTIVE,\r
218 key = KEY_DELETE_KEK;\r
20333c6d
QL		 219\r
220 subtitle text = STRING_TOKEN(STR_NULL);\r
ecc722ad 221 endform;\r
222\r
223 //\r
20333c6d 224 // ##6 Form: 'Enroll KEK'\r
ecc722ad 225 //\r
226 form formid = FORMID_ENROLL_KEK_FORM,\r
227 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r
228\r
229 subtitle text = STRING_TOKEN(STR_NULL);\r
230\r
762d8ddb 231 goto FORMID_ENROLL_KEK_FORM,\r
ecc722ad 232 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
233 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
234 flags = INTERACTIVE,\r
235 key = FORMID_ENROLL_KEK_FORM;\r
236\r
237 subtitle text = STRING_TOKEN(STR_NULL);\r
238 label FORMID_ENROLL_KEK_FORM;\r
239 label LABEL_END;\r
240 subtitle text = STRING_TOKEN(STR_NULL);\r
241\r
242 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
243 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
244 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
245 flags = INTERACTIVE,\r
246 key = KEY_SECURE_BOOT_KEK_GUID,\r
247 minsize = SECURE_BOOT_GUID_SIZE,\r
248 maxsize = SECURE_BOOT_GUID_SIZE,\r
249 endstring;\r
250\r
251 subtitle text = STRING_TOKEN(STR_NULL);\r
252 subtitle text = STRING_TOKEN(STR_NULL);\r
253\r
254 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
255 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
256 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
257 flags = INTERACTIVE,\r
258 key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r
20333c6d 259\r
ecc722ad 260 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
261 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
262 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
263 flags = INTERACTIVE,\r
264 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r
265\r
266 endform;\r
267\r
268 //\r
269 // ##7 Form: 'Delete KEK'\r
20333c6d 270 //\r
ecc722ad 271 form formid = FORMID_DELETE_KEK_FORM,\r
272 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r
273\r
274 label LABEL_KEK_DELETE;\r
275 label LABEL_END;\r
20333c6d 276\r
ecc722ad 277 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 278\r
ecc722ad 279 endform;\r
280\r
281 //\r
282 // ##8 Form: 'DB Options'\r
283 //\r
284 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
285 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r
286\r
287 subtitle text = STRING_TOKEN(STR_NULL);\r
288\r
289 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
290 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
291 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
292 flags = 0;\r
293\r
294 subtitle text = STRING_TOKEN(STR_NULL);\r
295\r
296 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
297 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
298 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
299 flags = INTERACTIVE,\r
300 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r
20333c6d 301\r
ecc722ad 302 endform;\r
303\r
304 //\r
305 // ##9 Form: 'DBX Options'\r
306 //\r
307 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
308 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r
309\r
310 subtitle text = STRING_TOKEN(STR_NULL);\r
311\r
312 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
313 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
314 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
315 flags = 0;\r
316\r
317 subtitle text = STRING_TOKEN(STR_NULL);\r
318\r
85974aef 319 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
ecc722ad 320 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
321 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
322 flags = INTERACTIVE,\r
85974aef 323 key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;\r
ecc722ad 324\r
325 endform;\r
326\r
20333c6d
QL		 327 //\r
328 // ##9 Form: 'DBT Options'\r
329 //\r
330 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
331 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r
332\r
333 subtitle text = STRING_TOKEN(STR_NULL);\r
334\r
335 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
336 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
337 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
338 flags = 0;\r
339\r
340 subtitle text = STRING_TOKEN(STR_NULL);\r
341\r
342 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
343 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
344 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
345 flags = INTERACTIVE,\r
346 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r
347\r
348 endform;\r
349\r
ecc722ad 350 //\r
351 // Form: 'Delete Signature' for DB Options.\r
352 //\r
353 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
354 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
355\r
356 label LABEL_DB_DELETE;\r
357 label LABEL_END;\r
358 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d 359\r
ecc722ad 360 endform;\r
361\r
362 //\r
85974aef 363 // Form: Display Signature List.\r
ecc722ad 364 //\r
85974aef 365 form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
366 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);\r
367\r
368 subtitle text = STRING_TOKEN(STR_NULL);\r
369\r
370 grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;\r
371 label LABEL_DELETE_ALL_LIST_BUTTON;\r
372 //\r
373 // Will create a goto button dynamically here.\r
374 //\r
375 label LABEL_END;\r
376 endif;\r
377\r
378 subtitle text = STRING_TOKEN(STR_NULL);\r
379 label LABEL_SIGNATURE_LIST_START;\r
380 label LABEL_END;\r
381 subtitle text = STRING_TOKEN(STR_NULL);\r
ecc722ad 382\r
85974aef 383 endform;\r
384\r
385 //\r
386 // Form: Display Signature Data.\r
387 //\r
388 form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,\r
389 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);\r
390\r
391 subtitle text = STRING_TOKEN(STR_NULL);\r
392\r
393 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
394 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),\r
395 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),\r
396 flags = INTERACTIVE,\r
397 key = KEY_SECURE_BOOT_DELETE_ALL_DATA;\r
398\r
399 grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;\r
400 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
401 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),\r
402 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),\r
403 flags = INTERACTIVE,\r
404 key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;\r
405 endif;\r
406\r
407 subtitle text = STRING_TOKEN(STR_NULL);\r
408 label LABEL_SIGNATURE_DATA_START;\r
ecc722ad 409 label LABEL_END;\r
410 subtitle text = STRING_TOKEN(STR_NULL);\r
20333c6d
QL		 411\r
412 endform;\r
413\r
85974aef 414\r
20333c6d
QL		 415 //\r
416 // Form: 'Delete Signature' for DBT Options.\r
417 //\r
418 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
419 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
420\r
421 label LABEL_DBT_DELETE;\r
422 label LABEL_END;\r
423 subtitle text = STRING_TOKEN(STR_NULL);\r
424\r
ecc722ad 425 endform;\r
426\r
427 //\r
428 // Form: 'Enroll Signature' for DB options.\r
429 //\r
430 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
431 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
