]>
Commit | Line | Data |
---|---|---|
beda2356 | 1 | /** @file\r |
2 | VFR file used by the SecureBoot configuration component.\r | |
3 | \r | |
96832eef | 4 | Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>\r |
20333c6d QL |
5 | This program and the accompanying materials\r |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
beda2356 | 8 | http://opensource.org/licenses/bsd-license.php\r |
9 | \r | |
20333c6d | 10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r |
beda2356 | 11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #include "SecureBootConfigNvData.h"\r | |
16 | \r | |
17 | formset\r | |
18 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r | |
19 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r | |
20 | help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r | |
21 | classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r | |
22 | \r | |
23 | varstore SECUREBOOT_CONFIGURATION,\r | |
24 | varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r | |
25 | name = SECUREBOOT_CONFIGURATION,\r | |
26 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r | |
20333c6d | 27 | \r |
ecc722ad | 28 | //\r |
29 | // ##1 Form "Secure Boot Configuration"\r | |
30 | //\r | |
beda2356 | 31 | form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r |
32 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r | |
33 | \r | |
34 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
f71ed839 | 35 | \r |
96832eef CZ |
36 | //\r |
37 | // Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode)\r | |
38 | //\r | |
39 | text\r | |
40 | help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP),\r | |
41 | text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT),\r | |
42 | text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT);\r | |
43 | \r | |
f71ed839 | 44 | text\r |
45 | help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r | |
46 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r | |
47 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r | |
20333c6d | 48 | \r |
ecc722ad | 49 | //\r |
50 | // Define of Check Box: Attempt Secure Boot\r | |
51 | //\r | |
beda2356 | 52 | suppressif TRUE;\r |
53 | checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,\r | |
a2f2c258 | 54 | questionid = KEY_HIDE_SECURE_BOOT,\r |
beda2356 | 55 | prompt = STRING_TOKEN(STR_NULL),\r |
56 | help = STRING_TOKEN(STR_NULL),\r | |
a2f2c258 | 57 | flags = INTERACTIVE,\r |
beda2356 | 58 | endcheckbox;\r |
20333c6d QL |
59 | endif;\r |
60 | \r | |
ecc722ad | 61 | //\r |
62 | // Display of Check Box: Attempt Secure Boot\r | |
63 | //\r | |
beda2356 | 64 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r |
f71ed839 | 65 | checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r |
beda2356 | 66 | questionid = KEY_SECURE_BOOT_ENABLE,\r |
67 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r | |
68 | help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r | |
8f8ca22e | 69 | flags = INTERACTIVE | RESET_REQUIRED,\r |
ecc722ad | 70 | endcheckbox;\r |
71 | endif;\r | |
20333c6d | 72 | \r |
ecc722ad | 73 | //\r |
74 | // Display of Oneof: 'Secure Boot Mode'\r | |
75 | //\r | |
a365eed4 FS |
76 | disableif TRUE;\r |
77 | oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,\r | |
78 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r | |
79 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
80 | flags = INTERACTIVE,\r | |
81 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = 0;\r | |
82 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
83 | endoneof;\r | |
84 | endif;\r | |
85 | oneof name = SecureBootMode,\r | |
20333c6d | 86 | questionid = KEY_SECURE_BOOT_MODE,\r |
a365eed4 FS |
87 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r |
88 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
89 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
90 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r | |
91 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
92 | endoneof;\r | |
20333c6d | 93 | \r |
ecc722ad | 94 | //\r |
96832eef | 95 | // Display PK include page\r |
ecc722ad | 96 | //\r |
a365eed4 | 97 | suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r |
96832eef CZ |
98 | grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r |
99 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
100 | prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r | |
101 | help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r | |
102 | flags = INTERACTIVE,\r | |
103 | key = KEY_SECURE_BOOT_OPTION;\r | |
104 | endif;\r | |
ecc722ad | 105 | endif;\r |
96832eef | 106 | \r |
ecc722ad | 107 | endform;\r |
20333c6d | 108 | \r |
ecc722ad | 109 | //\r |
110 | // ##2 Form: 'Custom Secure Boot Options'\r | |
111 | //\r | |
112 | form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r | |
113 | title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r | |
20333c6d | 114 | \r |
ecc722ad | 115 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 116 | \r |
96832eef CZ |
117 | //\r |
118 | // Display of SetupMode/UserMode/AuditMode/DeployedMode transition\r | |
119 | //\r | |
120 | disableif TRUE;\r | |
121 | oneof varid = SECUREBOOT_CONFIGURATION.TransSecureBootMode,\r | |
122 | prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),\r | |
123 | help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),\r | |
124 | flags = INTERACTIVE,\r | |
125 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE\r | |
126 | OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND\r | |
127 | ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);\r | |
128 | option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;\r | |
129 | endif\r | |
130 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;\r | |
