1/** @file 2 VFR file used by the SecureBoot configuration component. 3 4Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR> 5This program and the accompanying materials 6are licensed and made available under the terms and conditions of the BSD License 7which accompanies this distribution. The full text of the license may be found at 8http://opensource.org/licenses/bsd-license.php 9 10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12 13**/ 14 15#include "SecureBootConfigNvData.h" 16 17formset 18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID, 19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE), 20 help = STRING_TOKEN(STR_SECUREBOOT_HELP), 21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID, 22 23 varstore SECUREBOOT_CONFIGURATION, 24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID, 25 name = SECUREBOOT_CONFIGURATION, 26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID; 27 28 // 29 // ##1 Form "Secure Boot Configuration" 30 // 31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID, 32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE); 33 34 subtitle text = STRING_TOKEN(STR_NULL); 35 36 // 37 // Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode) 38 // 39 text 40 help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP), 41 text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT), 42 text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT); 43 44 text 45 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP), 46 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT), 47 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT); 48 49 // 50 // Display of Check Box: Attempt Secure Boot 51 // 52 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1; 53 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot, 54 questionid = KEY_SECURE_BOOT_ENABLE, 55 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT), 56 help = STRING_TOKEN(STR_SECURE_BOOT_HELP), 57 flags = INTERACTIVE | RESET_REQUIRED, 58 endcheckbox; 59 endif; 60 61 // 62 // Display of Oneof: 'Secure Boot Mode' 63 // 64 oneof name = SecureBootMode, 65 questionid = KEY_SECURE_BOOT_MODE, 66 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT), 67 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP), 68 flags = INTERACTIVE | NUMERIC_SIZE_1, 69 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT; 70 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0; 71 endoneof; 72 73 // 74 // Display PK include page 75 // 76 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD; 77 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1; 78 goto FORMID_SECURE_BOOT_OPTION_FORM, 79 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION), 80 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP), 81 flags = INTERACTIVE, 82 key = KEY_SECURE_BOOT_OPTION; 83 endif; 84 endif; 85 86 endform; 87 88 // 89 // ##2 Form: 'Custom Secure Boot Options' 90 // 91 form formid = FORMID_SECURE_BOOT_OPTION_FORM, 92 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE); 93 94 subtitle text = STRING_TOKEN(STR_NULL); 95 96 // 97 // Display of SetupMode/UserMode/AuditMode/DeployedMode transition 98 // 99 oneof name = TransSecureBootMode, 100 questionid = KEY_TRANS_SECURE_BOOT_MODE, 101 prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT), 102 help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP), 103 flags = INTERACTIVE | NUMERIC_SIZE_1, 104 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE 105 OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND 106 ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0); 107 option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0; 108 endif 109 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE; 110 option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0; 111 endif 112 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE; 113 option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0; 114 endif 115 suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE; 116 option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0; 117 endif 118 119 endoneof; 120 121 subtitle text = STRING_TOKEN(STR_NULL); 122 123 goto FORMID_SECURE_BOOT_PK_OPTION_FORM, 124 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION), 125 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP), 126 flags = INTERACTIVE, 127 key = KEY_SECURE_BOOT_PK_OPTION; 128 129 subtitle text = STRING_TOKEN(STR_NULL); 130 131 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM, 132 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION), 133 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP), 134 flags = INTERACTIVE, 135 key = KEY_SECURE_BOOT_KEK_OPTION; 136 137 subtitle text = STRING_TOKEN(STR_NULL); 138 139 goto FORMID_SECURE_BOOT_DB_OPTION_FORM, 140 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION), 141 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP), 142 flags = INTERACTIVE, 143 key = KEY_SECURE_BOOT_DB_OPTION; 144 145 subtitle text = STRING_TOKEN(STR_NULL); 146 147 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM, 148 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION), 149 