]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SecurityPkg: Use FileExplorerLib in SecureBootConfigDxe
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
1 /** @file
2 VFR file used by the SecureBoot configuration component.
3
4 Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "SecureBootConfigNvData.h"
16
17 formset
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
22
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
27
28 //
29 // ##1 Form "Secure Boot Configuration"
30 //
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
33
34 subtitle text = STRING_TOKEN(STR_NULL);
35
36 //
37 // Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode)
38 //
39 text
40 help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP),
41 text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT),
42 text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT);
43
44 text
45 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
46 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
47 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
48
49 //
50 // Display of Check Box: Attempt Secure Boot
51 //
52 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
53 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
54 questionid = KEY_SECURE_BOOT_ENABLE,
55 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
56 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
57 flags = INTERACTIVE | RESET_REQUIRED,
58 endcheckbox;
59 endif;
60
61 //
62 // Display of Oneof: 'Secure Boot Mode'
63 //
64 oneof name = SecureBootMode,
65 questionid = KEY_SECURE_BOOT_MODE,
66 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
67 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
68 flags = INTERACTIVE | NUMERIC_SIZE_1,
69 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
70 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
71 endoneof;
72
73 //
74 // Display PK include page
75 //
76 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
77 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
78 goto FORMID_SECURE_BOOT_OPTION_FORM,
79 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
80 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
81 flags = INTERACTIVE,
82 key = KEY_SECURE_BOOT_OPTION;
83 endif;
84 endif;
85
86 endform;
87
88 //
89 // ##2 Form: 'Custom Secure Boot Options'
90 //
91 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
92 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
93
94 subtitle text = STRING_TOKEN(STR_NULL);
95
96 //
97 // Display of SetupMode/UserMode/AuditMode/DeployedMode transition
98 //
99 oneof name = TransSecureBootMode,
100 questionid = KEY_TRANS_SECURE_BOOT_MODE,
101 prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),
102 help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),
103 flags = INTERACTIVE | NUMERIC_SIZE_1,
104 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE
105 OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND
106 ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);
107 option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;
108 endif
109 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;
110 option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;
111 endif
112 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;
113 option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;
114 endif
115 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;
116 option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;
117 endif
118
119 endoneof;
120
121 subtitle text = STRING_TOKEN(STR_NULL);
122
123 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
124 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
125 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
126 flags = INTERACTIVE,
127 key = KEY_SECURE_BOOT_PK_OPTION;
128
129 subtitle text = STRING_TOKEN(STR_NULL);
130
131 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
132 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
133 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
134 flags = INTERACTIVE,
135 key = KEY_SECURE_BOOT_KEK_OPTION;
136
137 subtitle text = STRING_TOKEN(STR_NULL);
138
139 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
140 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
141 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
142 flags = INTERACTIVE,
143 key = KEY_SECURE_BOOT_DB_OPTION;
144
145 subtitle text = STRING_TOKEN(STR_NULL);
146
147 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
148 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
149 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
150 flags = INTERACTIVE,
151 key = KEY_SECURE_BOOT_DBX_OPTION;
152
153 subtitle text = STRING_TOKEN(STR_NULL);
154
155 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
156 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
157 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
158 flags = INTERACTIVE,
159 key = KEY_SECURE_BOOT_DBT_OPTION;
160
161 endform;
162
163 //
164 // ##3 Form: 'PK Options'
165 //
166 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
167 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
168
169 subtitle text = STRING_TOKEN(STR_NULL);
170
171 //
172 // Display of 'Enroll PK'
173 //
174 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
175 goto FORMID_ENROLL_PK_FORM,
176 prompt = STRING_TOKEN(STR_ENROLL_PK),
177 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
178 flags = INTERACTIVE,
179 key = KEY_ENROLL_PK;
180 endif;
181
182 subtitle text = STRING_TOKEN(STR_NULL);
183
184 //
185 // Display of Check Box: 'Delete Pk'
186 //
187 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
188 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
189 questionid = KEY_SECURE_BOOT_DELETE_PK,
190 prompt = STRING_TOKEN(STR_DELETE_PK),
191 help = STRING_TOKEN(STR_DELETE_PK_HELP),