131 | option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;\r | |
132 | endif\r | |
133 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;\r | |
134 | option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;\r | |
135 | endif\r | |
136 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;\r | |
137 | option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;\r | |
138 | endif\r | |
139 | option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = 4, flags = 0;\r | |
140 | endoneof;\r | |
141 | endif;\r | |
142 | oneof name = TransSecureBootMode,\r | |
143 | questionid = KEY_TRANS_SECURE_BOOT_MODE,\r | |
144 | prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),\r | |
145 | help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),\r | |
146 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
147 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE \r | |
148 | OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND\r | |
149 | ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);\r | |
150 | option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;\r | |
151 | endif\r | |
152 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;\r | |
153 | option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;\r | |
154 | endif\r | |
155 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;\r | |
156 | option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;\r | |
157 | endif\r | |
158 | suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;\r | |
159 | option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;\r | |
160 | endif\r | |
161 | \r | |
162 | endoneof;\r | |
163 | \r | |
164 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
165 | \r | |
ecc722ad | 166 | goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r |
167 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r | |
168 | help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r | |
169 | flags = INTERACTIVE,\r | |
170 | key = KEY_SECURE_BOOT_PK_OPTION;\r | |
20333c6d | 171 | \r |
ecc722ad | 172 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 173 | \r |
ecc722ad | 174 | goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r |
175 | prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r | |
176 | help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r | |
177 | flags = INTERACTIVE,\r | |
178 | key = KEY_SECURE_BOOT_KEK_OPTION;\r | |
20333c6d | 179 | \r |
ecc722ad | 180 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 181 | \r |
ecc722ad | 182 | goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r |
183 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r | |
184 | help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r | |
185 | flags = INTERACTIVE,\r | |
186 | key = KEY_SECURE_BOOT_DB_OPTION;\r | |
20333c6d | 187 | \r |
ecc722ad | 188 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 189 | \r |
ecc722ad | 190 | goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r |
191 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r | |
192 | help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r | |
193 | flags = INTERACTIVE,\r | |
194 | key = KEY_SECURE_BOOT_DBX_OPTION;\r | |
195 | \r | |
20333c6d QL |
196 | subtitle text = STRING_TOKEN(STR_NULL);\r |
197 | \r | |
198 | goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
199 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r | |
200 | help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r | |
201 | flags = INTERACTIVE,\r | |
202 | key = KEY_SECURE_BOOT_DBT_OPTION;\r | |
203 | \r | |
ecc722ad | 204 | endform;\r |
20333c6d | 205 | \r |
ecc722ad | 206 | //\r |
207 | // ##3 Form: 'PK Options'\r | |
208 | //\r | |
209 | form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
210 | title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r | |
20333c6d | 211 | \r |
ecc722ad | 212 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 213 | \r |
ecc722ad | 214 | //\r |
215 | // Define of Check Box: 'Delete PK'\r | |
216 | //\r | |
217 | suppressif TRUE;\r | |
218 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
219 | prompt = STRING_TOKEN(STR_NULL),\r | |
220 | help = STRING_TOKEN(STR_NULL),\r | |
221 | endcheckbox;\r | |
222 | endif;\r | |
20333c6d | 223 | \r |
ecc722ad | 224 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r |
225 | goto FORMID_ENROLL_PK_FORM,\r | |
226 | prompt = STRING_TOKEN(STR_ENROLL_PK),\r | |
227 | help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r | |
228 | flags = INTERACTIVE,\r | |
229 | key = KEY_ENROLL_PK;\r | |
230 | endif;\r | |
20333c6d | 231 | \r |
ecc722ad | 232 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 233 | \r |
ecc722ad | 234 | //\r |
20333c6d | 235 | // Display of Check Box: 'Delete Pk'\r |
ecc722ad | 236 | //\r |
237 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r | |
238 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
239 | questionid = KEY_SECURE_BOOT_DELETE_PK,\r | |
20333c6d | 240 | prompt = STRING_TOKEN(STR_DELETE_PK),\r |
ecc722ad | 241 | help = STRING_TOKEN(STR_DELETE_PK_HELP),\r |
0fb450fb | 242 | flags = INTERACTIVE | RESET_REQUIRED,\r |
beda2356 | 243 | endcheckbox;\r |
244 | endif;\r | |
ecc722ad | 245 | endform;\r |
20333c6d | 246 | \r |
ecc722ad | 247 | //\r |
248 | // ##4 Form: 'Enroll PK'\r | |
249 | //\r | |
250 | form formid = FORMID_ENROLL_PK_FORM,\r | |
251 | title = STRING_TOKEN(STR_ENROLL_PK);\r | |
20333c6d | 252 | \r |
ecc722ad | 253 | subtitle text = STRING_TOKEN(STR_NULL);\r |
254 | \r | |
255 | goto FORM_FILE_EXPLORER_ID_PK,\r | |
256 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
257 | help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
258 | flags = INTERACTIVE,\r | |
259 | key = SECUREBOOT_ADD_PK_FILE_FORM_ID;\r | |
