]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blob
? search:


fa7e11848cc9e546c4b40c7815bc7eacba57eea0
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
1 /** @file
2 VFR file used by the SecureBoot configuration component.
3
4 Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
6
7 **/
8
9 #include "SecureBootConfigNvData.h"
10
11 formset
12 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
13 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
14 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
15 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
16
17 varstore SECUREBOOT_CONFIGURATION,
18 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
19 name = SECUREBOOT_CONFIGURATION,
20 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
21
22 //
23 // ##1 Form "Secure Boot Configuration"
24 //
25 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
26 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
27
28 subtitle text = STRING_TOKEN(STR_NULL);
29
30 text
31 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
32 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
33 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
34
35 //
36 // Display of Check Box: Attempt Secure Boot
37 //
38 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
39 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
40 questionid = KEY_SECURE_BOOT_ENABLE,
41 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
42 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
43 flags = INTERACTIVE | RESET_REQUIRED,
44 endcheckbox;
45 endif;
46
47 //
48 // Display of Oneof: 'Secure Boot Mode'
49 //
50 oneof name = SecureBootMode,
51 questionid = KEY_SECURE_BOOT_MODE,
52 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
53 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
54 flags = INTERACTIVE | NUMERIC_SIZE_1,
55 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
56 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
57 endoneof;
58
59 //
60 // Display of 'Current Secure Boot Mode'
61 //
62 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
63 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
64 goto FORMID_SECURE_BOOT_OPTION_FORM,
65 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
66 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
67 flags = INTERACTIVE,
68 key = KEY_SECURE_BOOT_OPTION;
69 endif;
70 endif;
71
72 endform;
73
74 //
75 // ##2 Form: 'Custom Secure Boot Options'
76 //
77 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
78 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
79
80 subtitle text = STRING_TOKEN(STR_NULL);
81
82 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
83 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
84 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
85 flags = INTERACTIVE,
86 key = KEY_SECURE_BOOT_PK_OPTION;
87
88 subtitle text = STRING_TOKEN(STR_NULL);
89
90 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
91 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
92 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
93 flags = INTERACTIVE,
94 key = KEY_SECURE_BOOT_KEK_OPTION;
95
96 subtitle text = STRING_TOKEN(STR_NULL);
97
98 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
99 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
100 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
101 flags = INTERACTIVE,
102 key = KEY_SECURE_BOOT_DB_OPTION;
103
104 subtitle text = STRING_TOKEN(STR_NULL);
105
106 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
107 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
108 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
109 flags = INTERACTIVE,
110 key = KEY_SECURE_BOOT_DBX_OPTION;
111
112 subtitle text = STRING_TOKEN(STR_NULL);
113
114 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
115 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
116 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
117 flags = INTERACTIVE,
118 key = KEY_SECURE_BOOT_DBT_OPTION;
119
120 endform;
121
122 //
123 // ##3 Form: 'PK Options'
124 //
125 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
126 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
127
128 subtitle text = STRING_TOKEN(STR_NULL);
129
130 //
131 // Display of 'Enroll PK'
132 //
133 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
134 goto FORMID_ENROLL_PK_FORM,
135 prompt = STRING_TOKEN(STR_ENROLL_PK),
136 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
137 flags = INTERACTIVE,
138 key = KEY_ENROLL_PK;
139 endif;
140
141 subtitle text = STRING_TOKEN(STR_NULL);
142
143 //
144 // Display of Check Box: 'Delete Pk'
145 //
146 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
147 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
148 questionid = KEY_SECURE_BOOT_DELETE_PK,
149 prompt = STRING_TOKEN(STR_DELETE_PK),
150 help = STRING_TOKEN(STR_DELETE_PK_HELP),
151 flags = INTERACTIVE | RESET_REQUIRED,
152 endcheckbox;
153 endif;
154 endform;
155
156 //
157 // ##4 Form: 'Enroll PK'
158 //
159 form formid = FORMID_ENROLL_PK_FORM,
160 title = STRING_TOKEN(STR_ENROLL_PK);
161
162 subtitle text = STRING_TOKEN(STR_NULL);
163
164 goto FORMID_ENROLL_PK_FORM,
165 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
166 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
167 flags = INTERACTIVE,
168 key = FORMID_ENROLL_PK_FORM;
169
170 subtitle text = STRING_TOKEN(STR_NULL);
171 label FORMID_ENROLL_PK_FORM;
172 label LABEL_END;
173 subtitle text = STRING_TOKEN(STR_NULL);
174
175 goto FORMID_SECURE_BOOT_OPTION_FORM,
176 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
177 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
178 flags = INTERACTIVE| RESET_REQUIRED,
179 key = KEY_VALUE_SAVE_AND_EXIT_PK;
180
181 goto FORMID_SECURE_BOOT_OPTION_FORM,
