2 VFR file used by the SecureBoot configuration component.
4 Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include "SecureBootConfigNvData.h"
12 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
13 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
14 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
15 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
17 varstore SECUREBOOT_CONFIGURATION,
18 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
19 name = SECUREBOOT_CONFIGURATION,
20 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
23 // ##1 Form "Secure Boot Configuration"
25 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
26 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
28 subtitle text = STRING_TOKEN(STR_NULL);
31 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
32 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
33 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
36 // Display of Check Box: Attempt Secure Boot
38 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
39 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
40 questionid = KEY_SECURE_BOOT_ENABLE,
41 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
42 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
43 flags = INTERACTIVE | RESET_REQUIRED,
48 // Display of Oneof: 'Secure Boot Mode'
50 oneof name = SecureBootMode,
51 questionid = KEY_SECURE_BOOT_MODE,
52 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
53 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
54 flags = INTERACTIVE | NUMERIC_SIZE_1,
55 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
56 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
60 // Display of 'Current Secure Boot Mode'
62 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
63 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
64 goto FORMID_SECURE_BOOT_OPTION_FORM,
65 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
66 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
68 key = KEY_SECURE_BOOT_OPTION;
75 // ##2 Form: 'Custom Secure Boot Options'
77 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
78 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
80 subtitle text = STRING_TOKEN(STR_NULL);
82 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
83 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
84 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
86 key = KEY_SECURE_BOOT_PK_OPTION;
88 subtitle text = STRING_TOKEN(STR_NULL);
90 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
91 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
92 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
94 key = KEY_SECURE_BOOT_KEK_OPTION;
96 subtitle text = STRING_TOKEN(STR_NULL);
98 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
99 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
100 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
102 key = KEY_SECURE_BOOT_DB_OPTION;
104 subtitle text = STRING_TOKEN(STR_NULL);
106 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
107 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
108 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
110 key = KEY_SECURE_BOOT_DBX_OPTION;
112 subtitle text = STRING_TOKEN(STR_NULL);
114 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
115 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
116 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
118 key = KEY_SECURE_BOOT_DBT_OPTION;
123 // ##3 Form: 'PK Options'
125 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
126 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
128 subtitle text = STRING_TOKEN(STR_NULL);
131 // Display of 'Enroll PK'
133 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
134 goto FORMID_ENROLL_PK_FORM,
135 prompt = STRING_TOKEN(STR_ENROLL_PK),
136 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
141 subtitle text = STRING_TOKEN(STR_NULL);
144 // Display of Check Box: 'Delete Pk'
146 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
147 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
148 questionid = KEY_SECURE_BOOT_DELETE_PK,
149 prompt = STRING_TOKEN(STR_DELETE_PK),
150 help = STRING_TOKEN(STR_DELETE_PK_HELP),
151 flags = INTERACTIVE | RESET_REQUIRED,
157 // ##4 Form: 'Enroll PK'
159 form formid = FORMID_ENROLL_PK_FORM,
160 title = STRING_TOKEN(STR_ENROLL_PK);
162 subtitle text = STRING_TOKEN(STR_NULL);
164 goto FORMID_ENROLL_PK_FORM,
165 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
166 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
168 key = FORMID_ENROLL_PK_FORM;
170 subtitle text = STRING_TOKEN(STR_NULL);
171 label FORMID_ENROLL_PK_FORM;
173 subtitle text = STRING_TOKEN(STR_NULL);
175 goto FORMID_SECURE_BOOT_OPTION_FORM,
176 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
177 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
178 flags = INTERACTIVE| RESET_REQUIRED,
179 key = KEY_VALUE_SAVE_AND_EXIT_PK;
181 goto FORMID_SECURE_BOOT_OPTION_FORM,
182 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
183 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
185 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
190 // ##5 Form: 'KEK Options'
192 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
193 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
196 // Display of 'Enroll KEK'
198 goto FORMID_ENROLL_KEK_FORM,
199 prompt = STRING_TOKEN(STR_ENROLL_KEK),
200 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
203 subtitle text = STRING_TOKEN(STR_NULL);
206 // Display of 'Delete KEK'
208 goto FORMID_DELETE_KEK_FORM,
209 prompt = STRING_TOKEN(STR_DELETE_KEK),
210 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
212 key = KEY_DELETE_KEK;
214 subtitle text = STRING_TOKEN(STR_NULL);
218 // ##6 Form: 'Enroll KEK'
220 form formid = FORMID_ENROLL_KEK_FORM,
221 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
223 subtitle text = STRING_TOKEN(STR_NULL);
225 goto FORMID_ENROLL_KEK_FORM,
226 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
227 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
229 key = FORMID_ENROLL_KEK_FORM;
231 subtitle text = STRING_TOKEN(STR_NULL);
232 label FORMID_ENROLL_KEK_FORM;
234 subtitle text = STRING_TOKEN(STR_NULL);
236 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
237 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
238 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
240 key = KEY_SECURE_BOOT_KEK_GUID,
241 minsize = SECURE_BOOT_GUID_SIZE,
242 maxsize = SECURE_BOOT_GUID_SIZE,
245 subtitle text = STRING_TOKEN(STR_NULL);
246 subtitle text = STRING_TOKEN(STR_NULL);
248 goto FORMID_SECURE_BOOT_OPTION_FORM,
249 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
250 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
252 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
254 goto FORMID_SECURE_BOOT_OPTION_FORM,
255 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
256 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
258 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
263 // ##7 Form: 'Delete KEK'
265 form formid = FORMID_DELETE_KEK_FORM,
266 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
268 label LABEL_KEK_DELETE;
271 subtitle text = STRING_TOKEN(STR_NULL);
276 // ##8 Form: 'DB Options'
278 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
279 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
281 subtitle text = STRING_TOKEN(STR_NULL);
283 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
284 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
285 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
288 subtitle text = STRING_TOKEN(STR_NULL);
290 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
291 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
292 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
294 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
299 // ##9 Form: 'DBX Options'
301 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
302 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
304 subtitle text = STRING_TOKEN(STR_NULL);
306 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
307 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
308 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
311 subtitle text = STRING_TOKEN(STR_NULL);
313 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
314 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
315 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
317 key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;
322 // ##9 Form: 'DBT Options'
324 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
325 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
327 subtitle text = STRING_TOKEN(STR_NULL);
329 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
330 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
331 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
334 subtitle text = STRING_TOKEN(STR_NULL);
336 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
337 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
338 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
340 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
345 // Form: 'Delete Signature' for DB Options.
