]> git.proxmox.com Git - mirror_edk2.git/blame_incremental - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
SecurityPkg/SecureBootConfigImpl.c: Secure Boot DBX UI Enhancement
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
... / ...
CommitLineData
1/** @file\r
2 VFR file used by the SecureBoot configuration component.\r
3\r
4Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r
5This program and the accompanying materials\r
6are licensed and made available under the terms and conditions of the BSD License\r
7which accompanies this distribution. The full text of the license may be found at\r
8http://opensource.org/licenses/bsd-license.php\r
9\r
10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
12\r
13**/\r
14\r
15#include "SecureBootConfigNvData.h"\r
16\r
17formset\r
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,\r
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),\r
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),\r
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,\r
22\r
23 varstore SECUREBOOT_CONFIGURATION,\r
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,\r
25 name = SECUREBOOT_CONFIGURATION,\r
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;\r
27\r
28 //\r
29 // ##1 Form "Secure Boot Configuration"\r
30 //\r
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,\r
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);\r
33\r
34 subtitle text = STRING_TOKEN(STR_NULL);\r
35\r
36 text\r
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),\r
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
40\r
41 //\r
42 // Display of Check Box: Attempt Secure Boot\r
43 //\r
44 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
45 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
46 questionid = KEY_SECURE_BOOT_ENABLE,\r
47 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
48 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),\r
49 flags = INTERACTIVE | RESET_REQUIRED,\r
50 endcheckbox;\r
51 endif;\r
52\r
53 //\r
54 // Display of Oneof: 'Secure Boot Mode'\r
55 //\r
56 oneof name = SecureBootMode,\r
57 questionid = KEY_SECURE_BOOT_MODE,\r
58 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
59 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
60 flags = INTERACTIVE | NUMERIC_SIZE_1,\r
61 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
62 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
63 endoneof;\r
64\r
65 //\r
66 // Display of 'Current Secure Boot Mode'\r
67 //\r
68 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
69 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
70 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
71 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
72 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
73 flags = INTERACTIVE,\r
74 key = KEY_SECURE_BOOT_OPTION;\r
75 endif;\r
76 endif;\r
77\r
78 endform;\r
79\r
80 //\r
81 // ##2 Form: 'Custom Secure Boot Options'\r
82 //\r
83 form formid = FORMID_SECURE_BOOT_OPTION_FORM,\r
84 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);\r
85\r
86 subtitle text = STRING_TOKEN(STR_NULL);\r
87\r
88 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
89 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),\r
90 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),\r
91 flags = INTERACTIVE,\r
92 key = KEY_SECURE_BOOT_PK_OPTION;\r
93\r
94 subtitle text = STRING_TOKEN(STR_NULL);\r
95\r
96 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
97 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),\r
98 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),\r
99 flags = INTERACTIVE,\r
100 key = KEY_SECURE_BOOT_KEK_OPTION;\r
101\r
102 subtitle text = STRING_TOKEN(STR_NULL);\r
103\r
104 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
105 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),\r
106 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),\r
107 flags = INTERACTIVE,\r
108 key = KEY_SECURE_BOOT_DB_OPTION;\r
109\r
110 subtitle text = STRING_TOKEN(STR_NULL);\r
111\r
112 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
113 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),\r
114 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),\r
115 flags = INTERACTIVE,\r
116 key = KEY_SECURE_BOOT_DBX_OPTION;\r
117\r
118 subtitle text = STRING_TOKEN(STR_NULL);\r
119\r
120 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
121 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),\r
122 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),\r
123 flags = INTERACTIVE,\r
124 key = KEY_SECURE_BOOT_DBT_OPTION;\r
125\r
126 endform;\r
127\r
128 //\r
129 // ##3 Form: 'PK Options'\r
130 //\r
131 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,\r
132 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);\r
133\r
134 subtitle text = STRING_TOKEN(STR_NULL);\r
135\r
136 //\r
137 // Display of 'Enroll PK'\r
138 //\r
139 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
140 goto FORMID_ENROLL_PK_FORM,\r
141 prompt = STRING_TOKEN(STR_ENROLL_PK),\r
142 help = STRING_TOKEN(STR_ENROLL_PK_HELP),\r
143 flags = INTERACTIVE,\r
144 key = KEY_ENROLL_PK;\r
145 endif;\r
146\r
147 subtitle text = STRING_TOKEN(STR_NULL);\r
148\r
149 //\r
150 // Display of Check Box: 'Delete Pk'\r
151 //\r
