]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SecurityPkg: SecureBootConfigDxe: Support AUTH_2 enrollment to DBX
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
1 /** @file
2 VFR file used by the SecureBoot configuration component.
3
4 Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "SecureBootConfigNvData.h"
16
17 formset
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
22
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
27
28 //
29 // ##1 Form "Secure Boot Configuration"
30 //
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
33
34 subtitle text = STRING_TOKEN(STR_NULL);
35
36 text
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
40
41 //
42 // Display of Check Box: Attempt Secure Boot
43 //
44 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
45 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
46 questionid = KEY_SECURE_BOOT_ENABLE,
47 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
48 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
49 flags = INTERACTIVE | RESET_REQUIRED,
50 endcheckbox;
51 endif;
52
53 //
54 // Display of Oneof: 'Secure Boot Mode'
55 //
56 oneof name = SecureBootMode,
57 questionid = KEY_SECURE_BOOT_MODE,
58 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
59 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
60 flags = INTERACTIVE | NUMERIC_SIZE_1,
61 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
62 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
63 endoneof;
64
65 //
66 // Display of 'Current Secure Boot Mode'
67 //
68 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
69 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
70 goto FORMID_SECURE_BOOT_OPTION_FORM,
71 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
72 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
73 flags = INTERACTIVE,
74 key = KEY_SECURE_BOOT_OPTION;
75 endif;
76 endif;
77
78 endform;
79
80 //
81 // ##2 Form: 'Custom Secure Boot Options'
82 //
83 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
84 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
85
86 subtitle text = STRING_TOKEN(STR_NULL);
87
88 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
89 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
90 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
91 flags = INTERACTIVE,
92 key = KEY_SECURE_BOOT_PK_OPTION;
93
94 subtitle text = STRING_TOKEN(STR_NULL);
95
96 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
97 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
98 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
99 flags = INTERACTIVE,
100 key = KEY_SECURE_BOOT_KEK_OPTION;
101
102 subtitle text = STRING_TOKEN(STR_NULL);
103
104 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
105 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
106 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
107 flags = INTERACTIVE,
108 key = KEY_SECURE_BOOT_DB_OPTION;
109
110 subtitle text = STRING_TOKEN(STR_NULL);
111
112 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
113 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
114 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
115 flags = INTERACTIVE,
116 key = KEY_SECURE_BOOT_DBX_OPTION;
117
118 subtitle text = STRING_TOKEN(STR_NULL);
119
120 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
121 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
122 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
123 flags = INTERACTIVE,
124 key = KEY_SECURE_BOOT_DBT_OPTION;
125
126 endform;
127
128 //
129 // ##3 Form: 'PK Options'
130 //
131 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
132 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
133
134 subtitle text = STRING_TOKEN(STR_NULL);
135
136 //
137 // Display of 'Enroll PK'
138 //
139 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
140 goto FORMID_ENROLL_PK_FORM,
141 prompt = STRING_TOKEN(STR_ENROLL_PK),
142 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
143 flags = INTERACTIVE,
144 key = KEY_ENROLL_PK;
145 endif;
146
147 subtitle text = STRING_TOKEN(STR_NULL);
148
149 //
150 // Display of Check Box: 'Delete Pk'
151 //
152 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
153 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
154 questionid = KEY_SECURE_BOOT_DELETE_PK,
155 prompt = STRING_TOKEN(STR_DELETE_PK),
156 help = STRING_TOKEN(STR_DELETE_PK_HELP),
157 flags = INTERACTIVE | RESET_REQUIRED,
158 endcheckbox;
159 endif;
160 endform;
161
162 //
163 // ##4 Form: 'Enroll PK'
164 //
165 form formid = FORMID_ENROLL_PK_FORM,
166 title = STRING_TOKEN(STR_ENROLL_PK);
167
168 subtitle text = STRING_TOKEN(STR_NULL);
169
170 goto FORMID_ENROLL_PK_FORM,
171 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
172 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
173 flags = INTERACTIVE,
174 key = FORMID_ENROLL_PK_FORM;
175
176 subtitle text = STRING_TOKEN(STR_NULL);
177 label FORMID_ENROLL_PK_FORM;
178 label LABEL_END;
179 subtitle text = STRING_TOKEN(STR_NULL);
180
181 goto FORMID_SECURE_BOOT_OPTION_FORM,
182 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
183 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
184 flags = INTERACTIVE| RESET_REQUIRED,
185 key = KEY_VALUE_SAVE_AND_EXIT_PK;
186
187 goto FORMID_SECURE_BOOT_OPTION_FORM,
188 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
189 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
