/** @file\r
VFR file used by the SecureBoot configuration component.\r
\r
-Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),\r
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);\r
\r
- //\r
- // Define of Check Box: Attempt Secure Boot\r
- //\r
- suppressif TRUE;\r
- checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,\r
- questionid = KEY_HIDE_SECURE_BOOT,\r
- prompt = STRING_TOKEN(STR_NULL),\r
- help = STRING_TOKEN(STR_NULL),\r
- flags = INTERACTIVE,\r
- endcheckbox;\r
- endif;\r
-\r
//\r
// Display of Check Box: Attempt Secure Boot\r
//\r
- grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;\r
+ grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,\r
questionid = KEY_SECURE_BOOT_ENABLE,\r
prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),\r
//\r
// Display of Oneof: 'Secure Boot Mode'\r
//\r
- disableif TRUE;\r
- oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,\r
- prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
- help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
- flags = INTERACTIVE,\r
- option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = 0;\r
- option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
- endoneof;\r
- endif;\r
- oneof name = SecureBootMode,\r
- questionid = KEY_SECURE_BOOT_MODE,\r
- prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
- help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
- flags = INTERACTIVE | NUMERIC_SIZE_1,\r
- option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
- option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
- endoneof;\r
+ oneof name = SecureBootMode,\r
+ questionid = KEY_SECURE_BOOT_MODE,\r
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),\r
+ help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),\r
+ flags = INTERACTIVE | NUMERIC_SIZE_1,\r
+ option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;\r
+ option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;\r
+ endoneof;\r
\r
- //\r
//\r
// Display of 'Current Secure Boot Mode'\r
//\r
suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;\r
- grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
- goto FORMID_SECURE_BOOT_OPTION_FORM,\r
- prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
- help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
- flags = INTERACTIVE,\r
- key = KEY_SECURE_BOOT_OPTION;\r
- endif;\r
+ grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;\r
+ goto FORMID_SECURE_BOOT_OPTION_FORM,\r
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),\r
+ help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),\r
+ flags = INTERACTIVE,\r
+ key = KEY_SECURE_BOOT_OPTION;\r
+ endif;\r
endif;\r
+\r
endform;\r
\r
//\r
subtitle text = STRING_TOKEN(STR_NULL);\r
\r
//\r
- // Define of Check Box: 'Delete PK'\r
+ // Display of 'Enroll PK'\r
//\r
- suppressif TRUE;\r
- checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,\r
- prompt = STRING_TOKEN(STR_NULL),\r
- help = STRING_TOKEN(STR_NULL),\r
- endcheckbox;\r
- endif;\r
-\r
grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;\r
goto FORMID_ENROLL_PK_FORM,\r
prompt = STRING_TOKEN(STR_ENROLL_PK),\r
\r
subtitle text = STRING_TOKEN(STR_NULL);\r
\r
- goto FORM_FILE_EXPLORER_ID_PK,\r
+ goto FORMID_ENROLL_PK_FORM,\r
prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),\r
flags = INTERACTIVE,\r
- key = SECUREBOOT_ADD_PK_FILE_FORM_ID;\r
+ key = FORMID_ENROLL_PK_FORM;\r
+\r
+ subtitle text = STRING_TOKEN(STR_NULL);\r
+ label FORMID_ENROLL_PK_FORM;\r
+ label LABEL_END;\r
+ subtitle text = STRING_TOKEN(STR_NULL);\r
+\r
+ goto FORMID_SECURE_BOOT_OPTION_FORM,\r
+ prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
+ help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
+ flags = INTERACTIVE| RESET_REQUIRED,\r
+ key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
+\r
+ goto FORMID_SECURE_BOOT_OPTION_FORM,\r
+ prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
+ help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
+ flags = INTERACTIVE,\r
+ key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
+\r
endform;\r
\r
//\r
\r
subtitle text = STRING_TOKEN(STR_NULL);\r
\r
- goto FORM_FILE_EXPLORER_ID_KEK,\r
+ goto FORMID_ENROLL_KEK_FORM,\r
prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),\r
help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),\r
flags = INTERACTIVE,\r
\r
subtitle text = STRING_TOKEN(STR_NULL);\r
\r
- goto FORM_FILE_EXPLORER_ID_DB,\r
+ goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,\r
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
flags = INTERACTIVE,\r
\r
subtitle text = STRING_TOKEN(STR_NULL);\r
\r
- goto FORM_FILE_EXPLORER_ID_DBX,\r
+ goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,\r
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
flags = INTERACTIVE,\r
label LABEL_END;\r
subtitle text = STRING_TOKEN(STR_NULL);\r