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP), 150 flags = INTERACTIVE, 151 key = KEY_SECURE_BOOT_DBX_OPTION; 152 153 subtitle text = STRING_TOKEN(STR_NULL); 154 155 goto FORMID_SECURE_BOOT_DBT_OPTION_FORM, 156 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION), 157 help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP), 158 flags = INTERACTIVE, 159 key = KEY_SECURE_BOOT_DBT_OPTION; 160 161 endform; 162 163 // 164 // ##3 Form: 'PK Options' 165 // 166 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM, 167 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION); 168 169 subtitle text = STRING_TOKEN(STR_NULL); 170 171 // 172 // Display of 'Enroll PK' 173 // 174 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1; 175 goto FORMID_ENROLL_PK_FORM, 176 prompt = STRING_TOKEN(STR_ENROLL_PK), 177 help = STRING_TOKEN(STR_ENROLL_PK_HELP), 178 flags = INTERACTIVE, 179 key = KEY_ENROLL_PK; 180 endif; 181 182 subtitle text = STRING_TOKEN(STR_NULL); 183 184 // 185 // Display of Check Box: 'Delete Pk' 186 // 187 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1; 188 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk, 189 questionid = KEY_SECURE_BOOT_DELETE_PK, 190 prompt = STRING_TOKEN(STR_DELETE_PK), 191 help = STRING_TOKEN(STR_DELETE_PK_HELP), 192 flags = INTERACTIVE | RESET_REQUIRED, 193 endcheckbox; 194 endif; 195 endform; 196 197 // 198 // ##4 Form: 'Enroll PK' 199 // 200 form formid = FORMID_ENROLL_PK_FORM, 201 title = STRING_TOKEN(STR_ENROLL_PK); 202 203 subtitle text = STRING_TOKEN(STR_NULL); 204 205 goto FORM_FILE_EXPLORER_ID_PK, 206 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE), 207 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE), 208 flags = INTERACTIVE, 209 key = SECUREBOOT_ADD_PK_FILE_FORM_ID; 210 endform; 211 212 // 213 // ##5 Form: 'KEK Options' 214 // 215 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM, 216 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION); 217 218 // 219 // Display of 'Enroll KEK' 220 // 221 goto FORMID_ENROLL_KEK_FORM, 222 prompt = STRING_TOKEN(STR_ENROLL_KEK), 223 help = STRING_TOKEN(STR_ENROLL_KEK_HELP), 224 flags = INTERACTIVE; 225 226 subtitle text = STRING_TOKEN(STR_NULL); 227 228 // 229 // Display of 'Delete KEK' 230 // 231 goto FORMID_DELETE_KEK_FORM, 232 prompt = STRING_TOKEN(STR_DELETE_KEK), 233 help = STRING_TOKEN(STR_DELETE_KEK_HELP), 234 flags = INTERACTIVE, 235 key = KEY_DELETE_KEK; 236 237 subtitle text = STRING_TOKEN(STR_NULL); 238 endform; 239 240 // 241 // ##6 Form: 'Enroll KEK' 242 // 243 form formid = FORMID_ENROLL_KEK_FORM, 244 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE); 245 246 subtitle text = STRING_TOKEN(STR_NULL); 247 248 goto FORM_FILE_EXPLORER_ID_KEK, 249 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE), 250 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP), 251 flags = INTERACTIVE, 252 key = FORMID_ENROLL_KEK_FORM; 253 254 subtitle text = STRING_TOKEN(STR_NULL); 255 label FORMID_ENROLL_KEK_FORM; 256 label LABEL_END; 257 subtitle text = STRING_TOKEN(STR_NULL); 258 259 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid, 260 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID), 261 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP), 262 flags = INTERACTIVE, 263 key = KEY_SECURE_BOOT_KEK_GUID, 264 minsize = SECURE_BOOT_GUID_SIZE, 265 maxsize = SECURE_BOOT_GUID_SIZE, 266 endstring; 267 268 subtitle text = STRING_TOKEN(STR_NULL); 269 subtitle text = STRING_TOKEN(STR_NULL); 270 271 goto FORMID_SECURE_BOOT_OPTION_FORM, 272 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT), 273 help = STRING_TOKEN(STR_SAVE_AND_EXIT), 274 flags = INTERACTIVE, 275 key = KEY_VALUE_SAVE_AND_EXIT_KEK; 276 277 goto FORMID_SECURE_BOOT_OPTION_FORM, 278 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 279 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 280 flags = INTERACTIVE, 281 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK; 282 283 endform; 284 285 // 286 // ##7 Form: 'Delete KEK' 287 // 288 form formid = FORMID_DELETE_KEK_FORM, 289 title = STRING_TOKEN(STR_DELETE_KEK_TITLE); 290 291 label LABEL_KEK_DELETE; 292 label LABEL_END; 293 294 subtitle text = STRING_TOKEN(STR_NULL); 295 296 endform; 297 298 // 299 // ##8 Form: 'DB Options' 300 // 301 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM, 302 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION); 303 304 subtitle text = STRING_TOKEN(STR_NULL); 305 306 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB, 307 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE), 308 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE), 309 flags = 0; 310 311 subtitle text = STRING_TOKEN(STR_NULL); 312 313 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB, 314 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE), 315 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE), 316 flags = INTERACTIVE, 317 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB; 318 319 endform; 320 321 // 322 // ##9 Form: 'DBX Options' 323 // 324 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM, 325 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION); 