X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FVariableAuthenticated%2FSecureBootConfigDxe%2FSecureBootConfig.vfr;h=bbecff2b085dfa83a867283fc34b286ddb9dd9eb;hp=9685a9e0c2a3c2b9a85fcc3eb7d932d3d3bd8637;hb=4de754e15fec9c94ce7677904efd0022c211721b;hpb=a365eed476687881ce0ed49af7d483fd3cb0c491
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
index 9685a9e0c2..bbecff2b08 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
@@ -1,13 +1,13 @@
/** @file
VFR file used by the SecureBoot configuration component.
-Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -24,7 +24,7 @@ formset
varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
name = SECUREBOOT_CONFIGURATION,
guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
-
+
//
// ##1 Form "Secure Boot Configuration"
//
@@ -37,23 +37,11 @@ formset
help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
-
- //
- // Define of Check Box: Attempt Secure Boot
- //
- suppressif TRUE;
- checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,
- questionid = KEY_HIDE_SECURE_BOOT,
- prompt = STRING_TOKEN(STR_NULL),
- help = STRING_TOKEN(STR_NULL),
- flags = INTERACTIVE,
- endcheckbox;
- endif;
-
+
//
// Display of Check Box: Attempt Secure Boot
//
- grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
+ grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
questionid = KEY_SECURE_BOOT_ENABLE,
prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
@@ -61,101 +49,93 @@ formset
flags = INTERACTIVE | RESET_REQUIRED,
endcheckbox;
endif;
-
+
//
// Display of Oneof: 'Secure Boot Mode'
//
- disableif TRUE;
- oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
- prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
- help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
- flags = INTERACTIVE,
- option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = 0;
- option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
- endoneof;
- endif;
- oneof name = SecureBootMode,
- questionid = KEY_SECURE_BOOT_MODE,
- prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
- help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
- flags = INTERACTIVE | NUMERIC_SIZE_1,
- option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
- option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
- endoneof;
-
- //
+ oneof name = SecureBootMode,
+ questionid = KEY_SECURE_BOOT_MODE,
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
+ help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
+ flags = INTERACTIVE | NUMERIC_SIZE_1,
+ option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
+ option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
+ endoneof;
+
//
// Display of 'Current Secure Boot Mode'
//
suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
- grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
- goto FORMID_SECURE_BOOT_OPTION_FORM,
- prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
- help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
- flags = INTERACTIVE,
- key = KEY_SECURE_BOOT_OPTION;
- endif;
+ grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
+ goto FORMID_SECURE_BOOT_OPTION_FORM,
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
+ help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
+ flags = INTERACTIVE,
+ key = KEY_SECURE_BOOT_OPTION;
endif;
+ endif;
+
endform;
-
+
//
// ##2 Form: 'Custom Secure Boot Options'
//
form formid = FORMID_SECURE_BOOT_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
-
+
subtitle text = STRING_TOKEN(STR_NULL);
-
+
goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_PK_OPTION;
-
+
subtitle text = STRING_TOKEN(STR_NULL);
-
+
goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_KEK_OPTION;
-
+
subtitle text = STRING_TOKEN(STR_NULL);
-
+
goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_DB_OPTION;
-
+
subtitle text = STRING_TOKEN(STR_NULL);
-
+
goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_DBX_OPTION;
+ subtitle text = STRING_TOKEN(STR_NULL);
+
+ goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
+ help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
+ flags = INTERACTIVE,
+ key = KEY_SECURE_BOOT_DBT_OPTION;
+
endform;
-
+
//
// ##3 Form: 'PK Options'
//
form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
-
+
subtitle text = STRING_TOKEN(STR_NULL);
-
+
//
- // Define of Check Box: 'Delete PK'
+ // Display of 'Enroll PK'
//
- suppressif TRUE;
- checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