182 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
183 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
184 flags = INTERACTIVE,
185 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
186
187 endform;
188
189 //
190 // ##5 Form: 'KEK Options'
191 //
192 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
193 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
194
195 //
196 // Display of 'Enroll KEK'
197 //
198 goto FORMID_ENROLL_KEK_FORM,
199 prompt = STRING_TOKEN(STR_ENROLL_KEK),
200 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
201 flags = INTERACTIVE;
202
203 subtitle text = STRING_TOKEN(STR_NULL);
204
205 //
206 // Display of 'Delete KEK'
207 //
208 goto FORMID_DELETE_KEK_FORM,
209 prompt = STRING_TOKEN(STR_DELETE_KEK),
210 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
211 flags = INTERACTIVE,
212 key = KEY_DELETE_KEK;
213
214 subtitle text = STRING_TOKEN(STR_NULL);
215 endform;
216
217 //
218 // ##6 Form: 'Enroll KEK'
219 //
220 form formid = FORMID_ENROLL_KEK_FORM,
221 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
222
223 subtitle text = STRING_TOKEN(STR_NULL);
224
225 goto FORMID_ENROLL_KEK_FORM,
226 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
227 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
228 flags = INTERACTIVE,
229 key = FORMID_ENROLL_KEK_FORM;
230
231 subtitle text = STRING_TOKEN(STR_NULL);
232 label FORMID_ENROLL_KEK_FORM;
233 label LABEL_END;
234 subtitle text = STRING_TOKEN(STR_NULL);
235
236 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
237 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
238 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
239 flags = INTERACTIVE,
240 key = KEY_SECURE_BOOT_KEK_GUID,
241 minsize = SECURE_BOOT_GUID_SIZE,
242 maxsize = SECURE_BOOT_GUID_SIZE,
243 endstring;
244
245 subtitle text = STRING_TOKEN(STR_NULL);
246 subtitle text = STRING_TOKEN(STR_NULL);
247
248 goto FORMID_SECURE_BOOT_OPTION_FORM,
249 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
250 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
251 flags = INTERACTIVE,
252 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
253
254 goto FORMID_SECURE_BOOT_OPTION_FORM,
255 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
256 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
257 flags = INTERACTIVE,
258 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
259
260 endform;
261
262 //
263 // ##7 Form: 'Delete KEK'
264 //
265 form formid = FORMID_DELETE_KEK_FORM,
266 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
267
268 label LABEL_KEK_DELETE;
269 label LABEL_END;
270
271 subtitle text = STRING_TOKEN(STR_NULL);
272
273 endform;
274
275 //
276 // ##8 Form: 'DB Options'
277 //
278 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
279 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
280
281 subtitle text = STRING_TOKEN(STR_NULL);
282
283 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
284 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
285 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
286 flags = 0;
287
288 subtitle text = STRING_TOKEN(STR_NULL);
289
290 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
291 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
292 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
293 flags = INTERACTIVE,
294 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
295
296 endform;
297
298 //
299 // ##9 Form: 'DBX Options'
300 //
301 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
302 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
303
304 subtitle text = STRING_TOKEN(STR_NULL);
305
306 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
307 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
308 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
309 flags = 0;
310
311 subtitle text = STRING_TOKEN(STR_NULL);
312
313 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
314 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
315 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
316 flags = INTERACTIVE,
317 key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;
318
319 endform;
320
321 //
322 // ##9 Form: 'DBT Options'
323 //
324 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
325 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
326
327 subtitle text = STRING_TOKEN(STR_NULL);
328
329 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
330 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
331 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
332 flags = 0;
333
334 subtitle text = STRING_TOKEN(STR_NULL);
335
336 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
337 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
338 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
339 flags = INTERACTIVE,
340 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
341
342 endform;
343
344 //
345 // Form: 'Delete Signature' for DB Options.
346 //
347 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
348 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
349
350 label LABEL_DB_DELETE;
351 label LABEL_END;
352 subtitle text = STRING_TOKEN(STR_NULL);
353
354 endform;
355
356 //
357 // Form: Display Signature List.
358 //
359 form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
360 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);
361
362 subtitle text = STRING_TOKEN(STR_NULL);
363
364 grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;
365 label LABEL_DELETE_ALL_LIST_BUTTON;
366 //
367 // Will create a goto button dynamically here.
368 //
369 label LABEL_END;
370 endif;
371
372 subtitle text = STRING_TOKEN(STR_NULL);
373 label LABEL_SIGNATURE_LIST_START;
374 label LABEL_END;
375 subtitle text = STRING_TOKEN(STR_NULL);
376
377 endform;
378
379 //
380 // Form: Display Signature Data.