260 | endform;\r | |
20333c6d | 261 | \r |
ecc722ad | 262 | //\r |
263 | // ##5 Form: 'KEK Options'\r | |
264 | //\r | |
265 | form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
266 | title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r | |
267 | \r | |
268 | //\r | |
20333c6d | 269 | // Display of 'Enroll KEK'\r |
ecc722ad | 270 | //\r |
271 | goto FORMID_ENROLL_KEK_FORM,\r | |
272 | prompt = STRING_TOKEN(STR_ENROLL_KEK),\r | |
273 | help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r | |
274 | flags = INTERACTIVE;\r | |
20333c6d QL |
275 | \r |
276 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
277 | \r | |
ecc722ad | 278 | //\r |
20333c6d | 279 | // Display of 'Delete KEK'\r |
ecc722ad | 280 | //\r |
281 | goto FORMID_DELETE_KEK_FORM,\r | |
282 | prompt = STRING_TOKEN(STR_DELETE_KEK),\r | |
283 | help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r | |
284 | flags = INTERACTIVE,\r | |
285 | key = KEY_DELETE_KEK;\r | |
20333c6d QL |
286 | \r |
287 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
ecc722ad | 288 | endform;\r |
289 | \r | |
290 | //\r | |
20333c6d | 291 | // ##6 Form: 'Enroll KEK'\r |
ecc722ad | 292 | //\r |
293 | form formid = FORMID_ENROLL_KEK_FORM,\r | |
294 | title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r | |
295 | \r | |
296 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
297 | \r | |
298 | goto FORM_FILE_EXPLORER_ID_KEK,\r | |
299 | prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r | |
300 | help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r | |
301 | flags = INTERACTIVE,\r | |
302 | key = FORMID_ENROLL_KEK_FORM;\r | |
303 | \r | |
304 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
305 | label FORMID_ENROLL_KEK_FORM;\r | |
306 | label LABEL_END;\r | |
307 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
308 | \r | |
309 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
310 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
311 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
312 | flags = INTERACTIVE,\r | |
313 | key = KEY_SECURE_BOOT_KEK_GUID,\r | |
314 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
315 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
316 | endstring;\r | |
317 | \r | |
318 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
319 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
320 | \r | |
321 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
322 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
323 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
324 | flags = INTERACTIVE,\r | |
325 | key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r | |
20333c6d | 326 | \r |
ecc722ad | 327 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
328 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
329 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
330 | flags = INTERACTIVE,\r | |
331 | key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r | |
332 | \r | |
333 | endform;\r | |
334 | \r | |
335 | //\r | |
336 | // ##7 Form: 'Delete KEK'\r | |
20333c6d | 337 | //\r |
ecc722ad | 338 | form formid = FORMID_DELETE_KEK_FORM,\r |
339 | title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r | |
340 | \r | |
341 | label LABEL_KEK_DELETE;\r | |
342 | label LABEL_END;\r | |
20333c6d | 343 | \r |
ecc722ad | 344 | subtitle text = STRING_TOKEN(STR_NULL);\r |
20333c6d | 345 | \r |
ecc722ad | 346 | endform;\r |
347 | \r | |
348 | //\r | |
349 | // ##8 Form: 'DB Options'\r | |
350 | //\r | |
351 | form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
352 | title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r | |
353 | \r | |
354 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
355 | \r | |
356 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
357 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
358 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
359 | flags = 0;\r | |
360 | \r | |
361 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
362 | \r | |
363 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
364 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
365 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
366 | flags = INTERACTIVE,\r | |
367 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r | |
20333c6d | 368 | \r |
ecc722ad | 369 | endform;\r |
370 | \r | |
371 | //\r | |
372 | // ##9 Form: 'DBX Options'\r | |
373 | //\r | |
374 | form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
375 | title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r | |
376 | \r | |
377 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
378 | \r | |
379 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
380 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
381 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
382 | flags = 0;\r | |
383 | \r | |
384 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
385 | \r | |
386 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
387 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
388 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
389 | flags = INTERACTIVE,\r | |
390 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;\r | |
391 | \r | |
392 | endform;\r | |
393 | \r | |
20333c6d QL |
394 | //\r |
395 | // ##9 Form: 'DBT Options'\r | |
396 | //\r | |
397 | form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
398 | title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r | |
399 | \r | |
400 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
401 | \r | |
402 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
403 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
404 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
405 | flags = 0;\r | |
406 | \r | |