- prompt = STRING_TOKEN(STR_NULL),
- help = STRING_TOKEN(STR_NULL),
- endcheckbox;
- endif;
-
grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
goto FORMID_ENROLL_PK_FORM,
prompt = STRING_TOKEN(STR_ENROLL_PK),
@@ -163,37 +143,55 @@ formset
flags = INTERACTIVE,
key = KEY_ENROLL_PK;
endif;
-
+
subtitle text = STRING_TOKEN(STR_NULL);
-
+
//
- // Display of Check Box: 'Delete Pk'
+ // Display of Check Box: 'Delete Pk'
//
grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
questionid = KEY_SECURE_BOOT_DELETE_PK,
- prompt = STRING_TOKEN(STR_DELETE_PK),
+ prompt = STRING_TOKEN(STR_DELETE_PK),
help = STRING_TOKEN(STR_DELETE_PK_HELP),
flags = INTERACTIVE | RESET_REQUIRED,
endcheckbox;
endif;
endform;
-
+
//
// ##4 Form: 'Enroll PK'
//
form formid = FORMID_ENROLL_PK_FORM,
title = STRING_TOKEN(STR_ENROLL_PK);
-
+
subtitle text = STRING_TOKEN(STR_NULL);
- goto FORM_FILE_EXPLORER_ID_PK,
+ goto FORMID_ENROLL_PK_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
flags = INTERACTIVE,
- key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
+ key = FORMID_ENROLL_PK_FORM;
+
+ subtitle text = STRING_TOKEN(STR_NULL);
+ label FORMID_ENROLL_PK_FORM;
+ label LABEL_END;
+ subtitle text = STRING_TOKEN(STR_NULL);
+
+ goto FORMID_SECURE_BOOT_OPTION_FORM,
+ prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
+ help = STRING_TOKEN(STR_SAVE_AND_EXIT),
+ flags = INTERACTIVE| RESET_REQUIRED,
+ key = KEY_VALUE_SAVE_AND_EXIT_PK;
+
+ goto FORMID_SECURE_BOOT_OPTION_FORM,
+ prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+ help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+ flags = INTERACTIVE,
+ key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
+
endform;
-
+
//
// ##5 Form: 'KEK Options'
//
@@ -201,36 +199,36 @@ formset
title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
//
- // Display of 'Enroll KEK'
+ // Display of 'Enroll KEK'
//
goto FORMID_ENROLL_KEK_FORM,
prompt = STRING_TOKEN(STR_ENROLL_KEK),
help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
flags = INTERACTIVE;
-
- subtitle text = STRING_TOKEN(STR_NULL);
-
+
+ subtitle text = STRING_TOKEN(STR_NULL);
+
//
- // Display of 'Delete KEK'
+ // Display of 'Delete KEK'
//
goto FORMID_DELETE_KEK_FORM,
prompt = STRING_TOKEN(STR_DELETE_KEK),
help = STRING_TOKEN(STR_DELETE_KEK_HELP),
flags = INTERACTIVE,
key = KEY_DELETE_KEK;
-
- subtitle text = STRING_TOKEN(STR_NULL);
+
+ subtitle text = STRING_TOKEN(STR_NULL);
endform;
//
- // ##6 Form: 'Enroll KEK'
+ // ##6 Form: 'Enroll KEK'
//
form formid = FORMID_ENROLL_KEK_FORM,
title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
subtitle text = STRING_TOKEN(STR_NULL);
- goto FORM_FILE_EXPLORER_ID_KEK,
+ goto FORMID_ENROLL_KEK_FORM,
prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
flags = INTERACTIVE,
@@ -258,7 +256,7 @@ formset
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_SAVE_AND_EXIT_KEK;
-
+
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
@@ -269,15 +267,15 @@ formset
//
// ##7 Form: 'Delete KEK'
- //
+ //
form formid = FORMID_DELETE_KEK_FORM,
title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
label LABEL_KEK_DELETE;
label LABEL_END;
-
+
subtitle text = STRING_TOKEN(STR_NULL);
-
+
endform;
//
@@ -300,7 +298,7 @@ formset
help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
flags = INTERACTIVE,
key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
-
+
endform;
//
@@ -326,6 +324,29 @@ formset
endform;
+ //
+ // ##9 Form: 'DBT Options'
+ //
+ form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
+ title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
+
+ subtitle text = STRING_TOKEN(STR_NULL);
+
+ goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
+ prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
+ help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
+ flags = 0;
+
+ subtitle text = STRING_TOKEN(STR_NULL);
+
+ goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
+ prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
+ help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
+ flags = INTERACTIVE,
+ key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
+
+ endform;
+
//
// Form: 'Delete Signature' for DB Options.
//
@@ -335,7 +356,7 @@ formset
label LABEL_DB_DELETE;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
-
+
endform;
//
@@ -347,7 +368,19 @@ formset
label LABEL_DBX_DELETE;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
-
+
+ endform;
+
+ //
+ // Form: 'Delete Signature' for DBT Options.
