6f46d910333c9185f8dc380a736db516b5a7abb6
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
1 /** @file
2 VFR file used by the SecureBoot configuration component.
3
4 Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "SecureBootConfigNvData.h"
16
17 formset
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
22
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
27
28 //
29 // ##1 Form "Secure Boot Configuration"
30 //
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
33
34 subtitle text = STRING_TOKEN(STR_NULL);
35
36 text
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
40
41 //
42 // Display of Check Box: Attempt Secure Boot
43 //
44 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
45 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
46 questionid = KEY_SECURE_BOOT_ENABLE,
47 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
48 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
49 flags = INTERACTIVE | RESET_REQUIRED,
50 endcheckbox;
51 endif;
52
53 //
54 // Display of Oneof: 'Secure Boot Mode'
55 //
56 oneof name = SecureBootMode,
57 questionid = KEY_SECURE_BOOT_MODE,
58 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
59 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
60 flags = INTERACTIVE | NUMERIC_SIZE_1,
61 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
62 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
63 endoneof;
64
65 //
66 // Display of 'Current Secure Boot Mode'
67 //
68 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
69 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
70 goto FORMID_SECURE_BOOT_OPTION_FORM,
71 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
72 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
73 flags = INTERACTIVE,
74 key = KEY_SECURE_BOOT_OPTION;
75 endif;
76 endif;
77
78 endform;
79
80 //
81 // ##2 Form: 'Custom Secure Boot Options'
82 //
83 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
84 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
85
86 subtitle text = STRING_TOKEN(STR_NULL);
87
88 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
89 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
90 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
91 flags = INTERACTIVE,
92 key = KEY_SECURE_BOOT_PK_OPTION;
93
94 subtitle text = STRING_TOKEN(STR_NULL);
95
96 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
97 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
98 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
99 flags = INTERACTIVE,
100 key = KEY_SECURE_BOOT_KEK_OPTION;
101
102 subtitle text = STRING_TOKEN(STR_NULL);
103
104 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
105 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
106 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
107 flags = INTERACTIVE,
108 key = KEY_SECURE_BOOT_DB_OPTION;
109
110 subtitle text = STRING_TOKEN(STR_NULL);
111
112 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
113 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
114 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
115 flags = INTERACTIVE,
116 key = KEY_SECURE_BOOT_DBX_OPTION;
117
118 subtitle text = STRING_TOKEN(STR_NULL);
119
120 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
121 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
122 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
123 flags = INTERACTIVE,
124 key = KEY_SECURE_BOOT_DBT_OPTION;
125
126 endform;
127
128 //
129 // ##3 Form: 'PK Options'
130 //
131 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
132 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
133
134 subtitle text = STRING_TOKEN(STR_NULL);
135
136 //
137 // Display of 'Enroll PK'
138 //
139 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
140 goto FORMID_ENROLL_PK_FORM,
141 prompt = STRING_TOKEN(STR_ENROLL_PK),
142 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
143 flags = INTERACTIVE,
144 key = KEY_ENROLL_PK;
145 endif;
146
147 subtitle text = STRING_TOKEN(STR_NULL);
148
149 //
150 // Display of Check Box: 'Delete Pk'
151 //
152 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
153 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
154 questionid = KEY_SECURE_BOOT_DELETE_PK,
155 prompt = STRING_TOKEN(STR_DELETE_PK),
156 help = STRING_TOKEN(STR_DELETE_PK_HELP),
157 flags = INTERACTIVE | RESET_REQUIRED,
158 endcheckbox;
159 endif;
160 endform;
161
162 //
163 // ##4 Form: 'Enroll PK'
164 //
165 form formid = FORMID_ENROLL_PK_FORM,
166 title = STRING_TOKEN(STR_ENROLL_PK);
167
168 subtitle text = STRING_TOKEN(STR_NULL);
169
170 goto FORMID_ENROLL_PK_FORM,
171 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
172 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
173 flags = INTERACTIVE,
174 key = FORMID_ENROLL_PK_FORM;
175
176 subtitle text = STRING_TOKEN(STR_NULL);
177 label FORMID_ENROLL_PK_FORM;
178 label LABEL_END;
179 subtitle text = STRING_TOKEN(STR_NULL);
180
181 goto FORMID_SECURE_BOOT_OPTION_FORM,
182 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
183 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
184 flags = INTERACTIVE| RESET_REQUIRED,
185 key = KEY_VALUE_SAVE_AND_EXIT_PK;
186
187 goto FORMID_SECURE_BOOT_OPTION_FORM,
