]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
UEFI 2.4 X509 Certificate Hash and RFC3161 Timestamp Verification support for Secure...
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
1 /** @file
2 VFR file used by the SecureBoot configuration component.
3
4 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "SecureBootConfigNvData.h"
16
17 formset
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
22
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
27
28 //
29 // ##1 Form "Secure Boot Configuration"
30 //
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
33
34 subtitle text = STRING_TOKEN(STR_NULL);
35
36 text
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
40
41 //
42 // Define of Check Box: Attempt Secure Boot
43 //
44 suppressif TRUE;
45 checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,
46 questionid = KEY_HIDE_SECURE_BOOT,
47 prompt = STRING_TOKEN(STR_NULL),
48 help = STRING_TOKEN(STR_NULL),
49 flags = INTERACTIVE,
50 endcheckbox;
51 endif;
52
53 //
54 // Display of Check Box: Attempt Secure Boot
55 //
56 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
57 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
58 questionid = KEY_SECURE_BOOT_ENABLE,
59 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
60 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
61 flags = INTERACTIVE | RESET_REQUIRED,
62 endcheckbox;
63 endif;
64
65 //
66 // Display of Oneof: 'Secure Boot Mode'
67 //
68 disableif TRUE;
69 oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
70 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
71 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
72 flags = INTERACTIVE,
73 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = 0;
74 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
75 endoneof;
76 endif;
77 oneof name = SecureBootMode,
78 questionid = KEY_SECURE_BOOT_MODE,
79 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
80 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
81 flags = INTERACTIVE | NUMERIC_SIZE_1,
82 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
83 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
84 endoneof;
85
86 //
87 //
88 // Display of 'Current Secure Boot Mode'
89 //
90 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
91 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
92 goto FORMID_SECURE_BOOT_OPTION_FORM,
93 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
94 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
95 flags = INTERACTIVE,
96 key = KEY_SECURE_BOOT_OPTION;
97 endif;
98 endif;
99 endform;
100
101 //
102 // ##2 Form: 'Custom Secure Boot Options'
103 //
104 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
105 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
106
107 subtitle text = STRING_TOKEN(STR_NULL);
108
109 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
110 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
111 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
112 flags = INTERACTIVE,
113 key = KEY_SECURE_BOOT_PK_OPTION;
114
115 subtitle text = STRING_TOKEN(STR_NULL);
116
117 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
118 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
119 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
120 flags = INTERACTIVE,
121 key = KEY_SECURE_BOOT_KEK_OPTION;
122
123 subtitle text = STRING_TOKEN(STR_NULL);
124
125 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
126 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
127 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
128 flags = INTERACTIVE,
129 key = KEY_SECURE_BOOT_DB_OPTION;
130
131 subtitle text = STRING_TOKEN(STR_NULL);
132
133 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
134 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
135 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
136 flags = INTERACTIVE,
137 key = KEY_SECURE_BOOT_DBX_OPTION;
138
139 subtitle text = STRING_TOKEN(STR_NULL);
140
141 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
142 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
143 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
144 flags = INTERACTIVE,
145 key = KEY_SECURE_BOOT_DBT_OPTION;
146
147 endform;
148
149 //
150 // ##3 Form: 'PK Options'
151 //
152 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
153 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
154
155 subtitle text = STRING_TOKEN(STR_NULL);
156
157 //
158 // Define of Check Box: 'Delete PK'
159 //
160 suppressif TRUE;
161 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
162 prompt = STRING_TOKEN(STR_NULL),
163 help = STRING_TOKEN(STR_NULL),
164 endcheckbox;
165 endif;
166
167 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
168 goto FORMID_ENROLL_PK_FORM,
169 prompt = STRING_TOKEN(STR_ENROLL_PK),
170 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
171 flags = INTERACTIVE,
172 key = KEY_ENROLL_PK;
173 endif;
174
175 subtitle text = STRING_TOKEN(STR_NULL);
176
177 //
178 // Display of Check Box: 'Delete Pk'
179 //
180 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
181 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
182 questionid = KEY_SECURE_BOOT_DELETE_PK,
183 prompt = STRING_TOKEN(STR_DELETE_PK),
184 help = STRING_TOKEN(STR_DELETE_PK_HELP),
185 flags = INTERACTIVE | RESET_REQUIRED,
186 endcheckbox;
187 endif;
188 endform;
189
190 //
191 // ##4 Form: 'Enroll PK'
192 //
193 form formid = FORMID_ENROLL_PK_FORM,
194 title = STRING_TOKEN(STR_ENROLL_PK);
195
196 subtitle text = STRING_TOKEN(STR_NULL);
197
198 goto FORM_FILE_EXPLORER_ID_PK,
199 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
200 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
201 flags = INTERACTIVE,
202 key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
203 endform;
204
205 //
206 // ##5 Form: 'KEK Options'
207 //
208 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
209 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
210
211 //
212 // Display of 'Enroll KEK'
213 //
214 goto FORMID_ENROLL_KEK_FORM,
215 prompt = STRING_TOKEN(STR_ENROLL_KEK),
216 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
217 flags = INTERACTIVE;
218
219 subtitle text = STRING_TOKEN(STR_NULL);
220
221 //
222 // Display of 'Delete KEK'
223 //
224 goto FORMID_DELETE_KEK_FORM,
225 prompt = STRING_TOKEN(STR_DELETE_KEK),
226 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
227 flags = INTERACTIVE,
228 key = KEY_DELETE_KEK;
229
230 subtitle text = STRING_TOKEN(STR_NULL);
