]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | VFR file used by the SecureBoot configuration component.\r | |
3 | \r | |
4 | Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r | |
5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
6 | \r | |
7 | **/\r | |
8 | \r | |
9 | #include "SecureBootConfigNvData.h"\r | |
10 | \r | |
11 | formset\r | |
12 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r | |
13 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r | |
14 | help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r | |
15 | classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r | |
16 | \r | |
17 | varstore SECUREBOOT_CONFIGURATION,\r | |
18 | varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r | |
19 | name = SECUREBOOT_CONFIGURATION,\r | |
20 | guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r | |
21 | \r | |
22 | //\r | |
23 | // ##1 Form "Secure Boot Configuration"\r | |
24 | //\r | |
25 | form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r | |
26 | title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r | |
27 | \r | |
28 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
29 | \r | |
30 | text\r | |
31 | help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r | |
32 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r | |
33 | text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r | |
34 | \r | |
35 | //\r | |
36 | // Display of Check Box: Attempt Secure Boot\r | |
37 | //\r | |
38 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r | |
39 | checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r | |
40 | questionid = KEY_SECURE_BOOT_ENABLE,\r | |
41 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r | |
42 | help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r | |
43 | flags = INTERACTIVE | RESET_REQUIRED,\r | |
44 | endcheckbox;\r | |
45 | endif;\r | |
46 | \r | |
47 | //\r | |
48 | // Display of Oneof: 'Secure Boot Mode'\r | |
49 | //\r | |
50 | oneof name = SecureBootMode,\r | |
51 | questionid = KEY_SECURE_BOOT_MODE,\r | |
52 | prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r | |
53 | help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r | |
54 | flags = INTERACTIVE | NUMERIC_SIZE_1,\r | |
55 | option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r | |
56 | option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r | |
57 | endoneof;\r | |
58 | \r | |
59 | //\r | |
60 | // Display of 'Current Secure Boot Mode'\r | |
61 | //\r | |
62 | suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r | |
63 | grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r | |
64 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
65 | prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r | |
66 | help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r | |
67 | flags = INTERACTIVE,\r | |
68 | key = KEY_SECURE_BOOT_OPTION;\r | |
69 | endif;\r | |
70 | endif;\r | |
71 | \r | |
72 | text\r | |
73 | help = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS_HELP),\r | |
74 | text = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS),\r | |
75 | flags = INTERACTIVE,\r | |
76 | key = KEY_SECURE_BOOT_RESET_TO_DEFAULT;\r | |
77 | \r | |
78 | endform;\r | |
79 | \r | |
80 | //\r | |
81 | // ##2 Form: 'Custom Secure Boot Options'\r | |
82 | //\r | |
83 | form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r | |
84 | title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r | |
85 | \r | |
86 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
87 | \r | |
88 | goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
89 | prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r | |
90 | help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r | |
91 | flags = INTERACTIVE,\r | |
92 | key = KEY_SECURE_BOOT_PK_OPTION;\r | |
93 | \r | |
94 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
95 | \r | |
96 | goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
97 | prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r | |
98 | help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r | |
99 | flags = INTERACTIVE,\r | |
100 | key = KEY_SECURE_BOOT_KEK_OPTION;\r | |
101 | \r | |
102 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
103 | \r | |
104 | goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
105 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r | |
106 | help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r | |
107 | flags = INTERACTIVE,\r | |
108 | key = KEY_SECURE_BOOT_DB_OPTION;\r | |
109 | \r | |
110 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
111 | \r | |
112 | goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
113 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r | |
114 | help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r | |
115 | flags = INTERACTIVE,\r | |
116 | key = KEY_SECURE_BOOT_DBX_OPTION;\r | |
117 | \r | |
118 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
119 | \r | |
120 | goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
121 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r | |
122 | help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r | |
123 | flags = INTERACTIVE,\r | |
124 | key = KEY_SECURE_BOOT_DBT_OPTION;\r | |
125 | \r | |
126 | endform;\r | |
127 | \r | |
128 | //\r | |
129 | // ##3 Form: 'PK Options'\r | |
130 | //\r | |
131 | form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r | |
132 | title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r | |
133 | \r | |
134 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
135 | \r | |
136 | //\r | |
137 | // Display of 'Enroll PK'\r | |
138 | //\r | |
139 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r | |
140 | goto FORMID_ENROLL_PK_FORM,\r | |
141 | prompt = STRING_TOKEN(STR_ENROLL_PK),\r | |
142 | help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r | |
143 | flags = INTERACTIVE,\r | |
144 | key = KEY_ENROLL_PK;\r | |
145 | endif;\r | |
146 | \r | |
147 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
148 | \r | |
149 | //\r | |
150 | // Display of Check Box: 'Delete Pk'\r | |
151 | //\r | |
152 | grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r | |
153 | checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r | |