188 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
189 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
190 flags = INTERACTIVE,
191 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
192
193 endform;
194
195 //
196 // ##5 Form: 'KEK Options'
197 //
198 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
199 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
200
201 //
202 // Display of 'Enroll KEK'
203 //
204 goto FORMID_ENROLL_KEK_FORM,
205 prompt = STRING_TOKEN(STR_ENROLL_KEK),
206 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
207 flags = INTERACTIVE;
208
209 subtitle text = STRING_TOKEN(STR_NULL);
210
211 //
212 // Display of 'Delete KEK'
213 //
214 goto FORMID_DELETE_KEK_FORM,
215 prompt = STRING_TOKEN(STR_DELETE_KEK),
216 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
217 flags = INTERACTIVE,
218 key = KEY_DELETE_KEK;
219
220 subtitle text = STRING_TOKEN(STR_NULL);
221 endform;
222
223 //
224 // ##6 Form: 'Enroll KEK'
225 //
226 form formid = FORMID_ENROLL_KEK_FORM,
227 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
228
229 subtitle text = STRING_TOKEN(STR_NULL);
230
231 goto FORMID_ENROLL_KEK_FORM,
232 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
233 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
234 flags = INTERACTIVE,
235 key = FORMID_ENROLL_KEK_FORM;
236
237 subtitle text = STRING_TOKEN(STR_NULL);
238 label FORMID_ENROLL_KEK_FORM;
239 label LABEL_END;
240 subtitle text = STRING_TOKEN(STR_NULL);
241
242 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
243 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
244 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
245 flags = INTERACTIVE,
246 key = KEY_SECURE_BOOT_KEK_GUID,
247 minsize = SECURE_BOOT_GUID_SIZE,
248 maxsize = SECURE_BOOT_GUID_SIZE,
249 endstring;
250
251 subtitle text = STRING_TOKEN(STR_NULL);
252 subtitle text = STRING_TOKEN(STR_NULL);
253
254 goto FORMID_SECURE_BOOT_OPTION_FORM,
255 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
256 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
257 flags = INTERACTIVE,
258 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
259
260 goto FORMID_SECURE_BOOT_OPTION_FORM,
261 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
262 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
263 flags = INTERACTIVE,
264 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
265
266 endform;
267
268 //
269 // ##7 Form: 'Delete KEK'
270 //
271 form formid = FORMID_DELETE_KEK_FORM,
272 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
273
274 label LABEL_KEK_DELETE;
275 label LABEL_END;
276
277 subtitle text = STRING_TOKEN(STR_NULL);
278
279 endform;
280
281 //
282 // ##8 Form: 'DB Options'
283 //
284 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
285 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
286
287 subtitle text = STRING_TOKEN(STR_NULL);
288
289 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
290 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
291 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
292 flags = 0;
293
294 subtitle text = STRING_TOKEN(STR_NULL);
295
296 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
297 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
298 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
299 flags = INTERACTIVE,
300 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
301
302 endform;
303
304 //
305 // ##9 Form: 'DBX Options'
306 //
307 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
308 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
309
310 subtitle text = STRING_TOKEN(STR_NULL);
311
312 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
313 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
314 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
315 flags = 0;
316
317 subtitle text = STRING_TOKEN(STR_NULL);
318
319 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
320 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
321 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
322 flags = INTERACTIVE,
323 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
324
325 endform;
326
327 //
328 // ##9 Form: 'DBT Options'
329 //
330 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
331 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
332
333 subtitle text = STRING_TOKEN(STR_NULL);
334
335 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
336 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
337 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
338 flags = 0;
339
340 subtitle text = STRING_TOKEN(STR_NULL);
341
342 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
343 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
344 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
345 flags = INTERACTIVE,
346 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
347
348 endform;
349
350 //
351 // Form: 'Delete Signature' for DB Options.
352 //
353 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
354 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
355
356 label LABEL_DB_DELETE;
357 label LABEL_END;
358 subtitle text = STRING_TOKEN(STR_NULL);
359
360 endform;
361
362 //
363 // Form: 'Delete Signature' for DBX Options.