407 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
408 | \r | |
409 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
410 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
411 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
412 | flags = INTERACTIVE,\r | |
413 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r | |
414 | \r | |
415 | endform;\r | |
416 | \r | |
ecc722ad | 417 | //\r |
418 | // Form: 'Delete Signature' for DB Options.\r | |
419 | //\r | |
420 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
421 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
422 | \r | |
423 | label LABEL_DB_DELETE;\r | |
424 | label LABEL_END;\r | |
425 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d | 426 | \r |
ecc722ad | 427 | endform;\r |
428 | \r | |
429 | //\r | |
430 | // Form: 'Delete Signature' for DBX Options.\r | |
431 | //\r | |
432 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r | |
433 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
434 | \r | |
435 | label LABEL_DBX_DELETE;\r | |
436 | label LABEL_END;\r | |
437 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
20333c6d QL |
438 | \r |
439 | endform;\r | |
440 | \r | |
441 | //\r | |
442 | // Form: 'Delete Signature' for DBT Options.\r | |
443 | //\r | |
444 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
445 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
446 | \r | |
447 | label LABEL_DBT_DELETE;\r | |
448 | label LABEL_END;\r | |
449 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
450 | \r | |
ecc722ad | 451 | endform;\r |
452 | \r | |
453 | //\r | |
454 | // Form: 'Enroll Signature' for DB options.\r | |
455 | //\r | |
456 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
457 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
458 | \r | |
459 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
460 | \r | |
461 | goto FORM_FILE_EXPLORER_ID_DB,\r | |
462 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
463 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
464 | flags = INTERACTIVE,\r | |
465 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
466 | \r | |
467 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
468 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
469 | label LABEL_END;\r | |
470 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
471 | \r | |
472 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
473 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
474 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
475 | flags = INTERACTIVE,\r | |
476 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r | |
477 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
478 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
479 | endstring;\r | |
480 | \r | |
481 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
482 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
483 | \r | |
484 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
485 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
486 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
487 | flags = INTERACTIVE,\r | |
488 | key = KEY_VALUE_SAVE_AND_EXIT_DB;\r | |
20333c6d | 489 | \r |
ecc722ad | 490 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
491 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
492 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
493 | flags = INTERACTIVE,\r | |
494 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r | |
495 | \r | |
496 | endform;\r | |
497 | \r | |
498 | //\r | |
499 | // Form: 'Enroll Signature' for DBX options.\r | |
500 | //\r | |
501 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
502 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
503 | \r | |
504 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
505 | \r | |
506 | goto FORM_FILE_EXPLORER_ID_DBX,\r | |
507 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
508 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
509 | flags = INTERACTIVE,\r | |
510 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
511 | \r | |
ecc722ad | 512 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r |
513 | label LABEL_END;\r | |
514 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
515 | \r | |
516 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
517 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
518 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
519 | flags = INTERACTIVE,\r | |
520 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r | |
521 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
522 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
523 | endstring;\r | |
524 | \r | |
20333c6d QL |
525 | oneof name = SignatureFormatInDbx,\r |
526 | varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r | |
527 | prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r | |
528 | help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r | |
529 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;\r | |
530 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;\r | |
531 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;\r | |
532 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;\r | |
533 | endoneof;\r | |
534 | \r | |
535 | suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;\r | |
536 | checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r | |
537 | prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r | |
538 | help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r | |
539 | flags = INTERACTIVE,\r | |
540 | endcheckbox;\r | |
541 | \r | |
542 | suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r | |
543 | date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r | |
544 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r | |
