From b578e4e7e3ac1b52eafccc8ac32630be75cb9451 Mon Sep 17 00:00:00 2001
From: vit9696 <vit9696@users.noreply.github.com>
Date: Sun, 9 Feb 2020 00:51:30 +0300
Subject: [PATCH] OcConfigurationLib: Replace RequireVault and RequireSignature
 with Vault

---
 Include/Library/OcConfigurationLib.h            | 9 +++++++--
 Library/OcConfigurationLib/OcConfigurationLib.c | 3 +--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/Include/Library/OcConfigurationLib.h b/Include/Library/OcConfigurationLib.h
index e8ef5495..fdf9b8fd 100644
--- a/Include/Library/OcConfigurationLib.h
+++ b/Include/Library/OcConfigurationLib.h
@@ -291,7 +291,14 @@
 #define OCS_EXPOSE_OEM_INFO    8U
 #define OCS_EXPOSE_VERSION     (OCS_EXPOSE_VERSION_VAR | OCS_EXPOSE_VERSION_UI)
 
+typedef enum {
+  OcsVaultOptional = 0,
+  OcsVaultBasic    = 1,
+  OcsVaultSecure   = 2,
+} OCS_VAULT_MODE;
+
 #define OC_MISC_SECURITY_FIELDS(_, __) \
+  _(OC_STRING                   , Vault                       ,      , OC_STRING_CONSTR ("Secure", _, __), OC_DESTR (OC_STRING) ) \
   _(UINT32                      , ScanPolicy                  ,      , OC_SCAN_DEFAULT_POLICY  , ()) \
   _(BOOLEAN                     , AllowNvramReset             ,      , FALSE                   , ()) \
   _(BOOLEAN                     , AllowSetDefault             ,      , FALSE                   , ()) \
@@ -300,8 +307,6 @@
   _(BOOLEAN                     , EnablePassword              ,      , FALSE                   , ()) \
   _(UINT8                       , PasswordHash                , [64] , {0}                     , ()) \
   _(OC_DATA                     , PasswordSalt                ,      , OC_EDATA_CONSTR (_, __) , OC_DESTR (OC_DATA)) \
-  _(BOOLEAN                     , RequireVault                ,      , TRUE                    , ()) \
-  _(BOOLEAN                     , RequireSignature            ,      , TRUE                    , ()) \
   _(UINT64                      , HaltLevel                   ,      , 0x80000000              , ())
   OC_DECLARE (OC_MISC_SECURITY)
 
diff --git a/Library/OcConfigurationLib/OcConfigurationLib.c b/Library/OcConfigurationLib/OcConfigurationLib.c
index cab592a6..ed5e862e 100644
--- a/Library/OcConfigurationLib/OcConfigurationLib.c
+++ b/Library/OcConfigurationLib/OcConfigurationLib.c
@@ -348,9 +348,8 @@ mMiscConfigurationSecuritySchema[] = {
   OC_SCHEMA_INTEGER_IN ("HaltLevel",            OC_GLOBAL_CONFIG, Misc.Security.HaltLevel),
   OC_SCHEMA_DATAF_IN   ("PasswordHash",         OC_GLOBAL_CONFIG, Misc.Security.PasswordHash),
   OC_SCHEMA_DATA_IN    ("PasswordSalt",         OC_GLOBAL_CONFIG, Misc.Security.PasswordSalt),
-  OC_SCHEMA_BOOLEAN_IN ("RequireSignature",     OC_GLOBAL_CONFIG, Misc.Security.RequireSignature),
-  OC_SCHEMA_BOOLEAN_IN ("RequireVault",         OC_GLOBAL_CONFIG, Misc.Security.RequireVault),
   OC_SCHEMA_INTEGER_IN ("ScanPolicy",           OC_GLOBAL_CONFIG, Misc.Security.ScanPolicy),
+  OC_SCHEMA_STRING_IN  ("Vault",                OC_GLOBAL_CONFIG, Misc.Security.Vault),
 };
 
 STATIC