]> git.proxmox.com Git - mirror_edk2.git/blame_incremental - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
UefiCpuPkg: Move AsmRelocateApLoopStart from Mpfuncs.nasm to AmdSev.nasm
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
... / ...
CommitLineData
1/** @file\r
2 VFR file used by the SecureBoot configuration component.\r
3\r
4Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r
5SPDX-License-Identifier: BSD-2-Clause-Patent\r
6\r
7**/\r
8\r
9#include "SecureBootConfigNvData.h"\r
10\r
11formset\r
12 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r
13 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r
14 help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r
15 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r
16\r
17 varstore SECUREBOOT_CONFIGURATION,\r
18 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r
19 name = SECUREBOOT_CONFIGURATION,\r
20 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r
21\r
22 //\r
23 // ##1 Form "Secure Boot Configuration"\r
24 //\r
25 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r
26 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r
27\r
28 subtitle text = STRING_TOKEN(STR_NULL);\r
29\r
30 text\r
31 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r
32 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
33 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
34\r
35 //\r
36 // Display of Check Box: Attempt Secure Boot\r
37 //\r
38 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
39 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
40 questionid = KEY_SECURE_BOOT_ENABLE,\r
41 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
42 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r
43 flags = INTERACTIVE | RESET_REQUIRED,\r
44 endcheckbox;\r
45 endif;\r
46\r
47 //\r
48 // Display of Oneof: 'Secure Boot Mode'\r
49 //\r
50 oneof name = SecureBootMode,\r
51 questionid = KEY_SECURE_BOOT_MODE,\r
52 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
53 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
54 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
55 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
56 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
57 endoneof;\r
58\r
59 //\r
60 // Display of 'Current Secure Boot Mode'\r
61 //\r
62 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
63 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
64 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
65 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
66 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
67 flags = INTERACTIVE,\r
68 key = KEY_SECURE_BOOT_OPTION;\r
69 endif;\r
70 endif;\r
71\r
72 text\r
73 help = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS_HELP),\r
74 text = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS),\r
75 flags = INTERACTIVE,\r
76 key = KEY_SECURE_BOOT_RESET_TO_DEFAULT;\r
77\r
78 endform;\r
79\r
80 //\r
81 // ##2 Form: 'Custom Secure Boot Options'\r
82 //\r
83 form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r
84 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r
85\r
86 subtitle text = STRING_TOKEN(STR_NULL);\r
87\r
88 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
89 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r
90 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r
91 flags = INTERACTIVE,\r
92 key = KEY_SECURE_BOOT_PK_OPTION;\r
93\r
94 subtitle text = STRING_TOKEN(STR_NULL);\r
95\r
96 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
97 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r
98 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r
99 flags = INTERACTIVE,\r
100 key = KEY_SECURE_BOOT_KEK_OPTION;\r
101\r
102 subtitle text = STRING_TOKEN(STR_NULL);\r
103\r
104 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
105 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r
106 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r
107 flags = INTERACTIVE,\r
108 key = KEY_SECURE_BOOT_DB_OPTION;\r
109\r
110 subtitle text = STRING_TOKEN(STR_NULL);\r
111\r
112 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
113 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r
114 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r
115 flags = INTERACTIVE,\r
116 key = KEY_SECURE_BOOT_DBX_OPTION;\r
117\r
118 subtitle text = STRING_TOKEN(STR_NULL);\r
119\r
120 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
121 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r
122 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r
123 flags = INTERACTIVE,\r
124 key = KEY_SECURE_BOOT_DBT_OPTION;\r
125\r
126 endform;\r
127\r
128 //\r
129 // ##3 Form: 'PK Options'\r
130 //\r
131 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
132 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r
133\r
134 subtitle text = STRING_TOKEN(STR_NULL);\r
135\r
136 //\r
137 // Display of 'Enroll PK'\r
138 //\r
139 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
140 goto FORMID_ENROLL_PK_FORM,\r
141 prompt = STRING_TOKEN(STR_ENROLL_PK),\r
142 help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r
143 flags = INTERACTIVE,\r
144 key = KEY_ENROLL_PK;\r
145 endif;\r
146\r
147 subtitle text = STRING_TOKEN(STR_NULL);\r
148\r
149 //\r
150 // Display of Check Box: 'Delete Pk'\r