192 flags = INTERACTIVE | RESET_REQUIRED,
193 endcheckbox;
194 endif;
195 endform;
196
197 //
198 // ##4 Form: 'Enroll PK'
199 //
200 form formid = FORMID_ENROLL_PK_FORM,
201 title = STRING_TOKEN(STR_ENROLL_PK);
202
203 subtitle text = STRING_TOKEN(STR_NULL);
204
205 goto FORMID_ENROLL_PK_FORM,
206 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
207 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
208 flags = INTERACTIVE,
209 key = FORMID_ENROLL_PK_FORM;
210
211 subtitle text = STRING_TOKEN(STR_NULL);
212 label FORMID_ENROLL_PK_FORM;
213 label LABEL_END;
214 subtitle text = STRING_TOKEN(STR_NULL);
215
216 goto FORMID_SECURE_BOOT_OPTION_FORM,
217 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
218 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
219 flags = INTERACTIVE| RESET_REQUIRED,
220 key = KEY_VALUE_SAVE_AND_EXIT_PK;
221
222 goto FORMID_SECURE_BOOT_OPTION_FORM,
223 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
224 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
225 flags = INTERACTIVE,
226 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
227
228 endform;
229
230 //
231 // ##5 Form: 'KEK Options'
232 //
233 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
234 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
235
236 //
237 // Display of 'Enroll KEK'
238 //
239 goto FORMID_ENROLL_KEK_FORM,
240 prompt = STRING_TOKEN(STR_ENROLL_KEK),
241 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
242 flags = INTERACTIVE;
243
244 subtitle text = STRING_TOKEN(STR_NULL);
245
246 //
247 // Display of 'Delete KEK'
248 //
249 goto FORMID_DELETE_KEK_FORM,
250 prompt = STRING_TOKEN(STR_DELETE_KEK),
251 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
252 flags = INTERACTIVE,
253 key = KEY_DELETE_KEK;
254
255 subtitle text = STRING_TOKEN(STR_NULL);
256 endform;
257
258 //
259 // ##6 Form: 'Enroll KEK'
260 //
261 form formid = FORMID_ENROLL_KEK_FORM,
262 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
263
264 subtitle text = STRING_TOKEN(STR_NULL);
265
266 goto FORMID_ENROLL_KEK_FORM,
267 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
268 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
269 flags = INTERACTIVE,
270 key = FORMID_ENROLL_KEK_FORM;
271
272 subtitle text = STRING_TOKEN(STR_NULL);
273 label FORMID_ENROLL_KEK_FORM;
274 label LABEL_END;
275 subtitle text = STRING_TOKEN(STR_NULL);
276
277 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
278 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
279 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
280 flags = INTERACTIVE,
281 key = KEY_SECURE_BOOT_KEK_GUID,
282 minsize = SECURE_BOOT_GUID_SIZE,
283 maxsize = SECURE_BOOT_GUID_SIZE,
284 endstring;
285
286 subtitle text = STRING_TOKEN(STR_NULL);
287 subtitle text = STRING_TOKEN(STR_NULL);
288
289 goto FORMID_SECURE_BOOT_OPTION_FORM,
290 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
291 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
292 flags = INTERACTIVE,
293 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
294
295 goto FORMID_SECURE_BOOT_OPTION_FORM,
296 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
297 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
298 flags = INTERACTIVE,
299 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
300
301 endform;
302
303 //
304 // ##7 Form: 'Delete KEK'
305 //
306 form formid = FORMID_DELETE_KEK_FORM,
307 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
308
309 label LABEL_KEK_DELETE;
310 label LABEL_END;
311
312 subtitle text = STRING_TOKEN(STR_NULL);
313
314 endform;
315
316 //
317 // ##8 Form: 'DB Options'
318 //
319 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
320 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
321
322 subtitle text = STRING_TOKEN(STR_NULL);
323
324 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
325 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
326 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
327 flags = 0;
328
329 subtitle text = STRING_TOKEN(STR_NULL);
330
331 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
332 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
333 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
334 flags = INTERACTIVE,
335 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
336
337 endform;
338
339 //
340 // ##9 Form: 'DBX Options'
341 //
342 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
343 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
344
345 subtitle text = STRING_TOKEN(STR_NULL);
346
347 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
348 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
349 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
350 flags = 0;
351
352 subtitle text = STRING_TOKEN(STR_NULL);
353
354 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
355 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
356 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
357 flags = INTERACTIVE,
358 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
359
360 endform;
361
362 //
363 // ##9 Form: 'DBT Options'
364 //
365 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
366 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
367
368 subtitle text = STRING_TOKEN(STR_NULL);
369
370 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
371 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
372 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
373 flags = 0;
374
375 subtitle text = STRING_TOKEN(STR_NULL);
376
377 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
378 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
379 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
380 flags = INTERACTIVE,
381 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
382
383 endform;
384
385 //
386 // Form: 'Delete Signature' for DB Options.