154 | questionid = KEY_SECURE_BOOT_DELETE_PK,\r | |
155 | prompt = STRING_TOKEN(STR_DELETE_PK),\r | |
156 | help = STRING_TOKEN(STR_DELETE_PK_HELP),\r | |
157 | flags = INTERACTIVE | RESET_REQUIRED,\r | |
158 | endcheckbox;\r | |
159 | endif;\r | |
160 | endform;\r | |
161 | \r | |
162 | //\r | |
163 | // ##4 Form: 'Enroll PK'\r | |
164 | //\r | |
165 | form formid = FORMID_ENROLL_PK_FORM,\r | |
166 | title = STRING_TOKEN(STR_ENROLL_PK);\r | |
167 | \r | |
168 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
169 | \r | |
170 | goto FORMID_ENROLL_PK_FORM,\r | |
171 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
172 | help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r | |
173 | flags = INTERACTIVE,\r | |
174 | key = FORMID_ENROLL_PK_FORM;\r | |
175 | \r | |
176 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
177 | label FORMID_ENROLL_PK_FORM;\r | |
178 | label LABEL_END;\r | |
179 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
180 | \r | |
181 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
182 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
183 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
184 | flags = INTERACTIVE| RESET_REQUIRED,\r | |
185 | key = KEY_VALUE_SAVE_AND_EXIT_PK;\r | |
186 | \r | |
187 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
188 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
189 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
190 | flags = INTERACTIVE,\r | |
191 | key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r | |
192 | \r | |
193 | endform;\r | |
194 | \r | |
195 | //\r | |
196 | // ##5 Form: 'KEK Options'\r | |
197 | //\r | |
198 | form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r | |
199 | title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r | |
200 | \r | |
201 | //\r | |
202 | // Display of 'Enroll KEK'\r | |
203 | //\r | |
204 | goto FORMID_ENROLL_KEK_FORM,\r | |
205 | prompt = STRING_TOKEN(STR_ENROLL_KEK),\r | |
206 | help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r | |
207 | flags = INTERACTIVE;\r | |
208 | \r | |
209 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
210 | \r | |
211 | //\r | |
212 | // Display of 'Delete KEK'\r | |
213 | //\r | |
214 | goto FORMID_DELETE_KEK_FORM,\r | |
215 | prompt = STRING_TOKEN(STR_DELETE_KEK),\r | |
216 | help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r | |
217 | flags = INTERACTIVE,\r | |
218 | key = KEY_DELETE_KEK;\r | |
219 | \r | |
220 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
221 | endform;\r | |
222 | \r | |
223 | //\r | |
224 | // ##6 Form: 'Enroll KEK'\r | |
225 | //\r | |
226 | form formid = FORMID_ENROLL_KEK_FORM,\r | |
227 | title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r | |
228 | \r | |
229 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
230 | \r | |
231 | goto FORMID_ENROLL_KEK_FORM,\r | |
232 | prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r | |
233 | help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r | |
234 | flags = INTERACTIVE,\r | |
235 | key = FORMID_ENROLL_KEK_FORM;\r | |
236 | \r | |
237 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
238 | label FORMID_ENROLL_KEK_FORM;\r | |
239 | label LABEL_END;\r | |
240 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
241 | \r | |
242 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
243 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
244 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
245 | flags = INTERACTIVE,\r | |
246 | key = KEY_SECURE_BOOT_KEK_GUID,\r | |
247 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
248 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
249 | endstring;\r | |
250 | \r | |
251 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
252 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
253 | \r | |
254 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
255 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
256 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
257 | flags = INTERACTIVE,\r | |
258 | key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r | |
259 | \r | |
260 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
261 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
262 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
263 | flags = INTERACTIVE,\r | |
264 | key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r | |
265 | \r | |
266 | endform;\r | |
267 | \r | |
268 | //\r | |
269 | // ##7 Form: 'Delete KEK'\r | |
270 | //\r | |
271 | form formid = FORMID_DELETE_KEK_FORM,\r | |
272 | title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r | |
273 | \r | |
274 | label LABEL_KEK_DELETE;\r | |
275 | label LABEL_END;\r | |
276 | \r | |
277 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
278 | \r | |
279 | endform;\r | |
280 | \r | |
281 | //\r | |
282 | // ##8 Form: 'DB Options'\r | |
283 | //\r | |
284 | form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r | |
285 | title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r | |
286 | \r | |
287 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
288 | \r | |
289 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
290 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
291 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
292 | flags = 0;\r | |
293 | \r | |
294 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
295 | \r | |
296 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
297 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
298 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
299 | flags = INTERACTIVE,\r | |
300 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r | |
301 | \r | |
302 | endform;\r | |
303 | \r | |
304 | //\r | |
305 | // ##9 Form: 'DBX Options'\r | |
306 | //\r | |
307 | form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r | |
308 | title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r | |
309 | \r | |
310 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
311 | \r | |
312 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
313 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
314 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