151 //\r
152 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
153 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
154 questionid = KEY_SECURE_BOOT_DELETE_PK,\r
155 prompt = STRING_TOKEN(STR_DELETE_PK),\r
156 help = STRING_TOKEN(STR_DELETE_PK_HELP),\r
157 flags = INTERACTIVE | RESET_REQUIRED,\r
158 endcheckbox;\r
159 endif;\r
160 endform;\r
161\r
162 //\r
163 // ##4 Form: 'Enroll PK'\r
164 //\r
165 form formid = FORMID_ENROLL_PK_FORM,\r
166 title = STRING_TOKEN(STR_ENROLL_PK);\r
167\r
168 subtitle text = STRING_TOKEN(STR_NULL);\r
169\r
170 goto FORMID_ENROLL_PK_FORM,\r
171 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
172 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
173 flags = INTERACTIVE,\r
174 key = FORMID_ENROLL_PK_FORM;\r
175\r
176 subtitle text = STRING_TOKEN(STR_NULL);\r
177 label FORMID_ENROLL_PK_FORM;\r
178 label LABEL_END;\r
179 subtitle text = STRING_TOKEN(STR_NULL);\r
180\r
181 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
182 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
183 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
184 flags = INTERACTIVE| RESET_REQUIRED,\r
185 key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
186\r
187 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
188 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
189 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
190 flags = INTERACTIVE,\r
191 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
192\r
193 endform;\r
194\r
195 //\r
196 // ##5 Form: 'KEK Options'\r
197 //\r
198 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
199 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r
200\r
201 //\r
202 // Display of 'Enroll KEK'\r
203 //\r
204 goto FORMID_ENROLL_KEK_FORM,\r
205 prompt = STRING_TOKEN(STR_ENROLL_KEK),\r
206 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r
207 flags = INTERACTIVE;\r
208\r
209 subtitle text = STRING_TOKEN(STR_NULL);\r
210\r
211 //\r
212 // Display of 'Delete KEK'\r
213 //\r
214 goto FORMID_DELETE_KEK_FORM,\r
215 prompt = STRING_TOKEN(STR_DELETE_KEK),\r
216 help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r
217 flags = INTERACTIVE,\r
218 key = KEY_DELETE_KEK;\r
219\r
220 subtitle text = STRING_TOKEN(STR_NULL);\r
221 endform;\r
222\r
223 //\r
224 // ##6 Form: 'Enroll KEK'\r
225 //\r
226 form formid = FORMID_ENROLL_KEK_FORM,\r
227 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r
228\r
229 subtitle text = STRING_TOKEN(STR_NULL);\r
230\r
231 goto FORMID_ENROLL_KEK_FORM,\r
232 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
233 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
234 flags = INTERACTIVE,\r
235 key = FORMID_ENROLL_KEK_FORM;\r
236\r
237 subtitle text = STRING_TOKEN(STR_NULL);\r
238 label FORMID_ENROLL_KEK_FORM;\r
239 label LABEL_END;\r
240 subtitle text = STRING_TOKEN(STR_NULL);\r
241\r
242 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
243 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
244 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
245 flags = INTERACTIVE,\r
246 key = KEY_SECURE_BOOT_KEK_GUID,\r
247 minsize = SECURE_BOOT_GUID_SIZE,\r
248 maxsize = SECURE_BOOT_GUID_SIZE,\r
249 endstring;\r
250\r
251 subtitle text = STRING_TOKEN(STR_NULL);\r
252 subtitle text = STRING_TOKEN(STR_NULL);\r
253\r
254 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
255 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
256 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
257 flags = INTERACTIVE,\r
258 key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r
259\r
260 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
261 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
262 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
263 flags = INTERACTIVE,\r
264 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r
265\r
266 endform;\r
267\r
268 //\r
269 // ##7 Form: 'Delete KEK'\r
270 //\r
271 form formid = FORMID_DELETE_KEK_FORM,\r
272 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r
273\r
274 label LABEL_KEK_DELETE;\r
275 label LABEL_END;\r
276\r
277 subtitle text = STRING_TOKEN(STR_NULL);\r
278\r
279 endform;\r
280\r
281 //\r
282 // ##8 Form: 'DB Options'\r
283 //\r
284 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
285 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r
286\r
287 subtitle text = STRING_TOKEN(STR_NULL);\r
288\r
289 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
290 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
291 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
292 flags = 0;\r
293\r
294 subtitle text = STRING_TOKEN(STR_NULL);\r
295\r
296 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
297 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
298 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
299 flags = INTERACTIVE,\r
300 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r
301\r
302 endform;\r
303\r
304 //\r
305 // ##9 Form: 'DBX Options'\r
306 //\r
307 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
308 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r
309\r
310 subtitle text = STRING_TOKEN(STR_NULL);\r
311\r
312 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
313 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
314 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