231 endform;
232
233 //
234 // ##6 Form: 'Enroll KEK'
235 //
236 form formid = FORMID_ENROLL_KEK_FORM,
237 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
238
239 subtitle text = STRING_TOKEN(STR_NULL);
240
241 goto FORM_FILE_EXPLORER_ID_KEK,
242 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
243 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
244 flags = INTERACTIVE,
245 key = FORMID_ENROLL_KEK_FORM;
246
247 subtitle text = STRING_TOKEN(STR_NULL);
248 label FORMID_ENROLL_KEK_FORM;
249 label LABEL_END;
250 subtitle text = STRING_TOKEN(STR_NULL);
251
252 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
253 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
254 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
255 flags = INTERACTIVE,
256 key = KEY_SECURE_BOOT_KEK_GUID,
257 minsize = SECURE_BOOT_GUID_SIZE,
258 maxsize = SECURE_BOOT_GUID_SIZE,
259 endstring;
260
261 subtitle text = STRING_TOKEN(STR_NULL);
262 subtitle text = STRING_TOKEN(STR_NULL);
263
264 goto FORMID_SECURE_BOOT_OPTION_FORM,
265 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
266 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
267 flags = INTERACTIVE,
268 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
269
270 goto FORMID_SECURE_BOOT_OPTION_FORM,
271 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
272 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
273 flags = INTERACTIVE,
274 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
275
276 endform;
277
278 //
279 // ##7 Form: 'Delete KEK'
280 //
281 form formid = FORMID_DELETE_KEK_FORM,
282 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
283
284 label LABEL_KEK_DELETE;
285 label LABEL_END;
286
287 subtitle text = STRING_TOKEN(STR_NULL);
288
289 endform;
290
291 //
292 // ##8 Form: 'DB Options'
293 //
294 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
295 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
296
297 subtitle text = STRING_TOKEN(STR_NULL);
298
299 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
300 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
301 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
302 flags = 0;
303
304 subtitle text = STRING_TOKEN(STR_NULL);
305
306 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
307 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
308 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
309 flags = INTERACTIVE,
310 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
311
312 endform;
313
314 //
315 // ##9 Form: 'DBX Options'
316 //
317 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
318 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
319
320 subtitle text = STRING_TOKEN(STR_NULL);
321
322 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
323 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
324 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
325 flags = 0;
326
327 subtitle text = STRING_TOKEN(STR_NULL);
328
329 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
330 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
331 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
332 flags = INTERACTIVE,
333 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
334
335 endform;
336
337 //
338 // ##9 Form: 'DBT Options'
339 //
340 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
341 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
342
343 subtitle text = STRING_TOKEN(STR_NULL);
344
345 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
346 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
347 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
348 flags = 0;
349
350 subtitle text = STRING_TOKEN(STR_NULL);
351
352 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
353 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
354 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
355 flags = INTERACTIVE,
356 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
357
358 endform;
359
360 //
361 // Form: 'Delete Signature' for DB Options.
362 //
363 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
364 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
365
366 label LABEL_DB_DELETE;
367 label LABEL_END;
368 subtitle text = STRING_TOKEN(STR_NULL);
369
370 endform;
371
372 //
373 // Form: 'Delete Signature' for DBX Options.
374 //
375 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
376 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
377
378 label LABEL_DBX_DELETE;
379 label LABEL_END;
380 subtitle text = STRING_TOKEN(STR_NULL);
381
382 endform;
383
384 //
385 // Form: 'Delete Signature' for DBT Options.
386 //
387 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
388 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
389
390 label LABEL_DBT_DELETE;
391 label LABEL_END;
392 subtitle text = STRING_TOKEN(STR_NULL);
393
394 endform;
395
396 //
397 // Form: 'Enroll Signature' for DB options.
398 //
399 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
400 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
401
402 subtitle text = STRING_TOKEN(STR_NULL);
403
404 goto FORM_FILE_EXPLORER_ID_DB,
405 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
406 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
407 flags = INTERACTIVE,
408 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
409
410 subtitle text = STRING_TOKEN(STR_NULL);
411 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
412 label LABEL_END;
413 subtitle text = STRING_TOKEN(STR_NULL);
414
415 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
416 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
417 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
418 flags = INTERACTIVE,
419 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
420 minsize = SECURE_BOOT_GUID_SIZE,
421 maxsize = SECURE_BOOT_GUID_SIZE,
422 endstring;
423
424 subtitle text = STRING_TOKEN(STR_NULL);
425 subtitle text = STRING_TOKEN(STR_NULL);
426
427 goto FORMID_SECURE_BOOT_OPTION_FORM,
428 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
429 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
430 flags = INTERACTIVE,
431 key = KEY_VALUE_SAVE_AND_EXIT_DB;
432
433 goto FORMID_SECURE_BOOT_OPTION_FORM,
434 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
435 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
436 flags = INTERACTIVE,
437 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
438
439 endform;
440
441 //
442 // Form: 'Enroll Signature' for DBX options.
