2 VFR file used by the SecureBoot configuration component.
4 Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "SecureBootConfigNvData.h"
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
29 // ##1 Form "Secure Boot Configuration"
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
34 subtitle text = STRING_TOKEN(STR_NULL);
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
42 // Define of Check Box: Attempt Secure Boot
45 checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,
46 prompt = STRING_TOKEN(STR_NULL),
47 help = STRING_TOKEN(STR_NULL),
52 // Display of Check Box: Attempt Secure Boot
54 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
55 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
56 questionid = KEY_SECURE_BOOT_ENABLE,
57 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
58 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
59 flags = INTERACTIVE | RESET_REQUIRED,
64 // Display of Oneof: 'Secure Boot Mode'
66 oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
67 questionid = KEY_SECURE_BOOT_MODE,
68 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
69 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
71 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
72 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
77 // Display of 'Current Secure Boot Mode'
79 suppressif ideqval SECUREBOOT_CONFIGURATION.SecureBootMode == SECURE_BOOT_MODE_STANDARD;
80 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
81 goto FORMID_SECURE_BOOT_OPTION_FORM,
82 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
83 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
85 key = KEY_SECURE_BOOT_OPTION;
91 // ##2 Form: 'Custom Secure Boot Options'
93 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
94 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
96 subtitle text = STRING_TOKEN(STR_NULL);
98 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
99 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
100 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
102 key = KEY_SECURE_BOOT_PK_OPTION;
104 subtitle text = STRING_TOKEN(STR_NULL);
106 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
107 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
108 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
110 key = KEY_SECURE_BOOT_KEK_OPTION;
112 subtitle text = STRING_TOKEN(STR_NULL);
114 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
115 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
116 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
118 key = KEY_SECURE_BOOT_DB_OPTION;
120 subtitle text = STRING_TOKEN(STR_NULL);
122 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
123 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
124 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
126 key = KEY_SECURE_BOOT_DBX_OPTION;
131 // ##3 Form: 'PK Options'
133 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
134 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
136 subtitle text = STRING_TOKEN(STR_NULL);
139 // Define of Check Box: 'Delete PK'
142 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
143 prompt = STRING_TOKEN(STR_NULL),
144 help = STRING_TOKEN(STR_NULL),
148 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
149 goto FORMID_ENROLL_PK_FORM,
150 prompt = STRING_TOKEN(STR_ENROLL_PK),
151 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
156 subtitle text = STRING_TOKEN(STR_NULL);
159 // Display of Check Box: 'Delete Pk'
161 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
162 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
163 questionid = KEY_SECURE_BOOT_DELETE_PK,
164 prompt = STRING_TOKEN(STR_DELETE_PK),
165 help = STRING_TOKEN(STR_DELETE_PK_HELP),
166 flags = INTERACTIVE | RESET_REQUIRED,
172 // ##4 Form: 'Enroll PK'
174 form formid = FORMID_ENROLL_PK_FORM,
175 title = STRING_TOKEN(STR_ENROLL_PK);
177 subtitle text = STRING_TOKEN(STR_NULL);
179 goto FORM_FILE_EXPLORER_ID_PK,
180 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
181 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
183 key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
187 // ##5 Form: 'KEK Options'
189 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
190 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
193 // Display of 'Enroll KEK'
195 goto FORMID_ENROLL_KEK_FORM,
196 prompt = STRING_TOKEN(STR_ENROLL_KEK),
197 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
200 subtitle text = STRING_TOKEN(STR_NULL);
203 // Display of 'Delete KEK'
205 goto FORMID_DELETE_KEK_FORM,
206 prompt = STRING_TOKEN(STR_DELETE_KEK),
207 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
209 key = KEY_DELETE_KEK;
211 subtitle text = STRING_TOKEN(STR_NULL);
215 // ##6 Form: 'Enroll KEK'
217 form formid = FORMID_ENROLL_KEK_FORM,
218 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
220 subtitle text = STRING_TOKEN(STR_NULL);
222 goto FORM_FILE_EXPLORER_ID_KEK,
223 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
224 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
226 key = FORMID_ENROLL_KEK_FORM;
228 subtitle text = STRING_TOKEN(STR_NULL);
229 label FORMID_ENROLL_KEK_FORM;
231 subtitle text = STRING_TOKEN(STR_NULL);
233 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
234 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
235 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
237 key = KEY_SECURE_BOOT_KEK_GUID,
238 minsize = SECURE_BOOT_GUID_SIZE,
239 maxsize = SECURE_BOOT_GUID_SIZE,
242 subtitle text = STRING_TOKEN(STR_NULL);
243 subtitle text = STRING_TOKEN(STR_NULL);
245 goto FORMID_SECURE_BOOT_OPTION_FORM,
246 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
247 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
249 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
251 goto FORMID_SECURE_BOOT_OPTION_FORM,
252 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
253 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
255 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
260 // ##7 Form: 'Delete KEK'
262 form formid = FORMID_DELETE_KEK_FORM,
263 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
265 label LABEL_KEK_DELETE;
268 subtitle text = STRING_TOKEN(STR_NULL);
273 // ##8 Form: 'DB Options'
275 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
276 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
278 subtitle text = STRING_TOKEN(STR_NULL);
280 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
281 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
282 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
285 subtitle text = STRING_TOKEN(STR_NULL);
287 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
288 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
289 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
291 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
296 // ##9 Form: 'DBX Options'
298 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
299 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
301 subtitle text = STRING_TOKEN(STR_NULL);
303 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
304 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
305 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
308 subtitle text = STRING_TOKEN(STR_NULL);
310 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
311 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
312 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
314 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
319 // Form: 'Delete Signature' for DB Options.