315 flags = 0;\r
316\r
317 subtitle text = STRING_TOKEN(STR_NULL);\r
318\r
319 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
320 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
321 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
322 flags = INTERACTIVE,\r
323 key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;\r
324\r
325 endform;\r
326\r
327 //\r
328 // ##9 Form: 'DBT Options'\r
329 //\r
330 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
331 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r
332\r
333 subtitle text = STRING_TOKEN(STR_NULL);\r
334\r
335 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
336 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
337 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
338 flags = 0;\r
339\r
340 subtitle text = STRING_TOKEN(STR_NULL);\r
341\r
342 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
343 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
344 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
345 flags = INTERACTIVE,\r
346 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r
347\r
348 endform;\r
349\r
350 //\r
351 // Form: 'Delete Signature' for DB Options.\r
352 //\r
353 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
354 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
355\r
356 label LABEL_DB_DELETE;\r
357 label LABEL_END;\r
358 subtitle text = STRING_TOKEN(STR_NULL);\r
359\r
360 endform;\r
361\r
362 //\r
363 // Form: Display Signature List.\r
364 //\r
365 form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
366 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);\r
367\r
368 subtitle text = STRING_TOKEN(STR_NULL);\r
369\r
370 grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;\r
371 label LABEL_DELETE_ALL_LIST_BUTTON;\r
372 //\r
373 // Will create a goto button dynamically here.\r
374 //\r
375 label LABEL_END;\r
376 endif;\r
377\r
378 subtitle text = STRING_TOKEN(STR_NULL);\r
379 label LABEL_SIGNATURE_LIST_START;\r
380 label LABEL_END;\r
381 subtitle text = STRING_TOKEN(STR_NULL);\r
382\r
383 endform;\r
384\r
385 //\r
386 // Form: Display Signature Data.\r
387 //\r
388 form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,\r
389 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);\r
390\r
391 subtitle text = STRING_TOKEN(STR_NULL);\r
392\r
393 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
394 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),\r
395 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),\r
396 flags = INTERACTIVE,\r
397 key = KEY_SECURE_BOOT_DELETE_ALL_DATA;\r
398\r
399 grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;\r
400 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
401 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),\r
402 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),\r
403 flags = INTERACTIVE,\r
404 key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;\r
405 endif;\r
406\r
407 subtitle text = STRING_TOKEN(STR_NULL);\r
408 label LABEL_SIGNATURE_DATA_START;\r
409 label LABEL_END;\r
410 subtitle text = STRING_TOKEN(STR_NULL);\r
411\r
412 endform;\r
413\r
414\r
415 //\r
416 // Form: 'Delete Signature' for DBT Options.\r
417 //\r
418 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
419 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
420\r
421 label LABEL_DBT_DELETE;\r
422 label LABEL_END;\r
423 subtitle text = STRING_TOKEN(STR_NULL);\r
424\r
425 endform;\r
426\r
427 //\r
428 // Form: 'Enroll Signature' for DB options.\r
429 //\r
430 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
431 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
432\r
433 subtitle text = STRING_TOKEN(STR_NULL);\r
434\r
435 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
436 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
437 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
438 flags = INTERACTIVE,\r
439 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
440\r
441 subtitle text = STRING_TOKEN(STR_NULL);\r
442 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
443 label LABEL_END;\r
444 subtitle text = STRING_TOKEN(STR_NULL);\r
445\r
446 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
447 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
448 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
449 flags = INTERACTIVE,\r
450 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r
451 minsize = SECURE_BOOT_GUID_SIZE,\r
452 maxsize = SECURE_BOOT_GUID_SIZE,\r
453 endstring;\r
454\r
455 subtitle text = STRING_TOKEN(STR_NULL);\r
456 subtitle text = STRING_TOKEN(STR_NULL);\r
457\r
458 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
459 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
460 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
461 flags = INTERACTIVE,\r
462 key = KEY_VALUE_SAVE_AND_EXIT_DB;\r
463\r
464 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
465 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
466 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
467 flags = INTERACTIVE,\r
468 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r
469\r
470 endform;\r
471\r
472 //\r
473 // Form: 'Enroll Signature' for DBX options.\r
474 //\r
475 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
