audk/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr

611 lines
20 KiB
Plaintext

/** @file
VFR file used by the SecureBoot configuration component.
Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "SecureBootConfigNvData.h"
formset
guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
help = STRING_TOKEN(STR_SECUREBOOT_HELP),
classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
varstore SECUREBOOT_CONFIGURATION,
varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
name = SECUREBOOT_CONFIGURATION,
guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
//
// ##1 Form "Secure Boot Configuration"
//
form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
subtitle text = STRING_TOKEN(STR_NULL);
text
help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
//
// Display of Check Box: Attempt Secure Boot
//
grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
questionid = KEY_SECURE_BOOT_ENABLE,
prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
flags = INTERACTIVE | RESET_REQUIRED,
endcheckbox;
endif;
//
// Display of Oneof: 'Secure Boot Mode'
//
oneof name = SecureBootMode,
questionid = KEY_SECURE_BOOT_MODE,
prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
flags = INTERACTIVE | NUMERIC_SIZE_1,
option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
endoneof;
//
// Display of 'Current Secure Boot Mode'
//
suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_OPTION;
endif;
endif;
endform;
//
// ##2 Form: 'Custom Secure Boot Options'
//
form formid = FORMID_SECURE_BOOT_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_PK_OPTION;
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_KEK_OPTION;
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_DB_OPTION;
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_DBX_OPTION;
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_DBT_OPTION;
endform;
//
// ##3 Form: 'PK Options'
//
form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
subtitle text = STRING_TOKEN(STR_NULL);
//
// Display of 'Enroll PK'
//
grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
goto FORMID_ENROLL_PK_FORM,
prompt = STRING_TOKEN(STR_ENROLL_PK),
help = STRING_TOKEN(STR_ENROLL_PK_HELP),
flags = INTERACTIVE,
key = KEY_ENROLL_PK;
endif;
subtitle text = STRING_TOKEN(STR_NULL);
//
// Display of Check Box: 'Delete Pk'
//
grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
questionid = KEY_SECURE_BOOT_DELETE_PK,
prompt = STRING_TOKEN(STR_DELETE_PK),
help = STRING_TOKEN(STR_DELETE_PK_HELP),
flags = INTERACTIVE | RESET_REQUIRED,
endcheckbox;
endif;
endform;
//
// ##4 Form: 'Enroll PK'
//
form formid = FORMID_ENROLL_PK_FORM,
title = STRING_TOKEN(STR_ENROLL_PK);
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_ENROLL_PK_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
flags = INTERACTIVE,
key = FORMID_ENROLL_PK_FORM;
subtitle text = STRING_TOKEN(STR_NULL);
label FORMID_ENROLL_PK_FORM;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE| RESET_REQUIRED,
key = KEY_VALUE_SAVE_AND_EXIT_PK;
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
endform;
//
// ##5 Form: 'KEK Options'
//
form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
//
// Display of 'Enroll KEK'
//
goto FORMID_ENROLL_KEK_FORM,
prompt = STRING_TOKEN(STR_ENROLL_KEK),
help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
flags = INTERACTIVE;
subtitle text = STRING_TOKEN(STR_NULL);
//
// Display of 'Delete KEK'
//
goto FORMID_DELETE_KEK_FORM,
prompt = STRING_TOKEN(STR_DELETE_KEK),
help = STRING_TOKEN(STR_DELETE_KEK_HELP),
flags = INTERACTIVE,
key = KEY_DELETE_KEK;
subtitle text = STRING_TOKEN(STR_NULL);
endform;
//
// ##6 Form: 'Enroll KEK'
//
form formid = FORMID_ENROLL_KEK_FORM,
title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_ENROLL_KEK_FORM,
prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
flags = INTERACTIVE,
key = FORMID_ENROLL_KEK_FORM;
subtitle text = STRING_TOKEN(STR_NULL);
label FORMID_ENROLL_KEK_FORM;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_KEK_GUID,
minsize = SECURE_BOOT_GUID_SIZE,
maxsize = SECURE_BOOT_GUID_SIZE,
endstring;
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_SAVE_AND_EXIT_KEK;
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
endform;
//
// ##7 Form: 'Delete KEK'
//
form formid = FORMID_DELETE_KEK_FORM,
title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
label LABEL_KEK_DELETE;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
endform;
//
// ##8 Form: 'DB Options'
//
form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
flags = 0;
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
flags = INTERACTIVE,
key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
endform;
//
// ##9 Form: 'DBX Options'
//
form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
flags = 0;
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
flags = INTERACTIVE,
key = KEY_VALUE_FROM_DBX_TO_LIST_FORM;
endform;
//
// ##9 Form: 'DBT Options'
//
form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
flags = 0;
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
flags = INTERACTIVE,
key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
endform;
//
// Form: 'Delete Signature' for DB Options.
