]> git.proxmox.com Git - mirror_edk2.git/blame_incremental - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
SecurityPkg: SecureBootConfigDxe: Support AUTH_2 enrollment to DBX
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
... / ...
CommitLineData
1/** @file\r
2 VFR file used by the SecureBoot configuration component.\r
3\r
4Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r
5This program and the accompanying materials\r
6are licensed and made available under the terms and conditions of the BSD License\r
7which accompanies this distribution. The full text of the license may be found at\r
8http://opensource.org/licenses/bsd-license.php\r
9\r
10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
12\r
13**/\r
14\r
15#include "SecureBootConfigNvData.h"\r
16\r
17formset\r
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r
22\r
23 varstore SECUREBOOT_CONFIGURATION,\r
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r
25 name = SECUREBOOT_CONFIGURATION,\r
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r
27\r
28 //\r
29 // ##1 Form "Secure Boot Configuration"\r
30 //\r
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r
33\r
34 subtitle text = STRING_TOKEN(STR_NULL);\r
35\r
36 text\r
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
40\r
41 //\r
42 // Display of Check Box: Attempt Secure Boot\r
43 //\r
44 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
45 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
46 questionid = KEY_SECURE_BOOT_ENABLE,\r
47 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
48 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r
49 flags = INTERACTIVE | RESET_REQUIRED,\r
50 endcheckbox;\r
51 endif;\r
52\r
53 //\r
54 // Display of Oneof: 'Secure Boot Mode'\r
55 //\r
56 oneof name = SecureBootMode,\r
57 questionid = KEY_SECURE_BOOT_MODE,\r
58 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
59 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
60 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
61 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
62 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
63 endoneof;\r
64\r
65 //\r
66 // Display of 'Current Secure Boot Mode'\r
67 //\r
68 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
69 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
70 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
71 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
72 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
73 flags = INTERACTIVE,\r
74 key = KEY_SECURE_BOOT_OPTION;\r
75 endif;\r
76 endif;\r
77\r
78 endform;\r
79\r
80 //\r
81 // ##2 Form: 'Custom Secure Boot Options'\r
82 //\r
83 form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r
84 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r
85\r
86 subtitle text = STRING_TOKEN(STR_NULL);\r
87\r
88 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
89 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r
90 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r
91 flags = INTERACTIVE,\r
92 key = KEY_SECURE_BOOT_PK_OPTION;\r
93\r
94 subtitle text = STRING_TOKEN(STR_NULL);\r
95\r
96 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
97 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r
98 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r
99 flags = INTERACTIVE,\r
100 key = KEY_SECURE_BOOT_KEK_OPTION;\r
101\r
102 subtitle text = STRING_TOKEN(STR_NULL);\r
103\r
104 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
105 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r
106 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r
107 flags = INTERACTIVE,\r
108 key = KEY_SECURE_BOOT_DB_OPTION;\r
109\r
110 subtitle text = STRING_TOKEN(STR_NULL);\r
111\r
112 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
113 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r
114 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r
115 flags = INTERACTIVE,\r
116 key = KEY_SECURE_BOOT_DBX_OPTION;\r
117\r
118 subtitle text = STRING_TOKEN(STR_NULL);\r
119\r
120 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
121 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r
122 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r
123 flags = INTERACTIVE,\r
124 key = KEY_SECURE_BOOT_DBT_OPTION;\r
125\r
126 endform;\r
127\r
128 //\r
129 // ##3 Form: 'PK Options'\r
130 //\r
131 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
132 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r
133\r
134 subtitle text = STRING_TOKEN(STR_NULL);\r
135\r
136 //\r
137 // Display of 'Enroll PK'\r
138 //\r
139 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
140 goto FORMID_ENROLL_PK_FORM,\r
141 prompt = STRING_TOKEN(STR_ENROLL_PK),\r
142 help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r
143 flags = INTERACTIVE,\r
144 key = KEY_ENROLL_PK;\r
145 endif;\r
146\r
147 subtitle text = STRING_TOKEN(STR_NULL);\r
148\r
149 //\r
150 // Display of Check Box: 'Delete Pk'\r
151 //\r
152 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
153 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
154 questionid = KEY_SECURE_BOOT_DELETE_PK,\r
155 prompt = STRING_TOKEN(STR_DELETE_PK),\r
156 help = STRING_TOKEN(STR_DELETE_PK_HELP),\r
157 flags = INTERACTIVE | RESET_REQUIRED,\r
158 endcheckbox;\r
159 endif;\r
160 endform;\r
161\r
162 //\r
163 // ##4 Form: 'Enroll PK'\r
164 //\r
165 form formid = FORMID_ENROLL_PK_FORM,\r
166 title = STRING_TOKEN(STR_ENROLL_PK);\r
167\r
168 subtitle text = STRING_TOKEN(STR_NULL);\r
169\r
170 goto FORMID_ENROLL_PK_FORM,\r
171 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
172 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
173 flags = INTERACTIVE,\r
174 key = FORMID_ENROLL_PK_FORM;\r
175\r
176 subtitle text = STRING_TOKEN(STR_NULL);\r
177 label FORMID_ENROLL_PK_FORM;\r
178 label LABEL_END;\r
179 subtitle text = STRING_TOKEN(STR_NULL);\r
180\r
181 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
182 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
183 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
184 flags = INTERACTIVE| RESET_REQUIRED,\r
185 key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
186\r
187 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
188 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
189 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
190 flags = INTERACTIVE,\r
191 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
192\r
193 endform;\r
194\r
195 //\r