152 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
153 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
154 questionid = KEY_SECURE_BOOT_DELETE_PK,\r
155 prompt = STRING_TOKEN(STR_DELETE_PK),\r
156 help = STRING_TOKEN(STR_DELETE_PK_HELP),\r
157 flags = INTERACTIVE | RESET_REQUIRED,\r
158 endcheckbox;\r
159 endif;\r
160 endform;\r
161\r
162 //\r
163 // ##4 Form: 'Enroll PK'\r
164 //\r
165 form formid = FORMID_ENROLL_PK_FORM,\r
166 title = STRING_TOKEN(STR_ENROLL_PK);\r
167\r
168 subtitle text = STRING_TOKEN(STR_NULL);\r
169\r
170 goto FORMID_ENROLL_PK_FORM,\r
171 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
172 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
173 flags = INTERACTIVE,\r
174 key = FORMID_ENROLL_PK_FORM;\r
175\r
176 subtitle text = STRING_TOKEN(STR_NULL);\r
177 label FORMID_ENROLL_PK_FORM;\r
178 label LABEL_END;\r
179 subtitle text = STRING_TOKEN(STR_NULL);\r
180\r
181 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
182 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
183 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
184 flags = INTERACTIVE| RESET_REQUIRED,\r
185 key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
186\r
187 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
188 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
189 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
190 flags = INTERACTIVE,\r
191 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
192\r
193 endform;\r
194\r
195 //\r
196 // ##5 Form: 'KEK Options'\r
197 //\r
198 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,\r
199 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);\r
200\r
201 //\r
202 // Display of 'Enroll KEK'\r
203 //\r
204 goto FORMID_ENROLL_KEK_FORM,\r
205 prompt = STRING_TOKEN(STR_ENROLL_KEK),\r
206 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),\r
207 flags = INTERACTIVE;\r
208\r
209 subtitle text = STRING_TOKEN(STR_NULL);\r
210\r
211 //\r
212 // Display of 'Delete KEK'\r
213 //\r
214 goto FORMID_DELETE_KEK_FORM,\r
215 prompt = STRING_TOKEN(STR_DELETE_KEK),\r
216 help = STRING_TOKEN(STR_DELETE_KEK_HELP),\r
217 flags = INTERACTIVE,\r
218 key = KEY_DELETE_KEK;\r
219\r
220 subtitle text = STRING_TOKEN(STR_NULL);\r
221 endform;\r
222\r
223 //\r
224 // ##6 Form: 'Enroll KEK'\r
225 //\r
226 form formid = FORMID_ENROLL_KEK_FORM,\r
227 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);\r
228\r
229 subtitle text = STRING_TOKEN(STR_NULL);\r
230\r
231 goto FORMID_ENROLL_KEK_FORM,\r
232 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
233 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
234 flags = INTERACTIVE,\r
235 key = FORMID_ENROLL_KEK_FORM;\r
236\r
237 subtitle text = STRING_TOKEN(STR_NULL);\r
238 label FORMID_ENROLL_KEK_FORM;\r
239 label LABEL_END;\r
240 subtitle text = STRING_TOKEN(STR_NULL);\r
241\r
242 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
243 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
244 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
245 flags = INTERACTIVE,\r
246 key = KEY_SECURE_BOOT_KEK_GUID,\r
247 minsize = SECURE_BOOT_GUID_SIZE,\r
248 maxsize = SECURE_BOOT_GUID_SIZE,\r
249 endstring;\r
250\r
251 subtitle text = STRING_TOKEN(STR_NULL);\r
252 subtitle text = STRING_TOKEN(STR_NULL);\r
253\r
254 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
255 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
256 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
257 flags = INTERACTIVE,\r
258 key = KEY_VALUE_SAVE_AND_EXIT_KEK;\r
259\r
260 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
261 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
262 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
263 flags = INTERACTIVE,\r
264 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;\r
265\r
266 endform;\r
267\r
268 //\r
269 // ##7 Form: 'Delete KEK'\r
270 //\r
271 form formid = FORMID_DELETE_KEK_FORM,\r
272 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);\r
273\r
274 label LABEL_KEK_DELETE;\r
275 label LABEL_END;\r
276\r
277 subtitle text = STRING_TOKEN(STR_NULL);\r
278\r
279 endform;\r
280\r
281 //\r
282 // ##8 Form: 'DB Options'\r
283 //\r
284 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,\r
285 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);\r
286\r
287 subtitle text = STRING_TOKEN(STR_NULL);\r
288\r
289 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
290 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
291 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
292 flags = 0;\r
293\r
294 subtitle text = STRING_TOKEN(STR_NULL);\r
295\r
296 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
297 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
298 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
299 flags = INTERACTIVE,\r
300 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;\r
301\r
302 endform;\r
303\r
304 //\r
305 // ##9 Form: 'DBX Options'\r
306 //\r
307 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,\r
308 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);\r
309\r
310 subtitle text = STRING_TOKEN(STR_NULL);\r
311\r
312 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
313 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
314 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