326 327 subtitle text = STRING_TOKEN(STR_NULL); 328 329 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX, 330 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE), 331 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE), 332 flags = 0; 333 334 subtitle text = STRING_TOKEN(STR_NULL); 335 336 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX, 337 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE), 338 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE), 339 flags = INTERACTIVE, 340 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX; 341 342 endform; 343 344 // 345 // ##9 Form: 'DBT Options' 346 // 347 form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM, 348 title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION); 349 350 subtitle text = STRING_TOKEN(STR_NULL); 351 352 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT, 353 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE), 354 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE), 355 flags = 0; 356 357 subtitle text = STRING_TOKEN(STR_NULL); 358 359 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT, 360 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE), 361 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE), 362 flags = INTERACTIVE, 363 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT; 364 365 endform; 366 367 // 368 // Form: 'Delete Signature' for DB Options. 369 // 370 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB, 371 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE); 372 373 label LABEL_DB_DELETE; 374 label LABEL_END; 375 subtitle text = STRING_TOKEN(STR_NULL); 376 377 endform; 378 379 // 380 // Form: 'Delete Signature' for DBX Options. 381 // 382 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX, 383 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE); 384 385 label LABEL_DBX_DELETE; 386 label LABEL_END; 387 subtitle text = STRING_TOKEN(STR_NULL); 388 389 endform; 390 391 // 392 // Form: 'Delete Signature' for DBT Options. 393 // 394 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT, 395 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE); 396 397 label LABEL_DBT_DELETE; 398 label LABEL_END; 399 subtitle text = STRING_TOKEN(STR_NULL); 400 401 endform; 402 403 // 404 // Form: 'Enroll Signature' for DB options. 405 // 406 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB, 407 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE); 408 409 subtitle text = STRING_TOKEN(STR_NULL); 410 411 goto FORM_FILE_EXPLORER_ID_DB, 412 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE), 413 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE), 414 flags = INTERACTIVE, 415 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB; 416 417 subtitle text = STRING_TOKEN(STR_NULL); 418 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB; 419 label LABEL_END; 420 subtitle text = STRING_TOKEN(STR_NULL); 421 422 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid, 423 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID), 424 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP), 425 flags = INTERACTIVE, 426 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB, 427 minsize = SECURE_BOOT_GUID_SIZE, 428 maxsize = SECURE_BOOT_GUID_SIZE, 429 endstring; 430 431 subtitle text = STRING_TOKEN(STR_NULL); 432 subtitle text = STRING_TOKEN(STR_NULL); 433 434 goto FORMID_SECURE_BOOT_OPTION_FORM, 435 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT), 436 help = STRING_TOKEN(STR_SAVE_AND_EXIT), 437 flags = INTERACTIVE, 438 key = KEY_VALUE_SAVE_AND_EXIT_DB; 439 440 goto FORMID_SECURE_BOOT_OPTION_FORM, 441 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 442 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 443 flags = INTERACTIVE, 444 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB; 445 446 endform; 447 448 // 449 // Form: 'Enroll Signature' for DBX options. 450 // 451 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX, 452 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE); 453 454 subtitle text = STRING_TOKEN(STR_NULL); 455 456 goto FORM_FILE_EXPLORER_ID_DBX, 457 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE), 458 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE), 459 flags = INTERACTIVE, 460 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX; 461 462 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX; 463 label LABEL_END; 464 subtitle text = STRING_TOKEN(STR_NULL); 465 466 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid, 467 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID), 468 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP), 469 flags = INTERACTIVE, 470 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX, 471 minsize = SECURE_BOOT_GUID_SIZE, 472 maxsize = SECURE_BOOT_GUID_SIZE, 473 endstring; 474 475 oneof name = SignatureFormatInDbx, 476 varid = SECUREBOOT_CONFIGURATION.CertificateFormat, 477 prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), 478 help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP), 479 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x2, flags = DEFAULT; 