diff options
author | Jiaxin Wu <jiaxin.wu@intel.com> | 2016-12-14 10:54:32 +0800 |
---|---|---|
committer | Jiaxin Wu <jiaxin.wu@intel.com> | 2016-12-22 20:33:35 +0800 |
commit | 9d0fa533dd0136a06d076bc6eee1462499a4a936 (patch) | |
tree | 4456b3103d16bb2da9750c29af391bbe19cd792c /NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr | |
parent | 7e1f2209b03fdc51ba506686f74cfcb491b23ec3 (diff) | |
download | edk2-9d0fa533dd0136a06d076bc6eee1462499a4a936.tar.gz edk2-9d0fa533dd0136a06d076bc6eee1462499a4a936.tar.bz2 edk2-9d0fa533dd0136a06d076bc6eee1462499a4a936.zip |
NetworkPkg/TlsAuthConfigDxe: Provide the UI to support TLS auth configuration
This patch provides the UI to support TLS auth configuration.
* EFI_SIGNATURE_LIST format is used for 'TlsCaCertificate'
variable. So, TLS supports multiple certificate configuration.
* The variable attribute is BS with NV, which only target at
preventing runtime phase attack.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Diffstat (limited to 'NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr')
-rw-r--r-- | NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr | 152 |
1 files changed, 152 insertions, 0 deletions
diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr new file mode 100644 index 0000000000..fb130d9d9d --- /dev/null +++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr @@ -0,0 +1,152 @@ +/** @file + VFR file used by TlsAuthConfigDxe driver. + + Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> + + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php. + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include "TlsAuthConfigNvData.h" + +formset + guid = TLS_AUTH_CONFIG_GUID, + title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_TITLE), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_HELP), + + varstore TLS_AUTH_CONFIG_IFR_NVDATA, + name = TLS_AUTH_CONFIG_IFR_NVDATA, + guid = TLS_AUTH_CONFIG_GUID; + + // + // ##1 Form1: Main form for Tls Auth configration + // + form formid = TLS_AUTH_CONFIG_FORMID1_FORM, + title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_TITLE); + + subtitle text = STRING_TOKEN(STR_NULL); + + // + // Display Server CA configration + // + goto TLS_AUTH_CONFIG_FORMID2_FORM, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA_HELP), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_SERVER_CA; + + subtitle text = STRING_TOKEN(STR_NULL); + + // + // Display Client cert configration + // + grayoutif TRUE; /// Current unsupported. + goto TLS_AUTH_CONFIG_FORMID3_FORM, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT_HELP), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_CLIENT_CERT; + endif; + endform; + + // + // ##2 Form2: CA configuration + // + form formid = TLS_AUTH_CONFIG_FORMID2_FORM, + title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA); + + subtitle text = STRING_TOKEN(STR_NULL); + + goto TLS_AUTH_CONFIG_FORMID4_FORM, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT_HELP), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_ENROLL_CERT; + + subtitle text = STRING_TOKEN(STR_NULL); + + goto TLS_AUTH_CONFIG_FORMID5_FORM, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT_HELP), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_DELETE_CERT; + endform; + + // + // ##3 Form3 : Client cert configuration + // + form formid = TLS_AUTH_CONFIG_FORMID3_FORM, + title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT); + + subtitle text = STRING_TOKEN(STR_NULL); + + // + // TODO... + // + endform; + + // + // ##4 Form4: Enroll cert for CA + // + form formid = TLS_AUTH_CONFIG_FORMID4_FORM, + title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT); + + subtitle text = STRING_TOKEN(STR_NULL); + + goto TLS_AUTH_CONFIG_FORMID4_FORM, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ADD_CERT_FILE), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ADD_CERT_FILE), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE; + + subtitle text = STRING_TOKEN(STR_NULL); + label TLS_AUTH_CONFIG_FORMID4_FORM; + label LABEL_END; + subtitle text = STRING_TOKEN(STR_NULL); + + string varid = TLS_AUTH_CONFIG_IFR_NVDATA.CertGuid, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CERT_GUID), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CERT_GUID_HELP), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_CERT_GUID, + minsize = TLS_AUTH_CONFIG_GUID_SIZE, + maxsize = TLS_AUTH_CONFIG_GUID_SIZE, + endstring; + + subtitle text = STRING_TOKEN(STR_NULL); + subtitle text = STRING_TOKEN(STR_NULL); + + goto TLS_AUTH_CONFIG_FORMID1_FORM, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT; + + goto TLS_AUTH_CONFIG_FORMID1_FORM, + prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT), + help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT), + flags = INTERACTIVE, + key = KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT; + + endform; + + // + // ##5 Form5: Delete cert for CA + // + form formid = TLS_AUTH_CONFIG_FORMID5_FORM, + title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT); + + label LABEL_CA_DELETE; + label LABEL_END; + + subtitle text = STRING_TOKEN(STR_NULL); + + endform; + +endformset; |