+ //
+ form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
+ title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
+
+ label LABEL_DBT_DELETE;
+ label LABEL_END;
+ subtitle text = STRING_TOKEN(STR_NULL);
+
endform;
//
@@ -358,7 +391,7 @@ formset
subtitle text = STRING_TOKEN(STR_NULL);
- goto FORM_FILE_EXPLORER_ID_DB,
+ goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
flags = INTERACTIVE,
@@ -386,7 +419,7 @@ formset
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_SAVE_AND_EXIT_DB;
-
+
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
@@ -403,25 +436,74 @@ formset
subtitle text = STRING_TOKEN(STR_NULL);
- goto FORM_FILE_EXPLORER_ID_DBX,
+ goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
flags = INTERACTIVE,
key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
- subtitle text = STRING_TOKEN(STR_NULL);
label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
- string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
- prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
- help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
- flags = INTERACTIVE,
- key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
- minsize = SECURE_BOOT_GUID_SIZE,
- maxsize = SECURE_BOOT_GUID_SIZE,
- endstring;
+ grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
+ string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
+ help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
+ flags = INTERACTIVE,
+ key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
+ minsize = SECURE_BOOT_GUID_SIZE,
+ maxsize = SECURE_BOOT_GUID_SIZE,
+ endstring;
+ endif;
+
+ disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;
+ oneof name = X509SignatureFormatInDbx,
+ varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
+ prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
+ help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;
+ option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;
+ endoneof;
+ endif;
+
+ disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;
+ text
+ help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string
+ text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
+ text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type
+ endif;
+
+ disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
+ text
+ help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string
+ text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
+ text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type
+ endif;
+
+ suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;
+ checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
+ prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
+ help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
+ flags = INTERACTIVE,
+ endcheckbox;
+
+ suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
+ date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
+ prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
+ help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
+ flags = STORAGE_NORMAL,
+ enddate;
+
+ time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
+ prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
+ help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
+ flags = STORAGE_NORMAL,
+ endtime;
+ endif;
+ endif;
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_NULL);
@@ -431,7 +513,7 @@ formset
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_SAVE_AND_EXIT_DBX;
-
+
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
@@ -441,71 +523,48 @@ formset
endform;
//
- // File Explorer for PK
- //
- form formid = FORM_FILE_EXPLORER_ID_PK,
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
-
- label FORM_FILE_EXPLORER_ID;
- label LABEL_END;
- endform;
-
+ // Form: 'Enroll Signature' for DBT options.
//
- // File Explorer for KEK
- //
- form formid = FORM_FILE_EXPLORER_ID_KEK,
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
-
- label FORM_FILE_EXPLORER_ID;
- label LABEL_END;
- endform;
-
- //
- // File Explorer for DB
- //
- form formid = FORM_FILE_EXPLORER_ID_DB,
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
-
- label FORM_FILE_EXPLORER_ID;
- label LABEL_END;
- endform;
+ form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
+ title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
- //
- // File Explorer for DBX
- //
- form formid = FORM_FILE_EXPLORER_ID_DBX,
- title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
+ subtitle text = STRING_TOKEN(STR_NULL);
- label FORM_FILE_EXPLORER_ID;
- label LABEL_END;
- endform;
+ goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
+ help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
+ flags = INTERACTIVE,
+ key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
+ subtitle text = STRING_TOKEN(STR_NULL);
+ label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
+ label LABEL_END;
+ subtitle text = STRING_TOKEN(STR_NULL);
- //
- // Enroll Pk from File Commit Form
- //
- form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,
- title = STRING_TOKEN(STR_SAVE_PK_FILE);
+ string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
+ prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
+ help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
+ flags = INTERACTIVE,
+ key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
+ minsize = SECURE_BOOT_GUID_SIZE,
+ maxsize = SECURE_BOOT_GUID_SIZE,
+ endstring;
- label SECUREBOOT_ADD_PK_FILE_FORM_ID;
- label LABEL_END;
-
+ subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_NULL);
- text
- help = STRING_TOKEN(STR_SAVE_AND_EXIT),
- text = STRING_TOKEN(STR_SAVE_AND_EXIT),
- text = STRING_TOKEN(STR_NULL),
- flags = INTERACTIVE,
- key = KEY_VALUE_SAVE_AND_EXIT_PK;
+ goto FORMID_SECURE_BOOT_OPTION_FORM,
+ prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
+ help = STRING_TOKEN(STR_SAVE_AND_EXIT),
+ flags = INTERACTIVE,
+ key = KEY_VALUE_SAVE_AND_EXIT_DBT;
- text
- help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
- text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
- text = STRING_TOKEN(STR_NULL),
- flags = INTERACTIVE,
- key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
+ goto FORMID_SECURE_BOOT_OPTION_FORM,
+ prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+ help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
+ flags = INTERACTIVE,
+ key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
endform;
-endformset;
+endformset;
\ No newline at end of file