347 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
348 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
350 label LABEL_DB_DELETE;
352 subtitle text = STRING_TOKEN(STR_NULL);
357 // Form: Display Signature List.
359 form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
360 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);
362 subtitle text = STRING_TOKEN(STR_NULL);
364 grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;
365 label LABEL_DELETE_ALL_LIST_BUTTON;
367 // Will create a goto button dynamically here.
372 subtitle text = STRING_TOKEN(STR_NULL);
373 label LABEL_SIGNATURE_LIST_START;
375 subtitle text = STRING_TOKEN(STR_NULL);
380 // Form: Display Signature Data.
382 form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
383 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);
385 subtitle text = STRING_TOKEN(STR_NULL);
387 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
388 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),
389 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),
391 key = KEY_SECURE_BOOT_DELETE_ALL_DATA;
393 grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;
394 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
395 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),
396 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),
398 key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;
401 subtitle text = STRING_TOKEN(STR_NULL);
402 label LABEL_SIGNATURE_DATA_START;
404 subtitle text = STRING_TOKEN(STR_NULL);
410 // Form: 'Delete Signature' for DBT Options.
412 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
413 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
415 label LABEL_DBT_DELETE;
417 subtitle text = STRING_TOKEN(STR_NULL);
422 // Form: 'Enroll Signature' for DB options.
424 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
425 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
427 subtitle text = STRING_TOKEN(STR_NULL);
429 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
430 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
431 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
433 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
435 subtitle text = STRING_TOKEN(STR_NULL);
436 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
438 subtitle text = STRING_TOKEN(STR_NULL);
440 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
441 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
442 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
444 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
445 minsize = SECURE_BOOT_GUID_SIZE,
446 maxsize = SECURE_BOOT_GUID_SIZE,
449 subtitle text = STRING_TOKEN(STR_NULL);
450 subtitle text = STRING_TOKEN(STR_NULL);
452 goto FORMID_SECURE_BOOT_OPTION_FORM,
453 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
454 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
456 key = KEY_VALUE_SAVE_AND_EXIT_DB;
458 goto FORMID_SECURE_BOOT_OPTION_FORM,
459 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
460 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
462 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
467 // Form: 'Enroll Signature' for DBX options.
469 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
470 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
472 subtitle text = STRING_TOKEN(STR_NULL);
474 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
475 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
476 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
478 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
480 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
482 subtitle text = STRING_TOKEN(STR_NULL);
484 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
485 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
486 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
487 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
489 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
490 minsize = SECURE_BOOT_GUID_SIZE,
491 maxsize = SECURE_BOOT_GUID_SIZE,
495 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;
496 oneof name = X509SignatureFormatInDbx,
497 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
498 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
499 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
500 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;
501 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;
502 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;
503 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;
507 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;
509 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string
510 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
511 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type
514 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
516 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string
517 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
518 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type
521 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;
522 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
523 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
524 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
528 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
529 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
530 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
531 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
532 flags = STORAGE_NORMAL,
535 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
536 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
537 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
538 flags = STORAGE_NORMAL,
543 subtitle text = STRING_TOKEN(STR_NULL);
544 subtitle text = STRING_TOKEN(STR_NULL);
546 goto FORMID_SECURE_BOOT_OPTION_FORM,
547 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
548 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
550 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
552 goto FORMID_SECURE_BOOT_OPTION_FORM,
553 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
554 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
556 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
561 // Form: 'Enroll Signature' for DBT options.
563 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
564 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
566 subtitle text = STRING_TOKEN(STR_NULL);
568 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
569 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
570 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
572 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
574 subtitle text = STRING_TOKEN(STR_NULL);
575 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
577 subtitle text = STRING_TOKEN(STR_NULL);
579 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
580 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
581 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
583 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
584 minsize = SECURE_BOOT_GUID_SIZE,
585 maxsize = SECURE_BOOT_GUID_SIZE,
588 subtitle text = STRING_TOKEN(STR_NULL);
589 subtitle text = STRING_TOKEN(STR_NULL);
591 goto FORMID_SECURE_BOOT_OPTION_FORM,
592 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
593 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
595 key = KEY_VALUE_SAVE_AND_EXIT_DBT;
597 goto FORMID_SECURE_BOOT_OPTION_FORM,
598 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
599 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
601 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;