315 | flags = 0;\r | |
316 | \r | |
317 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
318 | \r | |
319 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
320 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
321 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
322 | flags = INTERACTIVE,\r | |
323 | key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;\r | |
324 | \r | |
325 | endform;\r | |
326 | \r | |
327 | //\r | |
328 | // ##9 Form: 'DBT Options'\r | |
329 | //\r | |
330 | form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r | |
331 | title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r | |
332 | \r | |
333 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
334 | \r | |
335 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
336 | prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
337 | help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r | |
338 | flags = 0;\r | |
339 | \r | |
340 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
341 | \r | |
342 | goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
343 | prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
344 | help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r | |
345 | flags = INTERACTIVE,\r | |
346 | key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r | |
347 | \r | |
348 | endform;\r | |
349 | \r | |
350 | //\r | |
351 | // Form: 'Delete Signature' for DB Options.\r | |
352 | //\r | |
353 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r | |
354 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
355 | \r | |
356 | label LABEL_DB_DELETE;\r | |
357 | label LABEL_END;\r | |
358 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
359 | \r | |
360 | endform;\r | |
361 | \r | |
362 | //\r | |
363 | // Form: Display Signature List.\r | |
364 | //\r | |
365 | form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
366 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);\r | |
367 | \r | |
368 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
369 | \r | |
370 | grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;\r | |
371 | label LABEL_DELETE_ALL_LIST_BUTTON;\r | |
372 | //\r | |
373 | // Will create a goto button dynamically here.\r | |
374 | //\r | |
375 | label LABEL_END;\r | |
376 | endif;\r | |
377 | \r | |
378 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
379 | label LABEL_SIGNATURE_LIST_START;\r | |
380 | label LABEL_END;\r | |
381 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
382 | \r | |
383 | endform;\r | |
384 | \r | |
385 | //\r | |
386 | // Form: Display Signature Data.\r | |
387 | //\r | |
388 | form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,\r | |
389 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);\r | |
390 | \r | |
391 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
392 | \r | |
393 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
394 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),\r | |
395 | help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),\r | |
396 | flags = INTERACTIVE,\r | |
397 | key = KEY_SECURE_BOOT_DELETE_ALL_DATA;\r | |
398 | \r | |
399 | grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;\r | |
400 | goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r | |
401 | prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),\r | |
402 | help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),\r | |
403 | flags = INTERACTIVE,\r | |
404 | key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;\r | |
405 | endif;\r | |
406 | \r | |
407 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
408 | label LABEL_SIGNATURE_DATA_START;\r | |
409 | label LABEL_END;\r | |
410 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
411 | \r | |
412 | endform;\r | |
413 | \r | |
414 | \r | |
415 | //\r | |
416 | // Form: 'Delete Signature' for DBT Options.\r | |
417 | //\r | |
418 | form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r | |
419 | title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r | |
420 | \r | |
421 | label LABEL_DBT_DELETE;\r | |
422 | label LABEL_END;\r | |
423 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
424 | \r | |
425 | endform;\r | |
426 | \r | |
427 | //\r | |
428 | // Form: 'Enroll Signature' for DB options.\r | |
429 | //\r | |
430 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
431 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
432 | \r | |
433 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
434 | \r | |
435 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r | |
436 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
437 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
438 | flags = INTERACTIVE,\r | |
439 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
440 | \r | |
441 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
442 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r | |
443 | label LABEL_END;\r | |
444 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
445 | \r | |
446 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
447 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
448 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
449 | flags = INTERACTIVE,\r | |
450 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r | |
451 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
452 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
453 | endstring;\r | |
454 | \r | |
455 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
456 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
457 | \r | |
458 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
459 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
460 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
461 | flags = INTERACTIVE,\r | |
462 | key = KEY_VALUE_SAVE_AND_EXIT_DB;\r | |
463 | \r | |
464 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
465 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
466 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
467 | flags = INTERACTIVE,\r | |
468 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r | |
469 | \r | |
470 | endform;\r | |
471 | \r | |
472 | //\r | |
473 | // Form: 'Enroll Signature' for DBX options.\r | |