315 flags = 0;\r
316\r
317 subtitle text = STRING_TOKEN(STR_NULL);\r
318\r
319 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
320 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
321 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
322 flags = INTERACTIVE,\r
323 key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;\r
324\r
325 endform;\r
326\r
327 //\r
328 // ##9 Form: 'DBT Options'\r
329 //\r
330 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,\r
331 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);\r
332\r
333 subtitle text = STRING_TOKEN(STR_NULL);\r
334\r
335 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
336 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
337 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),\r
338 flags = 0;\r
339\r
340 subtitle text = STRING_TOKEN(STR_NULL);\r
341\r
342 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
343 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
344 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),\r
345 flags = INTERACTIVE,\r
346 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;\r
347\r
348 endform;\r
349\r
350 //\r
351 // Form: 'Delete Signature' for DB Options.\r
352 //\r
353 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,\r
354 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
355\r
356 label LABEL_DB_DELETE;\r
357 label LABEL_END;\r
358 subtitle text = STRING_TOKEN(STR_NULL);\r
359\r
360 endform;\r
361\r
362 //\r
363 // Form: Display Signature List.\r
364 //\r
365 form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
366 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);\r
367\r
368 subtitle text = STRING_TOKEN(STR_NULL);\r
369\r
370 grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;\r
371 label LABEL_DELETE_ALL_LIST_BUTTON;\r
372 //\r
373 // Will create a goto button dynamically here.\r
374 //\r
375 label LABEL_END;\r
376 endif;\r
377\r
378 subtitle text = STRING_TOKEN(STR_NULL);\r
379 label LABEL_SIGNATURE_LIST_START;\r
380 label LABEL_END;\r
381 subtitle text = STRING_TOKEN(STR_NULL);\r
382\r
383 endform;\r
384\r
385 //\r
386 // Form: Display Signature Data.\r
387 //\r
388 form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,\r
389 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);\r
390\r
391 subtitle text = STRING_TOKEN(STR_NULL);\r
392\r
393 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
394 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),\r
395 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),\r
396 flags = INTERACTIVE,\r
397 key = KEY_SECURE_BOOT_DELETE_ALL_DATA;\r
398\r
399 grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;\r
400 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,\r
401 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),\r
402 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),\r
403 flags = INTERACTIVE,\r
404 key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;\r
405 endif;\r
406\r
407 subtitle text = STRING_TOKEN(STR_NULL);\r
408 label LABEL_SIGNATURE_DATA_START;\r
409 label LABEL_END;\r
410 subtitle text = STRING_TOKEN(STR_NULL);\r
411\r
412 endform;\r
413\r
414\r
415 //\r
416 // Form: 'Delete Signature' for DBT Options.\r
417 //\r
418 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,\r
419 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);\r
420\r
421 label LABEL_DBT_DELETE;\r
422 label LABEL_END;\r
423 subtitle text = STRING_TOKEN(STR_NULL);\r
424\r
425 endform;\r
426\r
427 //\r
428 // Form: 'Enroll Signature' for DB options.\r
429 //\r
430 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
431 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
432\r
433 subtitle text = STRING_TOKEN(STR_NULL);\r
434\r
435 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
436 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
437 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
438 flags = INTERACTIVE,\r
439 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
440\r
441 subtitle text = STRING_TOKEN(STR_NULL);\r
442 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;\r
443 label LABEL_END;\r
444 subtitle text = STRING_TOKEN(STR_NULL);\r
445\r
446 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
447 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
448 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
449 flags = INTERACTIVE,\r
450 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,\r
451 minsize = SECURE_BOOT_GUID_SIZE,\r
452 maxsize = SECURE_BOOT_GUID_SIZE,\r
453 endstring;\r
454\r
455 subtitle text = STRING_TOKEN(STR_NULL);\r
456 subtitle text = STRING_TOKEN(STR_NULL);\r
457\r
458 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
459 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
460 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
461 flags = INTERACTIVE,\r
462 key = KEY_VALUE_SAVE_AND_EXIT_DB;\r
463\r
464 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
465 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
466 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
467 flags = INTERACTIVE,\r
468 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;\r
469\r
470 endform;\r
471\r
472 //\r
473 // Form: 'Enroll Signature' for DBX options.\r
474 //\r