196 // ##5 Form: 'KEK Options'\r
197 //\r
198 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
199 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r
200\r
201 //\r
202 // Display of 'Enroll KEK'\r
203 //\r
204 goto FORMID_ENROLL_KEK_FORM,\r
205 prompt = STRING_TOKEN(STR_ENROLL_KEK),\r
206 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r
207 flags = INTERACTIVE;\r
208\r
209 subtitle text = STRING_TOKEN(STR_NULL);\r
210\r
211 //\r
212 // Display of 'Delete KEK'\r
213 //\r
214 goto FORMID_DELETE_KEK_FORM,\r
215 prompt = STRING_TOKEN(STR_DELETE_KEK),\r
216 help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r
217 flags = INTERACTIVE,\r
218 key = KEY_DELETE_KEK;\r
219\r
220 subtitle text = STRING_TOKEN(STR_NULL);\r
221 endform;\r
222\r
223 //\r
224 // ##6 Form: 'Enroll KEK'\r
225 //\r
226 form formid = FORMID_ENROLL_KEK_FORM,\r
227 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r
228\r
229 subtitle text = STRING_TOKEN(STR_NULL);\r
230\r
231 goto FORMID_ENROLL_KEK_FORM,\r
232 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
233 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
234 flags = INTERACTIVE,\r
235 key = FORMID_ENROLL_KEK_FORM;\r
236\r
237 subtitle text = STRING_TOKEN(STR_NULL);\r
238 label FORMID_ENROLL_KEK_FORM;\r
239 label LABEL_END;\r
240 subtitle text = STRING_TOKEN(STR_NULL);\r
241\r
242 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
243 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
244 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
245 flags = INTERACTIVE,\r
246 key = KEY_SECURE_BOOT_KEK_GUID,\r
247 minsize = SECURE_BOOT_GUID_SIZE,\r
248 maxsize = SECURE_BOOT_GUID_SIZE,\r
249 endstring;\r
250\r
251 subtitle text = STRING_TOKEN(STR_NULL);\r
252 subtitle text = STRING_TOKEN(STR_NULL);\r
253\r
254 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
255 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
256 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
257 flags = INTERACTIVE,\r
258 key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r
259\r
260 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
261 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
262 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
263 flags = INTERACTIVE,\r
264 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r
265\r
266 endform;\r
267\r
268 //\r
269 // ##7 Form: 'Delete KEK'\r
270 //\r
271 form formid = FORMID_DELETE_KEK_FORM,\r
272 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r
273\r
274 label LABEL_KEK_DELETE;\r
275 label LABEL_END;\r
276\r
277 subtitle text = STRING_TOKEN(STR_NULL);\r
278\r
279 endform;\r
280\r
281 //\r
282 // ##8 Form: 'DB Options'\r
283 //\r
284 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
285 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r
286\r
287 subtitle text = STRING_TOKEN(STR_NULL);\r
288\r
289 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
290 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
291 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
292 flags = 0;\r
293\r
294 subtitle text = STRING_TOKEN(STR_NULL);\r
295\r
296 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
297 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
298 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
299 flags = INTERACTIVE,\r
300 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r
301\r
302 endform;\r
303\r
304 //\r
305 // ##9 Form: 'DBX Options'\r
306 //\r
307 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
308 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r
309\r
310 subtitle text = STRING_TOKEN(STR_NULL);\r
311\r
312 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
313 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
314 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
315 flags = 0;\r
316\r
317 subtitle text = STRING_TOKEN(STR_NULL);\r
318\r
319 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
320 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
321 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
322 flags = INTERACTIVE,\r
323 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;\r
324\r
325 endform;\r
326\r
327 //\r
328 // ##9 Form: 'DBT Options'\r
329 //\r
330 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
331 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r
332\r
333 subtitle text = STRING_TOKEN(STR_NULL);\r
334\r
335 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
336 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
337 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
338 flags = 0;\r
339\r
340 subtitle text = STRING_TOKEN(STR_NULL);\r
341\r
342 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
343 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
344 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
345 flags = INTERACTIVE,\r
346 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r
347\r
348 endform;\r
349\r
350 //\r
351 // Form: 'Delete Signature' for DB Options.\r
352 //\r
353 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
354 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
355\r
356 label LABEL_DB_DELETE;\r
357 label LABEL_END;\r
358 subtitle text = STRING_TOKEN(STR_NULL);\r
359\r
360 endform;\r
361\r
362 //\r
363 // Form: 'Delete Signature' for DBX Options.\r
364 //\r
365 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,\r
366 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
367\r
368 label LABEL_DBX_DELETE;\r
369 label LABEL_END;\r
370 subtitle text = STRING_TOKEN(STR_NULL);\r
371\r
372 endform;\r
373\r
374 //\r
375 // Form: 'Delete Signature' for DBT Options.\r
376 //\r
377 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
378 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
379\r
380 label LABEL_DBT_DELETE;\r
381 label LABEL_END;\r
382 subtitle text = STRING_TOKEN(STR_NULL);\r
383\r
384 endform;\r
385\r
386 //\r
387 // Form: 'Enroll Signature' for DB options.\r
388 //\r
389 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
390 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
391\r
392 subtitle text = STRING_TOKEN(STR_NULL);\r
393\r
394 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
395 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
396 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
397 flags = INTERACTIVE,\r
398 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
399\r
400 subtitle text = STRING_TOKEN(STR_NULL);\r
401 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