474 | //\r | |
475 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
476 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
477 | \r | |
478 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
479 | \r | |
480 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r | |
481 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
482 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
483 | flags = INTERACTIVE,\r | |
484 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
485 | \r | |
486 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r | |
487 | label LABEL_END;\r | |
488 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
489 | \r | |
490 | grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r | |
491 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
492 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
493 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
494 | flags = INTERACTIVE,\r | |
495 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r | |
496 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
497 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
498 | endstring;\r | |
499 | endif;\r | |
500 | \r | |
501 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r | |
502 | oneof name = X509SignatureFormatInDbx,\r | |
503 | varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r | |
504 | prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r | |
505 | help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r | |
506 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r | |
507 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r | |
508 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r | |
509 | option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r | |
510 | endoneof;\r | |
511 | endif;\r | |
512 | \r | |
513 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r | |
514 | text\r | |
515 | help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r | |
516 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
517 | text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r | |
518 | endif;\r | |
519 | \r | |
520 | disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r | |
521 | text\r | |
522 | help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r | |
523 | text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r | |
524 | text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r | |
525 | endif;\r | |
526 | \r | |
527 | suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r | |
528 | checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r | |
529 | prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r | |
530 | help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r | |
531 | flags = INTERACTIVE,\r | |
532 | endcheckbox;\r | |
533 | \r | |
534 | suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r | |
535 | date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r | |
536 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r | |
537 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r | |
538 | flags = STORAGE_NORMAL,\r | |
539 | enddate;\r | |
540 | \r | |
541 | time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r | |
542 | prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r | |
543 | help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r | |
544 | flags = STORAGE_NORMAL,\r | |
545 | endtime;\r | |
546 | endif;\r | |
547 | endif;\r | |
548 | \r | |
549 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
550 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
551 | \r | |
552 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
553 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
554 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
555 | flags = INTERACTIVE,\r | |
556 | key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r | |
557 | \r | |
558 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
559 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
560 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
561 | flags = INTERACTIVE,\r | |
562 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r | |
563 | \r | |
564 | endform;\r | |
565 | \r | |
566 | //\r | |
567 | // Form: 'Enroll Signature' for DBT options.\r | |
568 | //\r | |
569 | form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
570 | title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r | |
571 | \r | |
572 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
573 | \r | |
574 | goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r | |
575 | prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
576 | help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r | |
577 | flags = INTERACTIVE,\r | |
578 | key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
579 | \r | |
580 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
581 | label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r | |
582 | label LABEL_END;\r | |
583 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
584 | \r | |
585 | string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r | |
586 | prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r | |
587 | help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r | |
588 | flags = INTERACTIVE,\r | |
589 | key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r | |
590 | minsize = SECURE_BOOT_GUID_SIZE,\r | |
591 | maxsize = SECURE_BOOT_GUID_SIZE,\r | |
592 | endstring;\r | |
593 | \r | |
594 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
595 | subtitle text = STRING_TOKEN(STR_NULL);\r | |
596 | \r | |
597 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
598 | prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
599 | help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r | |
600 | flags = INTERACTIVE,\r | |
601 | key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r | |
602 | \r | |
603 | goto FORMID_SECURE_BOOT_OPTION_FORM,\r | |
604 | prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
605 | help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r | |
606 | flags = INTERACTIVE,\r | |
607 | key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r | |
608 | \r | |
609 | endform;\r | |
610 | \r | |
611 | endformset;\r |