475 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
476 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
477\r
478 subtitle text = STRING_TOKEN(STR_NULL);\r
479\r
480 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
481 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
482 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
483 flags = INTERACTIVE,\r
484 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
485\r
486 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;\r
487 label LABEL_END;\r
488 subtitle text = STRING_TOKEN(STR_NULL);\r
489\r
490 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
491 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
492 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
493 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
494 flags = INTERACTIVE,\r
495 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
496 minsize = SECURE_BOOT_GUID_SIZE,\r
497 maxsize = SECURE_BOOT_GUID_SIZE,\r
498 endstring;\r
499 endif;\r
500\r
501 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r
502 oneof name = X509SignatureFormatInDbx,\r
503 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
504 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
505 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
506 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r
507 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r
508 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r
509 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r
510 endoneof;\r
511 endif;\r
512\r
513 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r
514 text\r
515 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r
516 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
517 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r
518 endif;\r
519\r
520 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
521 text\r
522 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r
523 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
524 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r
525 endif;\r
526\r
527 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r
528 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
529 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
530 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
531 flags = INTERACTIVE,\r
532 endcheckbox;\r
533\r
534 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;\r
535 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,\r
536 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),\r
537 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),\r
538 flags = STORAGE_NORMAL,\r
539 enddate;\r
540\r
541 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,\r
542 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),\r
543 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),\r
544 flags = STORAGE_NORMAL,\r
545 endtime;\r
546 endif;\r
547 endif;\r
548\r
549 subtitle text = STRING_TOKEN(STR_NULL);\r
550 subtitle text = STRING_TOKEN(STR_NULL);\r
551\r
552 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
553 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
554 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
555 flags = INTERACTIVE,\r
556 key = KEY_VALUE_SAVE_AND_EXIT_DBX;\r
557\r
558 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
559 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
560 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
561 flags = INTERACTIVE,\r
562 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;\r
563\r
564 endform;\r
565\r
566 //\r
567 // Form: 'Enroll Signature' for DBT options.\r
568 //\r
569 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
570 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);\r
571\r
572 subtitle text = STRING_TOKEN(STR_NULL);\r
573\r
574 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
575 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
576 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
577 flags = INTERACTIVE,\r
578 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
579\r
580 subtitle text = STRING_TOKEN(STR_NULL);\r
581 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;\r
582 label LABEL_END;\r
583 subtitle text = STRING_TOKEN(STR_NULL);\r
584\r
585 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
586 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
587 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
588 flags = INTERACTIVE,\r
589 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,\r
590 minsize = SECURE_BOOT_GUID_SIZE,\r
591 maxsize = SECURE_BOOT_GUID_SIZE,\r
592 endstring;\r
593\r
594 subtitle text = STRING_TOKEN(STR_NULL);\r
595 subtitle text = STRING_TOKEN(STR_NULL);\r
596\r
597 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
598 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
599 help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
600 flags = INTERACTIVE,\r
601 key = KEY_VALUE_SAVE_AND_EXIT_DBT;\r
602\r
603 goto FORMID_SECURE_BOOT_OPTION_FORM,\r
604 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
605 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
606 flags = INTERACTIVE,\r
607 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;\r
608\r
609 endform;\r
610\r
611endformset;
EFI Development Kit II mirror for PVE