vathpela/wincert.h

## wincert.h
typedef struct &#123;
        efi_guid_t      SignatureOwner;         // who owns this entry
        uint8_t         SignatureData&#91;0&#93;;       // the data we want to
                                                // fish out of this thing
&#125; EFI_SIGNATURE_DATA;

typedef struct &#123;
        efi_guid_t      SignatureType;       // type of structure in
                                             // EFI_SIGNATURE_DATA.SignatureData
        uint32_t        SignatureListSize;   // Total size of the signature
                                             // list, including this header.
        uint32_t        SignatureHeaderSize; // Size of type-specific header
        uint32_t        SignatureSize;       // The size of each individual
                                             // EFI_SIGNATURE_DATA.SignatureData
                                             // in this list.
        // uint8_t      SignatureHeader&#91;SignatureHeaderSize&#93;
                                             // this is a header defined by
                                             // and for each specific
                                             // signature type.  Of course
                                             // none of them actually define
                                             // a header.
        // EFI_SIGNATURE_DATA&#91;...&#93;&#91;SignatureSize&#93; // actual signature data
&#125; EFI_SIGNATURE_LIST;

typedef struct &#123;
        efi_guid_t        HashType;
        uint8_t           PublicKey&#91;256&#93;;
        uint8_t           Signature&#91;256&#93;;
} EFI_CERT_BLOCK_RSA_2048_SHA256;

typedef struct {
        uint32_t        dwLength;         // Length of this structure
        uint16_t        wRevision;        // Revision of this structure (2)
        uint16_t        wCertificateType; // The kind of signature this is
        //uint16_t      bCertificate&#91;0&#93;;  // The signature data itself. This
                                          // is actually, and not the least
                                          // bit confusingly, the rest of
                                          // the WIN_CERTIFICATE_EFI_GUID
                                          // structure wrapping this one.
&#125; WIN_CERTIFICATE;

#define WIN_CERT_TYPE_PKCS_SIGNED_DATA  0x0002
#define WIN_CERT_TYPE_EFI_PKCS115       0x0ef0
#define WIN_CERT_TYPE_EFI_GUID          0x0ef1

typedef struct &#123;
        WIN_CERTIFICATE   Hdr;         // Info about which structure this is
        efi_guid_t        CertType;    // Type of certificate in CertData
        uint8_t           CertData&#91;0&#93;; // A certificate of some kind
&#125; WIN_CERTIFICATE_EFI_GUID;

typedef struct &#123;
        EFI_TIME                 TimeStamp; // monotonically increasing
                                            // timestamp to prevent replay
                                            // attacks.
        WIN_CERTIFICATE_EFI_GUID AuthInfo;  // Information about how to
                                            // authenticate this variable
                                            // against some KEK entry
&#125; EFI_VARIABLE_AUTHENTICATION_2;
	typedef struct {
	efi_guid_t SignatureOwner; // who owns this entry
	uint8_t SignatureData[0]; // the data we want to
	// fish out of this thing
	} EFI_SIGNATURE_DATA;

	typedef struct {
	efi_guid_t SignatureType; // type of structure in
	// EFI_SIGNATURE_DATA.SignatureData
	uint32_t SignatureListSize; // Total size of the signature
	// list, including this header.
	uint32_t SignatureHeaderSize; // Size of type-specific header
	uint32_t SignatureSize; // The size of each individual
	// EFI_SIGNATURE_DATA.SignatureData
	// in this list.
	// uint8_t SignatureHeader[SignatureHeaderSize]
	// this is a header defined by
	// and for each specific
	// signature type. Of course
	// none of them actually define
	// a header.
	// EFI_SIGNATURE_DATA[...][SignatureSize] // actual signature data
	} EFI_SIGNATURE_LIST;

	typedef struct {
	efi_guid_t HashType;
	uint8_t PublicKey[256];
	uint8_t Signature[256];
	} EFI_CERT_BLOCK_RSA_2048_SHA256;

	typedef struct {
	uint32_t dwLength; // Length of this structure
	uint16_t wRevision; // Revision of this structure (2)
	uint16_t wCertificateType; // The kind of signature this is
	//uint16_t bCertificate[0]; // The signature data itself. This
	// is actually, and not the least
	// bit confusingly, the rest of
	// the WIN_CERTIFICATE_EFI_GUID
	// structure wrapping this one.
	} WIN_CERTIFICATE;

	#define WIN_CERT_TYPE_PKCS_SIGNED_DATA 0x0002
	#define WIN_CERT_TYPE_EFI_PKCS115 0x0ef0
	#define WIN_CERT_TYPE_EFI_GUID 0x0ef1

	typedef struct {
	WIN_CERTIFICATE Hdr; // Info about which structure this is
	efi_guid_t CertType; // Type of certificate in CertData
	uint8_t CertData[0]; // A certificate of some kind
	} WIN_CERTIFICATE_EFI_GUID;

	typedef struct {
	EFI_TIME TimeStamp; // monotonically increasing
	// timestamp to prevent replay
	// attacks.
	WIN_CERTIFICATE_EFI_GUID AuthInfo; // Information about how to
	// authenticate this variable
	// against some KEK entry
	} EFI_VARIABLE_AUTHENTICATION_2;