387 //
388 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
389 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
390
391 label LABEL_DB_DELETE;
392 label LABEL_END;
393 subtitle text = STRING_TOKEN(STR_NULL);
394
395 endform;
396
397 //
398 // Form: 'Delete Signature' for DBX Options.
399 //
400 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
401 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
402
403 label LABEL_DBX_DELETE;
404 label LABEL_END;
405 subtitle text = STRING_TOKEN(STR_NULL);
406
407 endform;
408
409 //
410 // Form: 'Delete Signature' for DBT Options.
411 //
412 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
413 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
414
415 label LABEL_DBT_DELETE;
416 label LABEL_END;
417 subtitle text = STRING_TOKEN(STR_NULL);
418
419 endform;
420
421 //
422 // Form: 'Enroll Signature' for DB options.
423 //
424 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
425 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
426
427 subtitle text = STRING_TOKEN(STR_NULL);
428
429 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
430 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
431 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
432 flags = INTERACTIVE,
433 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
434
435 subtitle text = STRING_TOKEN(STR_NULL);
436 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
437 label LABEL_END;
438 subtitle text = STRING_TOKEN(STR_NULL);
439
440 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
441 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
442 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
443 flags = INTERACTIVE,
444 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
445 minsize = SECURE_BOOT_GUID_SIZE,
446 maxsize = SECURE_BOOT_GUID_SIZE,
447 endstring;
448
449 subtitle text = STRING_TOKEN(STR_NULL);
450 subtitle text = STRING_TOKEN(STR_NULL);
451
452 goto FORMID_SECURE_BOOT_OPTION_FORM,
453 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
454 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
455 flags = INTERACTIVE,
456 key = KEY_VALUE_SAVE_AND_EXIT_DB;
457
458 goto FORMID_SECURE_BOOT_OPTION_FORM,
459 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
460 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
461 flags = INTERACTIVE,
462 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
463
464 endform;
465
466 //
467 // Form: 'Enroll Signature' for DBX options.
468 //
469 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
470 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
471
472 subtitle text = STRING_TOKEN(STR_NULL);
473
474 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
475 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
476 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
477 flags = INTERACTIVE,
478 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
479
480 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
481 label LABEL_END;
482 subtitle text = STRING_TOKEN(STR_NULL);
483
484 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
485 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
486 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
487 flags = INTERACTIVE,
488 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
489 minsize = SECURE_BOOT_GUID_SIZE,
490 maxsize = SECURE_BOOT_GUID_SIZE,
491 endstring;
492
493 oneof name = SignatureFormatInDbx,
494 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
495 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
496 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
497 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;
498 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;
499 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;
500 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;
501 endoneof;
502
503 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;
504 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
505 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
506 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
507 flags = INTERACTIVE,
508 endcheckbox;
509
510 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
511 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
512 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
513 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
514 flags = STORAGE_NORMAL,
515 enddate;
516
517 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
518 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
519 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
520 flags = STORAGE_NORMAL,
521 endtime;
522 endif;
523 endif;
524
525 subtitle text = STRING_TOKEN(STR_NULL);
526 subtitle text = STRING_TOKEN(STR_NULL);
527
528 goto FORMID_SECURE_BOOT_OPTION_FORM,
529 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
530 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
531 flags = INTERACTIVE,
532 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
533
534 goto FORMID_SECURE_BOOT_OPTION_FORM,
535 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
536 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
537 flags = INTERACTIVE,
538 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
539
540 endform;
541
542 //
543 // Form: 'Enroll Signature' for DBT options.
544 //
545 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
546 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
547
548 subtitle text = STRING_TOKEN(STR_NULL);
549
550 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
551 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
552 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
553 flags = INTERACTIVE,
554 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
555
556 subtitle text = STRING_TOKEN(STR_NULL);
557 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
558 label LABEL_END;
559 subtitle text = STRING_TOKEN(STR_NULL);
560
561 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
562 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
563 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
564 flags = INTERACTIVE,
565 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
566 minsize = SECURE_BOOT_GUID_SIZE,
567 maxsize = SECURE_BOOT_GUID_SIZE,
568 endstring;
569
570 subtitle text = STRING_TOKEN(STR_NULL);
571 subtitle text = STRING_TOKEN(STR_NULL);
572
573 goto FORMID_SECURE_BOOT_OPTION_FORM,
574 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
575 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
576 flags = INTERACTIVE,
577 key = KEY_VALUE_SAVE_AND_EXIT_DBT;
578
579 goto FORMID_SECURE_BOOT_OPTION_FORM,
580 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
581 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
582 flags = INTERACTIVE,
583 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
584
585 endform;
586
587 endformset;
EFI Development Kit II mirror for PVE