545 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r | |
546 | flags = STORAGE_NORMAL,\r | |
547 | enddate;\r | |
548 | \r | |
549 | time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r | |
550 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r | |
551 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r | |
552 | flags = STORAGE_NORMAL,\r | |
553 | endtime;\r | |
554 | endif;\r | |
555 | endif;\r | |
556 | \r | |
ecc722ad | 557 | subtitle text = STRING_TOKEN(STR_NULL);\r |
558 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
559 | \r | |
560 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
561 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
562 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
563 | flags = INTERACTIVE,\r | |
564 | key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r | |
20333c6d | 565 | \r |
ecc722ad | 566 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r |
567 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
568 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
569 | flags = INTERACTIVE,\r | |
570 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r | |
571 | \r | |
572 | endform;\r | |
573 | \r | |
20333c6d QL |
574 | //\r |
575 | // Form: 'Enroll Signature' for DBT options.\r | |
576 | //\r | |
577 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
578 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
579 | \r | |
580 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
581 | \r | |
582 | goto FORM_FILE_EXPLORER_ID_DBT,\r | |
583 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
584 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
585 | flags = INTERACTIVE,\r | |
586 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
587 | \r | |
588 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
589 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
590 | label LABEL_END;\r | |
591 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
592 | \r | |
593 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
594 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
595 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
596 | flags = INTERACTIVE,\r | |
597 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r | |
598 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
599 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
600 | endstring;\r | |
601 | \r | |
602 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
603 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
604 | \r | |
605 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
606 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
607 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
608 | flags = INTERACTIVE,\r | |
609 | key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r | |
610 | \r | |
611 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
612 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
613 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
614 | flags = INTERACTIVE,\r | |
615 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r | |
616 | \r | |
617 | endform;\r | |
618 | \r | |
ecc722ad | 619 | //\r |
620 | // File Explorer for PK\r | |
621 | //\r | |
622 | form formid = FORM_FILE_EXPLORER_ID_PK,\r | |
623 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
624 | \r | |
625 | label FORM_FILE_EXPLORER_ID;\r | |
626 | label LABEL_END;\r | |
627 | endform;\r | |
20333c6d | 628 | \r |
ecc722ad | 629 | //\r |
630 | // File Explorer for KEK\r | |
631 | //\r | |
632 | form formid = FORM_FILE_EXPLORER_ID_KEK,\r | |
633 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
634 | \r | |
635 | label FORM_FILE_EXPLORER_ID;\r | |
636 | label LABEL_END;\r | |
637 | endform;\r | |
638 | \r | |
639 | //\r | |
640 | // File Explorer for DB\r | |
641 | //\r | |
642 | form formid = FORM_FILE_EXPLORER_ID_DB,\r | |
643 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
644 | \r | |
645 | label FORM_FILE_EXPLORER_ID;\r | |
646 | label LABEL_END;\r | |
647 | endform;\r | |
648 | \r | |
649 | //\r | |
650 | // File Explorer for DBX\r | |
651 | //\r | |
652 | form formid = FORM_FILE_EXPLORER_ID_DBX,\r | |
653 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
654 | \r | |
655 | label FORM_FILE_EXPLORER_ID;\r | |
656 | label LABEL_END;\r | |
657 | endform;\r | |
658 | \r | |
20333c6d QL |
659 | //\r |
660 | // File Explorer for DBT\r | |
661 | //\r | |
662 | form formid = FORM_FILE_EXPLORER_ID_DBT,\r | |
663 | title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r | |
664 | \r | |
665 | label FORM_FILE_EXPLORER_ID;\r | |
666 | label LABEL_END;\r | |
667 | endform;\r | |
ecc722ad | 668 | \r |
669 | //\r | |
670 | // Enroll Pk from File Commit Form\r | |
671 | //\r | |
672 | form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,\r | |
673 | title = STRING_TOKEN(STR_SAVE_PK_FILE);\r | |
674 | \r | |
675 | label SECUREBOOT_ADD_PK_FILE_FORM_ID;\r | |
676 | label LABEL_END;\r | |
20333c6d | 677 | \r |
ecc722ad | 678 | subtitle text = STRING_TOKEN(STR_NULL);\r |
679 | \r | |
680 | text\r | |
681 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
682 | text = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
20333c6d | 683 | text = STRING_TOKEN(STR_NULL),\r |
ecc722ad | 684 | flags = INTERACTIVE,\r |
685 | key = KEY_VALUE_SAVE_AND_EXIT_PK;\r | |
686 | \r | |
687 | text\r | |
688 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
689 | text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
20333c6d | 690 | text = STRING_TOKEN(STR_NULL),\r |
ecc722ad | 691 | flags = INTERACTIVE,\r |
692 | key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r | |
beda2356 | 693 | \r |
694 | endform;\r | |
695 | \r | |
20333c6d | 696 | endformset; |