190 flags = INTERACTIVE,
191 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
192
193 endform;
194
195 //
196 // ##5 Form: 'KEK Options'
197 //
198 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
199 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
200
201 //
202 // Display of 'Enroll KEK'
203 //
204 goto FORMID_ENROLL_KEK_FORM,
205 prompt = STRING_TOKEN(STR_ENROLL_KEK),
206 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
207 flags = INTERACTIVE;
208
209 subtitle text = STRING_TOKEN(STR_NULL);
210
211 //
212 // Display of 'Delete KEK'
213 //
214 goto FORMID_DELETE_KEK_FORM,
215 prompt = STRING_TOKEN(STR_DELETE_KEK),
216 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
217 flags = INTERACTIVE,
218 key = KEY_DELETE_KEK;
219
220 subtitle text = STRING_TOKEN(STR_NULL);
221 endform;
222
223 //
224 // ##6 Form: 'Enroll KEK'
225 //
226 form formid = FORMID_ENROLL_KEK_FORM,
227 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
228
229 subtitle text = STRING_TOKEN(STR_NULL);
230
231 goto FORMID_ENROLL_KEK_FORM,
232 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
233 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
234 flags = INTERACTIVE,
235 key = FORMID_ENROLL_KEK_FORM;
236
237 subtitle text = STRING_TOKEN(STR_NULL);
238 label FORMID_ENROLL_KEK_FORM;
239 label LABEL_END;
240 subtitle text = STRING_TOKEN(STR_NULL);
241
242 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
243 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
244 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
245 flags = INTERACTIVE,
246 key = KEY_SECURE_BOOT_KEK_GUID,
247 minsize = SECURE_BOOT_GUID_SIZE,
248 maxsize = SECURE_BOOT_GUID_SIZE,
249 endstring;
250
251 subtitle text = STRING_TOKEN(STR_NULL);
252 subtitle text = STRING_TOKEN(STR_NULL);
253
254 goto FORMID_SECURE_BOOT_OPTION_FORM,
255 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
256 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
257 flags = INTERACTIVE,
258 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
259
260 goto FORMID_SECURE_BOOT_OPTION_FORM,
261 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
262 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
263 flags = INTERACTIVE,
264 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
265
266 endform;
267
268 //
269 // ##7 Form: 'Delete KEK'
270 //
271 form formid = FORMID_DELETE_KEK_FORM,
272 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
273
274 label LABEL_KEK_DELETE;
275 label LABEL_END;
276
277 subtitle text = STRING_TOKEN(STR_NULL);
278
279 endform;
280
281 //
282 // ##8 Form: 'DB Options'
283 //
284 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
285 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
286
287 subtitle text = STRING_TOKEN(STR_NULL);
288
289 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
290 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
291 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
292 flags = 0;
293
294 subtitle text = STRING_TOKEN(STR_NULL);
295
296 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
297 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
298 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
299 flags = INTERACTIVE,
300 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
301
302 endform;
303
304 //
305 // ##9 Form: 'DBX Options'
306 //
307 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
308 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
309
310 subtitle text = STRING_TOKEN(STR_NULL);
311
312 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
313 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
314 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
315 flags = 0;
316
317 subtitle text = STRING_TOKEN(STR_NULL);
318
319 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
320 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
321 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
322 flags = INTERACTIVE,
323 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
324
325 endform;
326
327 //
328 // ##9 Form: 'DBT Options'
329 //
330 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
331 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
332
333 subtitle text = STRING_TOKEN(STR_NULL);
334
335 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
336 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
337 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
338 flags = 0;
339
340 subtitle text = STRING_TOKEN(STR_NULL);
341
342 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
343 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
344 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
345 flags = INTERACTIVE,
346 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
347
348 endform;
349
350 //
351 // Form: 'Delete Signature' for DB Options.
352 //
353 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
354 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
355
356 label LABEL_DB_DELETE;
357 label LABEL_END;
358 subtitle text = STRING_TOKEN(STR_NULL);
359
360 endform;
361
362 //
363 // Form: 'Delete Signature' for DBX Options.
364 //
365 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
366 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
367
368 label LABEL_DBX_DELETE;
369 label LABEL_END;
370 subtitle text = STRING_TOKEN(STR_NULL);
371
372 endform;
373
374 //
375 // Form: 'Delete Signature' for DBT Options.