\r
- string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
- prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
- help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
- flags = INTERACTIVE,\r
- key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
- minsize = SECURE_BOOT_GUID_SIZE,\r
- maxsize = SECURE_BOOT_GUID_SIZE,\r
- endstring;\r
+ grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
+ string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,\r
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),\r
+ help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),\r
+ flags = INTERACTIVE,\r
+ key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,\r
+ minsize = SECURE_BOOT_GUID_SIZE,\r
+ maxsize = SECURE_BOOT_GUID_SIZE,\r
+ endstring;\r
+ endif;\r
\r
- oneof name = SignatureFormatInDbx,\r
- varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
- prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
- help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
- option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT;\r
- option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0;\r
- option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0;\r
- option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0;\r
- endoneof;\r
+ disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;\r
+ oneof name = X509SignatureFormatInDbx,\r
+ varid = SECUREBOOT_CONFIGURATION.CertificateFormat,\r
+ prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),\r
+ help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),\r
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;\r
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;\r
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;\r
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;\r
+ endoneof;\r
+ endif;\r
+\r
+ disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;\r
+ text\r
+ help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string\r
+ text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
+ text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type\r
+ endif;\r
+\r
+ disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;\r
+ text\r
+ help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string\r
+ text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string\r
+ text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type\r
+ endif;\r
\r
- suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5;\r
+ suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;\r
checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,\r
prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),\r
help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),\r
\r
subtitle text = STRING_TOKEN(STR_NULL);\r
\r
- goto FORM_FILE_EXPLORER_ID_DBT,\r
+ goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,\r
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),\r
flags = INTERACTIVE,\r
\r
endform;\r
\r
- //\r
- // File Explorer for PK\r
- //\r
- form formid = FORM_FILE_EXPLORER_ID_PK,\r
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
-\r
- label FORM_FILE_EXPLORER_ID;\r
- label LABEL_END;\r
- endform;\r
-\r
- //\r
- // File Explorer for KEK\r
- //\r
- form formid = FORM_FILE_EXPLORER_ID_KEK,\r
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
-\r
- label FORM_FILE_EXPLORER_ID;\r
- label LABEL_END;\r
- endform;\r
-\r
- //\r
- // File Explorer for DB\r
- //\r
- form formid = FORM_FILE_EXPLORER_ID_DB,\r
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
-\r
- label FORM_FILE_EXPLORER_ID;\r
- label LABEL_END;\r
- endform;\r
-\r
- //\r
- // File Explorer for DBX\r
- //\r
- form formid = FORM_FILE_EXPLORER_ID_DBX,\r
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
-\r
- label FORM_FILE_EXPLORER_ID;\r
- label LABEL_END;\r
- endform;\r
-\r
- //\r
- // File Explorer for DBT\r
- //\r
- form formid = FORM_FILE_EXPLORER_ID_DBT,\r
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);\r
-\r
- label FORM_FILE_EXPLORER_ID;\r
- label LABEL_END;\r
- endform;\r
-\r
- //\r
- // Enroll Pk from File Commit Form\r
- //\r
- form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,\r
- title = STRING_TOKEN(STR_SAVE_PK_FILE);\r
-\r
- label SECUREBOOT_ADD_PK_FILE_FORM_ID;\r
- label LABEL_END;\r
-\r
- subtitle text = STRING_TOKEN(STR_NULL);\r
-\r
- text\r
- help = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
- text = STRING_TOKEN(STR_SAVE_AND_EXIT),\r
- text = STRING_TOKEN(STR_NULL),\r
- flags = INTERACTIVE,\r
- key = KEY_VALUE_SAVE_AND_EXIT_PK;\r
-\r
- text\r
- help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
- text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),\r
- text = STRING_TOKEN(STR_NULL),\r
- flags = INTERACTIVE,\r
- key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;\r
-\r
- endform;\r
-\r
endformset;
\ No newline at end of file