364 //
365 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
366 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
367
368 label LABEL_DBX_DELETE;
369 label LABEL_END;
370 subtitle text = STRING_TOKEN(STR_NULL);
371
372 endform;
373
374 //
375 // Form: 'Delete Signature' for DBT Options.
376 //
377 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
378 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
379
380 label LABEL_DBT_DELETE;
381 label LABEL_END;
382 subtitle text = STRING_TOKEN(STR_NULL);
383
384 endform;
385
386 //
387 // Form: 'Enroll Signature' for DB options.
388 //
389 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
390 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
391
392 subtitle text = STRING_TOKEN(STR_NULL);
393
394 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
395 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
396 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
397 flags = INTERACTIVE,
398 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
399
400 subtitle text = STRING_TOKEN(STR_NULL);
401 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
402 label LABEL_END;
403 subtitle text = STRING_TOKEN(STR_NULL);
404
405 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
406 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
407 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
408 flags = INTERACTIVE,
409 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
410 minsize = SECURE_BOOT_GUID_SIZE,
411 maxsize = SECURE_BOOT_GUID_SIZE,
412 endstring;
413
414 subtitle text = STRING_TOKEN(STR_NULL);
415 subtitle text = STRING_TOKEN(STR_NULL);
416
417 goto FORMID_SECURE_BOOT_OPTION_FORM,
418 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
419 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
420 flags = INTERACTIVE,
421 key = KEY_VALUE_SAVE_AND_EXIT_DB;
422
423 goto FORMID_SECURE_BOOT_OPTION_FORM,
424 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
425 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
426 flags = INTERACTIVE,
427 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
428
429 endform;
430
431 //
432 // Form: 'Enroll Signature' for DBX options.
433 //
434 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
435 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
436
437 subtitle text = STRING_TOKEN(STR_NULL);
438
439 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
440 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
441 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
442 flags = INTERACTIVE,
443 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
444
445 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
446 label LABEL_END;
447 subtitle text = STRING_TOKEN(STR_NULL);
448
449 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
450 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
451 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
452 flags = INTERACTIVE,
453 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
454 minsize = SECURE_BOOT_GUID_SIZE,
455 maxsize = SECURE_BOOT_GUID_SIZE,
456 endstring;
457
458 oneof name = SignatureFormatInDbx,
459 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
460 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
461 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
462 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;
463 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;
464 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;
465 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;
466 endoneof;
467
468 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;
469 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
470 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
471 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
472 flags = INTERACTIVE,
473 endcheckbox;
474
475 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
476 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
477 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
478 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
479 flags = STORAGE_NORMAL,
480 enddate;
481
482 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
483 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
484 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
485 flags = STORAGE_NORMAL,
486 endtime;
487 endif;
488 endif;
489
490 subtitle text = STRING_TOKEN(STR_NULL);
491 subtitle text = STRING_TOKEN(STR_NULL);
492
493 goto FORMID_SECURE_BOOT_OPTION_FORM,
494 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
495 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
496 flags = INTERACTIVE,
497 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
498
499 goto FORMID_SECURE_BOOT_OPTION_FORM,
500 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
501 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
502 flags = INTERACTIVE,
503 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
504
505 endform;
506
507 //
508 // Form: 'Enroll Signature' for DBT options.
509 //
510 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
511 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
512
513 subtitle text = STRING_TOKEN(STR_NULL);
514
515 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
516 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
517 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
518 flags = INTERACTIVE,
519 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
520
521 subtitle text = STRING_TOKEN(STR_NULL);
522 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
523 label LABEL_END;
524 subtitle text = STRING_TOKEN(STR_NULL);
525
526 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
527 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
528 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
529 flags = INTERACTIVE,
530 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
531 minsize = SECURE_BOOT_GUID_SIZE,
532 maxsize = SECURE_BOOT_GUID_SIZE,
533 endstring;
534
535 subtitle text = STRING_TOKEN(STR_NULL);
536 subtitle text = STRING_TOKEN(STR_NULL);
537
538 goto FORMID_SECURE_BOOT_OPTION_FORM,
539 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
540 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
541 flags = INTERACTIVE,
542 key = KEY_VALUE_SAVE_AND_EXIT_DBT;
543
544 goto FORMID_SECURE_BOOT_OPTION_FORM,
545 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
546 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
547 flags = INTERACTIVE,
548 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
549
550 endform;
551
552 endformset;