480 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x3, flags = 0; 481 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x4, flags = 0; 482 option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x5, flags = 0; 483 endoneof; 484 485 suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 5; 486 checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation, 487 prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT), 488 help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP), 489 flags = INTERACTIVE, 490 endcheckbox; 491 492 suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1; 493 date varid = SECUREBOOT_CONFIGURATION.RevocationDate, 494 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT), 495 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP), 496 flags = STORAGE_NORMAL, 497 enddate; 498 499 time varid = SECUREBOOT_CONFIGURATION.RevocationTime, 500 prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT), 501 help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP), 502 flags = STORAGE_NORMAL, 503 endtime; 504 endif; 505 endif; 506 507 subtitle text = STRING_TOKEN(STR_NULL); 508 subtitle text = STRING_TOKEN(STR_NULL); 509 510 goto FORMID_SECURE_BOOT_OPTION_FORM, 511 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT), 512 help = STRING_TOKEN(STR_SAVE_AND_EXIT), 513 flags = INTERACTIVE, 514 key = KEY_VALUE_SAVE_AND_EXIT_DBX; 515 516 goto FORMID_SECURE_BOOT_OPTION_FORM, 517 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 518 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 519 flags = INTERACTIVE, 520 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX; 521 522 endform; 523 524 // 525 // Form: 'Enroll Signature' for DBT options. 526 // 527 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT, 528 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE); 529 530 subtitle text = STRING_TOKEN(STR_NULL); 531 532 goto FORM_FILE_EXPLORER_ID_DBT, 533 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE), 534 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE), 535 flags = INTERACTIVE, 536 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT; 537 538 subtitle text = STRING_TOKEN(STR_NULL); 539 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT; 540 label LABEL_END; 541 subtitle text = STRING_TOKEN(STR_NULL); 542 543 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid, 544 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID), 545 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP), 546 flags = INTERACTIVE, 547 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT, 548 minsize = SECURE_BOOT_GUID_SIZE, 549 maxsize = SECURE_BOOT_GUID_SIZE, 550 endstring; 551 552 subtitle text = STRING_TOKEN(STR_NULL); 553 subtitle text = STRING_TOKEN(STR_NULL); 554 555 goto FORMID_SECURE_BOOT_OPTION_FORM, 556 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT), 557 help = STRING_TOKEN(STR_SAVE_AND_EXIT), 558 flags = INTERACTIVE, 559 key = KEY_VALUE_SAVE_AND_EXIT_DBT; 560 561 goto FORMID_SECURE_BOOT_OPTION_FORM, 562 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 563 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 564 flags = INTERACTIVE, 565 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT; 566 567 endform; 568 569 // 570 // File Explorer for PK 571 // 572 form formid = FORM_FILE_EXPLORER_ID_PK, 573 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE); 574 575 label FORM_FILE_EXPLORER_ID; 576 label LABEL_END; 577 endform; 578 579 // 580 // File Explorer for KEK 581 // 582 form formid = FORM_FILE_EXPLORER_ID_KEK, 583 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE); 584 585 label FORM_FILE_EXPLORER_ID; 586 label LABEL_END; 587 endform; 588 589 // 590 // File Explorer for DB 591 // 592 form formid = FORM_FILE_EXPLORER_ID_DB, 593 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE); 594 595 label FORM_FILE_EXPLORER_ID; 596 label LABEL_END; 597 endform; 598 599 // 600 // File Explorer for DBX 601 // 602 form formid = FORM_FILE_EXPLORER_ID_DBX, 603 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE); 604 605 label FORM_FILE_EXPLORER_ID; 606 label LABEL_END; 607 endform; 608 609 // 610 // File Explorer for DBT 611 // 612 form formid = FORM_FILE_EXPLORER_ID_DBT, 613 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE); 614 615 label FORM_FILE_EXPLORER_ID; 616 label LABEL_END; 617 endform; 618 619 // 620 // Enroll Pk from File Commit Form 621 // 622 form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID, 623 title = STRING_TOKEN(STR_SAVE_PK_FILE); 624 625 label SECUREBOOT_ADD_PK_FILE_FORM_ID; 626 label LABEL_END; 627 628 subtitle text = STRING_TOKEN(STR_NULL); 629 630 text 631 help = STRING_TOKEN(STR_SAVE_AND_EXIT), 632 text = STRING_TOKEN(STR_SAVE_AND_EXIT), 633 text = STRING_TOKEN(STR_NULL), 634 flags = INTERACTIVE, 635 key = KEY_VALUE_SAVE_AND_EXIT_PK; 636 637 text 638 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 639 text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT), 640 text = STRING_TOKEN(STR_NULL), 641 flags = INTERACTIVE, 642 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK; 643 644 endform; 645 646endformset;