376 //
377 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
378 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
379
380 label LABEL_DBT_DELETE;
381 label LABEL_END;
382 subtitle text = STRING_TOKEN(STR_NULL);
383
384 endform;
385
386 //
387 // Form: 'Enroll Signature' for DB options.
388 //
389 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
390 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
391
392 subtitle text = STRING_TOKEN(STR_NULL);
393
394 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
395 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
396 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
397 flags = INTERACTIVE,
398 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
399
400 subtitle text = STRING_TOKEN(STR_NULL);
401 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
402 label LABEL_END;
403 subtitle text = STRING_TOKEN(STR_NULL);
404
405 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
406 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
407 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
408 flags = INTERACTIVE,
409 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
410 minsize = SECURE_BOOT_GUID_SIZE,
411 maxsize = SECURE_BOOT_GUID_SIZE,
412 endstring;
413
414 subtitle text = STRING_TOKEN(STR_NULL);
415 subtitle text = STRING_TOKEN(STR_NULL);
416
417 goto FORMID_SECURE_BOOT_OPTION_FORM,
418 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
419 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
420 flags = INTERACTIVE,
421 key = KEY_VALUE_SAVE_AND_EXIT_DB;
422
423 goto FORMID_SECURE_BOOT_OPTION_FORM,
424 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
425 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
426 flags = INTERACTIVE,
427 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
428
429 endform;
430
431 //
432 // Form: 'Enroll Signature' for DBX options.
433 //
434 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
435 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
436
437 subtitle text = STRING_TOKEN(STR_NULL);
438
439 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
440 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
441 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
442 flags = INTERACTIVE,
443 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
444
445 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
446 label LABEL_END;
447 subtitle text = STRING_TOKEN(STR_NULL);
448
449 grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
450 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
451 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
452 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
453 flags = INTERACTIVE,
454 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
455 minsize = SECURE_BOOT_GUID_SIZE,
456 maxsize = SECURE_BOOT_GUID_SIZE,
457 endstring;
458 endif;
459
460 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;
461 oneof name = X509SignatureFormatInDbx,
462 varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
463 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
464 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
465 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;
466 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;
467 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;
468 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;
469 endoneof;
470 endif;
471
472 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;
473 text
474 help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string
475 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
476 text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type
477 endif;
478
479 disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
480 text
481 help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string
482 text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
483 text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type
484 endif;
485
486 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;
487 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
488 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
489 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
490 flags = INTERACTIVE,
491 endcheckbox;
492
493 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
494 date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
495 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
496 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
497 flags = STORAGE_NORMAL,
498 enddate;
499
500 time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
501 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
502 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
503 flags = STORAGE_NORMAL,
504 endtime;
505 endif;
506 endif;
507
508 subtitle text = STRING_TOKEN(STR_NULL);
509 subtitle text = STRING_TOKEN(STR_NULL);
510
511 goto FORMID_SECURE_BOOT_OPTION_FORM,
512 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
513 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
514 flags = INTERACTIVE,
515 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
516
517 goto FORMID_SECURE_BOOT_OPTION_FORM,
518 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
519 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
520 flags = INTERACTIVE,
521 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
522
523 endform;
524
525 //
526 // Form: 'Enroll Signature' for DBT options.
527 //
528 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
529 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
530
531 subtitle text = STRING_TOKEN(STR_NULL);
532
533 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
534 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
535 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
536 flags = INTERACTIVE,
537 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
538
539 subtitle text = STRING_TOKEN(STR_NULL);
540 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
541 label LABEL_END;
542 subtitle text = STRING_TOKEN(STR_NULL);
543
544 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
545 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
546 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
547 flags = INTERACTIVE,
548 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
549 minsize = SECURE_BOOT_GUID_SIZE,
550 maxsize = SECURE_BOOT_GUID_SIZE,
551 endstring;
552
553 subtitle text = STRING_TOKEN(STR_NULL);
554 subtitle text = STRING_TOKEN(STR_NULL);
555
556 goto FORMID_SECURE_BOOT_OPTION_FORM,
557 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
558 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
559 flags = INTERACTIVE,
560 key = KEY_VALUE_SAVE_AND_EXIT_DBT;
561
562 goto FORMID_SECURE_BOOT_OPTION_FORM,
563 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
564 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
565 flags = INTERACTIVE,
566 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
567
568 endform;
569
570 endformset;
EFI Development Kit II mirror for PVE