402 label LABEL_END;\r
403 subtitle text = STRING_TOKEN(STR_NULL);\r
404\r
405 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
406 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
407 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
408 flags = INTERACTIVE,\r
409 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r
410 minsize = SECURE_BOOT_GUID_SIZE,\r
411 maxsize = SECURE_BOOT_GUID_SIZE,\r
412 endstring;\r
413\r
414 subtitle text = STRING_TOKEN(STR_NULL);\r
415 subtitle text = STRING_TOKEN(STR_NULL);\r
416\r
417 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
418 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
419 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
420 flags = INTERACTIVE,\r
421 key = KEY_VALUE_SAVE_AND_EXIT_DB;\r
422\r
423 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
424 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
425 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
426 flags = INTERACTIVE,\r
427 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r
428\r
429 endform;\r
430\r
431 //\r
432 // Form: 'Enroll Signature' for DBX options.\r
433 //\r
434 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
435 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
436\r
437 subtitle text = STRING_TOKEN(STR_NULL);\r
438\r
439 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
440 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
441 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
442 flags = INTERACTIVE,\r
443 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
444\r
445 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
446 label LABEL_END;\r
447 subtitle text = STRING_TOKEN(STR_NULL);\r
448\r
449 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
450 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
451 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
452 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
453 flags = INTERACTIVE,\r
454 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
455 minsize = SECURE_BOOT_GUID_SIZE,\r
456 maxsize = SECURE_BOOT_GUID_SIZE,\r
457 endstring;\r
458 endif;\r
459\r
460 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r
461 oneof name = X509SignatureFormatInDbx,\r
462 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
463 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
464 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
465 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r
466 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r
467 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r
468 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r
469 endoneof;\r
470 endif;\r
471\r
472 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r
473 text\r
474 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r
475 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
476 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r
477 endif;\r
478\r
479 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
480 text\r
481 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r
482 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
483 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r
484 endif;\r
485\r
486 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r
487 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
488 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
489 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
490 flags = INTERACTIVE,\r
491 endcheckbox;\r
492\r
493 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r
494 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r
495 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r
496 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r
497 flags = STORAGE_NORMAL,\r
498 enddate;\r
499\r
500 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r
501 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r
502 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r
503 flags = STORAGE_NORMAL,\r
504 endtime;\r
505 endif;\r
506 endif;\r
507\r
508 subtitle text = STRING_TOKEN(STR_NULL);\r
509 subtitle text = STRING_TOKEN(STR_NULL);\r
510\r
511 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
512 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
513 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
514 flags = INTERACTIVE,\r
515 key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r
516\r
517 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
518 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
519 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
520 flags = INTERACTIVE,\r
521 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r
522\r
523 endform;\r
524\r
525 //\r
526 // Form: 'Enroll Signature' for DBT options.\r
527 //\r
528 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
529 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
530\r
531 subtitle text = STRING_TOKEN(STR_NULL);\r
532\r
533 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
534 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
535 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
536 flags = INTERACTIVE,\r
537 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
538\r
539 subtitle text = STRING_TOKEN(STR_NULL);\r
540 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
541 label LABEL_END;\r
542 subtitle text = STRING_TOKEN(STR_NULL);\r
543\r
544 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
545 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
546 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
547 flags = INTERACTIVE,\r
548 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r
549 minsize = SECURE_BOOT_GUID_SIZE,\r
550 maxsize = SECURE_BOOT_GUID_SIZE,\r
551 endstring;\r
552\r
553 subtitle text = STRING_TOKEN(STR_NULL);\r
554 subtitle text = STRING_TOKEN(STR_NULL);\r
555\r
556 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
557 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
558 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
559 flags = INTERACTIVE,\r
560 key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r
561\r
562 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
563 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
564 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
565 flags = INTERACTIVE,\r
566 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r
567\r
568 endform;\r
569\r
570endformset;
EFI Development Kit II mirror for PVE