381 //
382 form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
383 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);
384
385 subtitle text = STRING_TOKEN(STR_NULL);
386
387 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
388 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),
389 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),
390 flags = INTERACTIVE,
391 key = KEY_SECURE_BOOT_DELETE_ALL_DATA;
392
393 grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;
394 goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
395 prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),
396 help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),
397 flags = INTERACTIVE,
398 key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;
399 endif;
400
401 subtitle text = STRING_TOKEN(STR_NULL);
402 label LABEL_SIGNATURE_DATA_START;
403 label LABEL_END;
404 subtitle text = STRING_TOKEN(STR_NULL);
405
406 endform;
407
408
409 //
410 // Form: 'Delete Signature' for DBT Options.
411 //
412 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
413 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
414
415 label LABEL_DBT_DELETE;
416 label LABEL_END;
417 subtitle text = STRING_TOKEN(STR_NULL);
418
419 endform;
420
421 //
422 // Form: 'Enroll Signature' for DB options.
423 //
424 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
425 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
426
427 subtitle text = STRING_TOKEN(STR_NULL);
428
429 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
430 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
431 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
432 flags = INTERACTIVE,
433 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
434
435 subtitle text = STRING_TOKEN(STR_NULL);
436 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
437 label LABEL_END;
438 subtitle text = STRING_TOKEN(STR_NULL);
439
440 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
441 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
442 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
443 flags = INTERACTIVE,
444 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
445 minsize = SECURE_BOOT_GUID_SIZE,
446 maxsize = SECURE_BOOT_GUID_SIZE,
447 endstring;
448
449 subtitle text = STRING_TOKEN(STR_NULL);
450 subtitle text = STRING_TOKEN(STR_NULL);
451
452 goto FORMID_SECURE_BOOT_OPTION_FORM,
453 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
454 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
455 flags = INTERACTIVE,
456 key = KEY_VALUE_SAVE_AND_EXIT_DB;
457
458 goto FORMID_SECURE_BOOT_OPTION_FORM,
459 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
460 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
461 flags = INTERACTIVE,
462 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
463
464 endform;
465
466 //
467 // Form: 'Enroll Signature' for DBX options.
468 //
469 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
470 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
471
472 subtitle text = STRING_TOKEN(STR_NULL);
473
474 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
475 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
476 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
477 flags = INTERACTIVE,
478 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
479
480 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
481 label LABEL_END;
482 subtitle text = STRING_TOKEN(STR_NULL);
483
484 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
485 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
486 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
487 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
488 flags = INTERACTIVE,
489 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
490 minsize = SECURE_BOOT_GUID_SIZE,
491 maxsize = SECURE_BOOT_GUID_SIZE,
492 endstring;
493 endif;
494
495 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;
496 oneof name = X509SignatureFormatInDbx,
497 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
498 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
499 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
500 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;
501 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;
502 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;
503 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;
504 endoneof;
505 endif;
506
507 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;
508 text
509 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string
510 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
511 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type
512 endif;
513
514 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
515 text
516 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string
517 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
518 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type
519 endif;
520
521 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;
522 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
523 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
524 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
525 flags = INTERACTIVE,
526 endcheckbox;
527
528 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
529 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
530 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
531 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
532 flags = STORAGE_NORMAL,
533 enddate;
534
535 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
536 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
537 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
538 flags = STORAGE_NORMAL,
539 endtime;
540 endif;
541 endif;
542
543 subtitle text = STRING_TOKEN(STR_NULL);
544 subtitle text = STRING_TOKEN(STR_NULL);
545
546 goto FORMID_SECURE_BOOT_OPTION_FORM,
547 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
548 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
549 flags = INTERACTIVE,
550 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
551
552 goto FORMID_SECURE_BOOT_OPTION_FORM,
553 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
554 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
555 flags = INTERACTIVE,
556 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
557
558 endform;
559
560 //
561 // Form: 'Enroll Signature' for DBT options.
562 //
563 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
564 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
565
566 subtitle text = STRING_TOKEN(STR_NULL);
567
568 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
569 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
570 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
571 flags = INTERACTIVE,
572 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
573
574 subtitle text = STRING_TOKEN(STR_NULL);
575 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
576 label LABEL_END;
577 subtitle text = STRING_TOKEN(STR_NULL);
578
579 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
580 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
581 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
582 flags = INTERACTIVE,
583 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
584 minsize = SECURE_BOOT_GUID_SIZE,
585 maxsize = SECURE_BOOT_GUID_SIZE,
586 endstring;
587
588 subtitle text = STRING_TOKEN(STR_NULL);
589 subtitle text = STRING_TOKEN(STR_NULL);
590
591 goto FORMID_SECURE_BOOT_OPTION_FORM,
592 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
593 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
594 flags = INTERACTIVE,
595 key = KEY_VALUE_SAVE_AND_EXIT_DBT;
596
597 goto FORMID_SECURE_BOOT_OPTION_FORM,
598 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
599 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
600 flags = INTERACTIVE,
601 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
602
603 endform;
604
605 endformset;
EFI Development Kit II mirror for PVE