321 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
322 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
324 label LABEL_DB_DELETE;
326 subtitle text = STRING_TOKEN(STR_NULL);
331 // Form: 'Delete Signature' for DBX Options.
333 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
334 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
336 label LABEL_DBX_DELETE;
338 subtitle text = STRING_TOKEN(STR_NULL);
343 // Form: 'Enroll Signature' for DB options.
345 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
346 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
348 subtitle text = STRING_TOKEN(STR_NULL);
350 goto FORM_FILE_EXPLORER_ID_DB,
351 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
352 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
354 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
356 subtitle text = STRING_TOKEN(STR_NULL);
357 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
359 subtitle text = STRING_TOKEN(STR_NULL);
361 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
362 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
363 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
365 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
366 minsize = SECURE_BOOT_GUID_SIZE,
367 maxsize = SECURE_BOOT_GUID_SIZE,
370 subtitle text = STRING_TOKEN(STR_NULL);
371 subtitle text = STRING_TOKEN(STR_NULL);
373 goto FORMID_SECURE_BOOT_OPTION_FORM,
374 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
375 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
377 key = KEY_VALUE_SAVE_AND_EXIT_DB;
379 goto FORMID_SECURE_BOOT_OPTION_FORM,
380 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
381 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
383 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
388 // Form: 'Enroll Signature' for DBX options.
390 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
391 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
393 subtitle text = STRING_TOKEN(STR_NULL);
395 goto FORM_FILE_EXPLORER_ID_DBX,
396 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
397 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
399 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
401 subtitle text = STRING_TOKEN(STR_NULL);
402 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
404 subtitle text = STRING_TOKEN(STR_NULL);
406 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
407 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
408 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
410 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
411 minsize = SECURE_BOOT_GUID_SIZE,
412 maxsize = SECURE_BOOT_GUID_SIZE,
415 subtitle text = STRING_TOKEN(STR_NULL);
416 subtitle text = STRING_TOKEN(STR_NULL);
418 goto FORMID_SECURE_BOOT_OPTION_FORM,
419 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
420 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
422 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
424 goto FORMID_SECURE_BOOT_OPTION_FORM,
425 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
426 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
428 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
433 // File Explorer for PK
435 form formid = FORM_FILE_EXPLORER_ID_PK,
436 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
438 label FORM_FILE_EXPLORER_ID;
443 // File Explorer for KEK
445 form formid = FORM_FILE_EXPLORER_ID_KEK,
446 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
448 label FORM_FILE_EXPLORER_ID;
453 // File Explorer for DB
455 form formid = FORM_FILE_EXPLORER_ID_DB,
456 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
458 label FORM_FILE_EXPLORER_ID;
463 // File Explorer for DBX
465 form formid = FORM_FILE_EXPLORER_ID_DBX,
466 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
468 label FORM_FILE_EXPLORER_ID;
474 // Enroll Pk from File Commit Form
476 form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,
477 title = STRING_TOKEN(STR_SAVE_PK_FILE);
479 label SECUREBOOT_ADD_PK_FILE_FORM_ID;
482 subtitle text = STRING_TOKEN(STR_NULL);
485 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
486 text = STRING_TOKEN(STR_SAVE_AND_EXIT),
487 text = STRING_TOKEN(STR_NULL),
489 key = KEY_VALUE_SAVE_AND_EXIT_PK;
492 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
493 text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
494 text = STRING_TOKEN(STR_NULL),
496 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;