476 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
477\r
478 subtitle text = STRING_TOKEN(STR_NULL);\r
479\r
480 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
481 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
482 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
483 flags = INTERACTIVE,\r
484 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
485\r
486 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
487 label LABEL_END;\r
488 subtitle text = STRING_TOKEN(STR_NULL);\r
489\r
490 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
491 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
492 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
493 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
494 flags = INTERACTIVE,\r
495 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
496 minsize = SECURE_BOOT_GUID_SIZE,\r
497 maxsize = SECURE_BOOT_GUID_SIZE,\r
498 endstring;\r
499 endif;\r
500\r
501 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r
502 oneof name = X509SignatureFormatInDbx,\r
503 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
504 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
505 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
506 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r
507 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r
508 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r
509 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r
510 endoneof;\r
511 endif;\r
512\r
513 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r
514 text\r
515 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r
516 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
517 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r
518 endif;\r
519\r
520 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
521 text\r
522 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r
523 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
524 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r
525 endif;\r
526\r
527 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r
528 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
529 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
530 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
531 flags = INTERACTIVE,\r
532 endcheckbox;\r
533\r
534 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r
535 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r
536 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r
537 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r
538 flags = STORAGE_NORMAL,\r
539 enddate;\r
540\r
541 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r
542 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r
543 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r
544 flags = STORAGE_NORMAL,\r
545 endtime;\r
546 endif;\r
547 endif;\r
548\r
549 subtitle text = STRING_TOKEN(STR_NULL);\r
550 subtitle text = STRING_TOKEN(STR_NULL);\r
551\r
552 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
553 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
554 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
555 flags = INTERACTIVE,\r
556 key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r
557\r
558 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
559 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
560 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
561 flags = INTERACTIVE,\r
562 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r
563\r
564 endform;\r
565\r
566 //\r
567 // Form: 'Enroll Signature' for DBT options.\r
568 //\r
569 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
570 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
571\r
572 subtitle text = STRING_TOKEN(STR_NULL);\r
573\r
574 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
575 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
576 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
577 flags = INTERACTIVE,\r
578 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
579\r
580 subtitle text = STRING_TOKEN(STR_NULL);\r
581 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
582 label LABEL_END;\r
583 subtitle text = STRING_TOKEN(STR_NULL);\r
584\r
585 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
586 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
587 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
588 flags = INTERACTIVE,\r
589 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r
590 minsize = SECURE_BOOT_GUID_SIZE,\r
591 maxsize = SECURE_BOOT_GUID_SIZE,\r
592 endstring;\r
593\r
594 subtitle text = STRING_TOKEN(STR_NULL);\r
595 subtitle text = STRING_TOKEN(STR_NULL);\r
596\r
597 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
598 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
599 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
600 flags = INTERACTIVE,\r
601 key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r
602\r
603 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
604 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
605 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
606 flags = INTERACTIVE,\r
607 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r
608\r
609 endform;\r
610\r
611endformset;\r
EFI Development Kit II mirror for PVE