//
form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
label LABEL_DB_DELETE;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
endform;
//
// Form: Display Signature List.
//
form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);
subtitle text = STRING_TOKEN(STR_NULL);
grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;
label LABEL_DELETE_ALL_LIST_BUTTON;
//
// Will create a goto button dynamically here.
//
label LABEL_END;
endif;
subtitle text = STRING_TOKEN(STR_NULL);
label LABEL_SIGNATURE_LIST_START;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
endform;
//
// Form: Display Signature Data.
//
form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),
help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_DELETE_ALL_DATA;
grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;
goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),
help = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_DELETE_CHECK_DATA;
endif;
subtitle text = STRING_TOKEN(STR_NULL);
label LABEL_SIGNATURE_DATA_START;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
endform;
//
// Form: 'Delete Signature' for DBT Options.
//
form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
label LABEL_DBT_DELETE;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
endform;
//
// Form: 'Enroll Signature' for DB options.
//
form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
flags = INTERACTIVE,
key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
subtitle text = STRING_TOKEN(STR_NULL);
label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
minsize = SECURE_BOOT_GUID_SIZE,
maxsize = SECURE_BOOT_GUID_SIZE,
endstring;
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_SAVE_AND_EXIT_DB;
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
endform;
//
// Form: 'Enroll Signature' for DBX options.
//
form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
flags = INTERACTIVE,
key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
minsize = SECURE_BOOT_GUID_SIZE,
maxsize = SECURE_BOOT_GUID_SIZE,
endstring;
endif;
disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;
oneof name = X509SignatureFormatInDbx,
varid = SECUREBOOT_CONFIGURATION.CertificateFormat,
prompt = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
help = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;
option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;
option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;
option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;
endoneof;
endif;
disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;
text
help = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP), // Help string
text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
text = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256); // PE image type
endif;
disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
text
help = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP), // Help string
text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT), // Prompt string
text = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT); // AUTH_2 image type
endif;
suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;
checkbox varid = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
help = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
flags = INTERACTIVE,
endcheckbox;
suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
date varid = SECUREBOOT_CONFIGURATION.RevocationDate,
prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
flags = STORAGE_NORMAL,
enddate;
time varid = SECUREBOOT_CONFIGURATION.RevocationTime,
prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
help = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
flags = STORAGE_NORMAL,
endtime;
endif;
endif;
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_SAVE_AND_EXIT_DBX;
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
endform;
//
// Form: 'Enroll Signature' for DBT options.
//
form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
subtitle text = STRING_TOKEN(STR_NULL);
goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
flags = INTERACTIVE,
key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
subtitle text = STRING_TOKEN(STR_NULL);
label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL);
string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
flags = INTERACTIVE,
key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
minsize = SECURE_BOOT_GUID_SIZE,
maxsize = SECURE_BOOT_GUID_SIZE,
endstring;
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_SAVE_AND_EXIT_DBT;
goto FORMID_SECURE_BOOT_OPTION_FORM,
prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
flags = INTERACTIVE,
key = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
endform;
endformset;