432\r
433 subtitle text = STRING_TOKEN(STR_NULL);\r
434\r
762d8ddb 435 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
ecc722ad 436 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
437 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
438 flags = INTERACTIVE,\r
439 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
440\r
441 subtitle text = STRING_TOKEN(STR_NULL);\r
442 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
443 label LABEL_END;\r
444 subtitle text = STRING_TOKEN(STR_NULL);\r
445\r
446 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
447 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
448 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
449 flags = INTERACTIVE,\r
450 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r
451 minsize = SECURE_BOOT_GUID_SIZE,\r
452 maxsize = SECURE_BOOT_GUID_SIZE,\r
453 endstring;\r
454\r
455 subtitle text = STRING_TOKEN(STR_NULL);\r
456 subtitle text = STRING_TOKEN(STR_NULL);\r
457\r
458 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
459 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
460 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
461 flags = INTERACTIVE,\r
462 key = KEY_VALUE_SAVE_AND_EXIT_DB;\r
20333c6d 463\r
ecc722ad 464 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
465 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
466 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
467 flags = INTERACTIVE,\r
468 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r
469\r
470 endform;\r
471\r
472 //\r
473 // Form: 'Enroll Signature' for DBX options.\r
474 //\r
475 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
476 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
477\r
478 subtitle text = STRING_TOKEN(STR_NULL);\r
479\r
762d8ddb 480 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
ecc722ad 481 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
482 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
483 flags = INTERACTIVE,\r
484 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
485\r
ecc722ad 486 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
487 label LABEL_END;\r
488 subtitle text = STRING_TOKEN(STR_NULL);\r
489\r
4de754e1
ZC		 490 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
491 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
492 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
493 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
494 flags = INTERACTIVE,\r
495 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
496 minsize = SECURE_BOOT_GUID_SIZE,\r
497 maxsize = SECURE_BOOT_GUID_SIZE,\r
498 endstring;\r
499 endif;\r
ecc722ad 500\r
4de754e1
ZC		 501 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r
502 oneof name = X509SignatureFormatInDbx,\r
503 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
504 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
505 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
506 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r
507 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r
508 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r
509 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r
510 endoneof;\r
511 endif;\r
512\r
513 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r
514 text\r
515 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r
516 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
517 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r
518 endif;\r
519\r
520 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
521 text\r
522 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r
523 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
524 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r
525 endif;\r
20333c6d 526\r
e9429e79 527 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r
20333c6d
QL		 528 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
529 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
530 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
531 flags = INTERACTIVE,\r
532 endcheckbox;\r
533\r
534 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r
535 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r
536 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r
537 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r
538 flags = STORAGE_NORMAL,\r
539 enddate;\r
540\r
541 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r
542 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r
543 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r
544 flags = STORAGE_NORMAL,\r
545 endtime;\r
546 endif;\r
547 endif;\r
548\r
ecc722ad 549 subtitle text = STRING_TOKEN(STR_NULL);\r
550 subtitle text = STRING_TOKEN(STR_NULL);\r
551\r
552 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
553 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
554 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
555 flags = INTERACTIVE,\r
556 key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r
20333c6d 557\r
ecc722ad 558 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
559 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
560 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
561 flags = INTERACTIVE,\r
562 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r
563\r
564 endform;\r
565\r
20333c6d
QL		 566 //\r
567 // Form: 'Enroll Signature' for DBT options.\r
568 //\r
569 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
570 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
571\r
572 subtitle text = STRING_TOKEN(STR_NULL);\r
573\r
762d8ddb 574 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
20333c6d
QL		 575 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
576 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
577 flags = INTERACTIVE,\r
578 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
579\r
580 subtitle text = STRING_TOKEN(STR_NULL);\r
581 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
582 label LABEL_END;\r
583 subtitle text = STRING_TOKEN(STR_NULL);\r
584\r
585 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
586 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
587 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
588 flags = INTERACTIVE,\r
589 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r
590 minsize = SECURE_BOOT_GUID_SIZE,\r
591 maxsize = SECURE_BOOT_GUID_SIZE,\r
592 endstring;\r
593\r
594 subtitle text = STRING_TOKEN(STR_NULL);\r
595 subtitle text = STRING_TOKEN(STR_NULL);\r
596\r
597 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
598 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
599 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
600 flags = INTERACTIVE,\r
601 key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r
602\r
603 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
604 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
605 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
606 flags = INTERACTIVE,\r
607 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r
608\r
609 endform;\r
610\r
20333c6d 611endformset;
EFI Development Kit II mirror for PVE