443 //
444 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
445 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
446
447 subtitle text = STRING_TOKEN(STR_NULL);
448
449 goto FORM_FILE_EXPLORER_ID_DBX,
450 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
451 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
452 flags = INTERACTIVE,
453 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
454
455 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
456 label LABEL_END;
457 subtitle text = STRING_TOKEN(STR_NULL);
458
459 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
460 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
461 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
462 flags = INTERACTIVE,
463 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
464 minsize = SECURE_BOOT_GUID_SIZE,
465 maxsize = SECURE_BOOT_GUID_SIZE,
466 endstring;
467
468 oneof name = SignatureFormatInDbx,
469 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
470 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
471 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
472 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;
473 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;
474 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;
475 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;
476 endoneof;
477
478 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;
479 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
480 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
481 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
482 flags = INTERACTIVE,
483 endcheckbox;
484
485 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
486 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
487 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
488 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
489 flags = STORAGE_NORMAL,
490 enddate;
491
492 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
493 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
494 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
495 flags = STORAGE_NORMAL,
496 endtime;
497 endif;
498 endif;
499
500 subtitle text = STRING_TOKEN(STR_NULL);
501 subtitle text = STRING_TOKEN(STR_NULL);
502
503 goto FORMID_SECURE_BOOT_OPTION_FORM,
504 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
505 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
506 flags = INTERACTIVE,
507 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
508
509 goto FORMID_SECURE_BOOT_OPTION_FORM,
510 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
511 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
512 flags = INTERACTIVE,
513 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
514
515 endform;
516
517 //
518 // Form: 'Enroll Signature' for DBT options.
519 //
520 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
521 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
522
523 subtitle text = STRING_TOKEN(STR_NULL);
524
525 goto FORM_FILE_EXPLORER_ID_DBT,
526 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
527 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
528 flags = INTERACTIVE,
529 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
530
531 subtitle text = STRING_TOKEN(STR_NULL);
532 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
533 label LABEL_END;
534 subtitle text = STRING_TOKEN(STR_NULL);
535
536 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
537 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
538 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
539 flags = INTERACTIVE,
540 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
541 minsize = SECURE_BOOT_GUID_SIZE,
542 maxsize = SECURE_BOOT_GUID_SIZE,
543 endstring;
544
545 subtitle text = STRING_TOKEN(STR_NULL);
546 subtitle text = STRING_TOKEN(STR_NULL);
547
548 goto FORMID_SECURE_BOOT_OPTION_FORM,
549 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
550 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
551 flags = INTERACTIVE,
552 key = KEY_VALUE_SAVE_AND_EXIT_DBT;
553
554 goto FORMID_SECURE_BOOT_OPTION_FORM,
555 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
556 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
557 flags = INTERACTIVE,
558 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
559
560 endform;
561
562 //
563 // File Explorer for PK
564 //
565 form formid = FORM_FILE_EXPLORER_ID_PK,
566 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
567
568 label FORM_FILE_EXPLORER_ID;
569 label LABEL_END;
570 endform;
571
572 //
573 // File Explorer for KEK
574 //
575 form formid = FORM_FILE_EXPLORER_ID_KEK,
576 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
577
578 label FORM_FILE_EXPLORER_ID;
579 label LABEL_END;
580 endform;
581
582 //
583 // File Explorer for DB
584 //
585 form formid = FORM_FILE_EXPLORER_ID_DB,
586 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
587
588 label FORM_FILE_EXPLORER_ID;
589 label LABEL_END;
590 endform;
591
592 //
593 // File Explorer for DBX
594 //
595 form formid = FORM_FILE_EXPLORER_ID_DBX,
596 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
597
598 label FORM_FILE_EXPLORER_ID;
599 label LABEL_END;
600 endform;
601
602 //
603 // File Explorer for DBT
604 //
605 form formid = FORM_FILE_EXPLORER_ID_DBT,
606 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
607
608 label FORM_FILE_EXPLORER_ID;
609 label LABEL_END;
610 endform;
611
612 //
613 // Enroll Pk from File Commit Form
614 //
615 form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,
616 title = STRING_TOKEN(STR_SAVE_PK_FILE);
617
618 label SECUREBOOT_ADD_PK_FILE_FORM_ID;
619 label LABEL_END;
620
621 subtitle text = STRING_TOKEN(STR_NULL);
622
623 text
624 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
625 text = STRING_TOKEN(STR_SAVE_AND_EXIT),
626 text = STRING_TOKEN(STR_NULL),
627 flags = INTERACTIVE,
628 key = KEY_VALUE_SAVE_AND_EXIT_PK;
629
630 text
631 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
632 text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
633 text = STRING_TOKEN(STR_NULL),
634 flags = INTERACTIVE,
635 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
636
637 endform;
638
639 endformset;
EFI Development Kit II mirror for PVE