// /** @file
//  Security Setup formset.
//
//  Copyright (c) 1999 - 2017, Intel Corporation. All rights reserved.<BR>
//
//  This program and the accompanying materials
//  are licensed and made available under the terms and conditions of the BSD License
//  which accompanies this distribution.  The full text of the license may be found at
//  http://opensource.org/licenses/bsd-license.php.
//
//  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
//  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
//
// **/


//
// Security Configuration Form
//

form formid = SECURITY_CONFIGURATION_FORM_ID,
  title    = STRING_TOKEN(STR_SECURITY_CONFIGURATION_TITLE);

  //
  // SeC related
  //
  subtitle text = STRING_TOKEN(STR_SEC_CONFIGURATION_SUBTITLE);

  text
    help   = STRING_TOKEN(STR_NULL_STRING),
    text   = STRING_TOKEN(STR_SEC_VERSION_STRING),
    text   = STRING_TOKEN(STR_TXE_FW_VALUE),
    flags  = 0,
    key    = 0;


  text
    help   = STRING_TOKEN(STR_NULL_STRING),
    text   = STRING_TOKEN(STR_SEC_CAPABILITY_STRING),
    text   = STRING_TOKEN(STR_SEC_CAPABILITY_VALUE),
    flags  = 0,
    key    = 0;

  text
    help   = STRING_TOKEN(STR_NULL_STRING),
    text   = STRING_TOKEN(STR_SEC_FEATURE_STRING),
    text   = STRING_TOKEN(STR_SEC_FEATURE_VALUE),
    flags  = 0,
    key    = 0;

  text
    help   = STRING_TOKEN(STR_NULL_STRING),
    text   = STRING_TOKEN(STR_SEC_OEMTAG_STRING),
    text   = STRING_TOKEN(STR_SEC_OEMTAG_VALUE),
    flags  = 0,
    key    = 0;

  text
    help   = STRING_TOKEN(STR_SEC_TEMP_DISABLE_HELP),
    text   = STRING_TOKEN(STR_SEC_TEMP_DISABLE_STRING),
    text   = STRING_TOKEN(STR_SEC_TEMP_DISABLE_PROMPT),
    flags  = 0,
    key    = 0;
  subtitle text = STRING_TOKEN(STR_NULL_STRING);

  suppressif  ideqval Setup.SeCModeEnable == 0x00;
  grayoutif ideqval Setup.SeCEOPEnable == 1;
  oneof   varid   = Setup.SecEnable,
    prompt      = STRING_TOKEN(STR_SEC_SETTING_PROMPT),
    help        = STRING_TOKEN(STR_SEC_SETTING_HELP),
    option text = STRING_TOKEN(STR_DISABLED), value=0x00, flags=RESET_REQUIRED;
    option text = STRING_TOKEN(STR_ENABLED), value=0x01,  flags=DEFAULT | RESET_REQUIRED;
  endoneof;
  endif;
  endif;

  suppressif  ideqval Setup.SeCOpEnable == 0x00;
  grayoutif ideqval Setup.SeCEOPEnable == 1;
  oneof   varid   = Setup.SecFlashUpdate,
    prompt      = STRING_TOKEN(STR_SEC_FLASH_UPDATE_PROMPT),
    help        = STRING_TOKEN(STR_SEC_FLASH_UPDATE_HELP),
    option text = STRING_TOKEN(STR_DISABLED), value=0x00, flags=DEFAULT | RESET_REQUIRED;
    option text = STRING_TOKEN(STR_ENABLED), value=0x01, flags=RESET_REQUIRED;
  endoneof;

  oneof   varid   = Setup.SecFirmwareUpdate,
    prompt      = STRING_TOKEN(STR_SEC_FIRMWARE_UPDATE_PROMPT),
    help        = STRING_TOKEN(STR_SEC_FIRMWARE_UPDATE_HELP),
    option text = STRING_TOKEN(STR_DISABLED), value=0x00, flags=DEFAULT | RESET_REQUIRED;
    option text = STRING_TOKEN(STR_ENABLED), value=0x01, flags=RESET_REQUIRED;
  endoneof;
  endif;

  oneof   varid   = Setup.SeCEOPEnable,
    prompt      = STRING_TOKEN(STR_SEC_EOP_PROMPT),
    help        = STRING_TOKEN(STR_SEC_EOP_HELP),
    option text = STRING_TOKEN(STR_DISABLED), value=0x00, flags = RESET_REQUIRED;
    option text = STRING_TOKEN(STR_ENABLED), value=0x01, flags = DEFAULT | RESET_REQUIRED;
  endoneof;

  grayoutif ideqval Setup.SeCEOPEnable == 1;
  text
    help   = STRING_TOKEN(STR_SEC_TEMP_DISABLE_HELP),
    text   = STRING_TOKEN(STR_SEC_UNCONFIGURATION_PROMPT),
    flags  = INTERACTIVE,
    key    = 0x1234;
  endif;
  endif;

  //
  //TPM related
  //
  subtitle text = STRING_TOKEN(STR_TPM_CONFIGURATION_PROMPT);

  oneof   varid   = Setup.TPM,
    prompt      = STRING_TOKEN(STR_TPM_PROMPT),
    help        = STRING_TOKEN(STR_TPM_HELP),
    option text = STRING_TOKEN(STR_DISABLE), value = 0x00, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
    option text = STRING_TOKEN(STR_TPM_PTT), value = 0x01, flags = RESET_REQUIRED;
    option text = STRING_TOKEN(STR_TPM_DTPM_1_2), value = 0x02, flags = RESET_REQUIRED;
    option text = STRING_TOKEN(STR_TPM_DTPM_2_0), value = 0x03, flags = RESET_REQUIRED;
  endoneof;

  suppressif NOT ideqval Setup.TPM == 1;
    oneof varid  = Setup.TPMSupportedBanks,
      prompt = STRING_TOKEN(STR_TPM2_PCR_ALLOCATE_PROMPT),
      help   = STRING_TOKEN(STR_TPM2_PCR_ALLOCATE_HELP),
      option text = STRING_TOKEN(STR_TPM2_PCR_ALLOCATE_NULL), value = TPM2_SUPPORTED_BANK_NULL, flags = RESET_REQUIRED;
      option text = STRING_TOKEN(STR_TPM2_PCR_ALLOCATE_SHA1), value = TPM2_SUPPORTED_BANK_SHA1, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
      option text = STRING_TOKEN(STR_TPM2_PCR_ALLOCATE_SHA2), value = TPM2_SUPPORTED_BANK_SHA2, flags = RESET_REQUIRED;
      option text = STRING_TOKEN(STR_TPM2_PCR_ALLOCATE_BOTH), value = TPM2_SUPPORTED_BANK_BOTH, flags = RESET_REQUIRED;
    endoneof;
  endif;

endform;