We're almost always going to want the attributes set to
NON_VOLATILE | BOOTSERVICE_ACCESS | RUNTIME_ACCES | APPEND_WRITE,
and TIME_BASED_AUTHENTICATED_WRITE is required. So, provide this
as the default if no --attrs argument is specified.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Rather than making these private to sbvarsign, move the EFI_VARIABLE
attribute defintions to efivars.h
Since some of these are defined by gnu-efi, we need to protect the
definitions with an #ifdef.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
Despite what the Authenticode spec says ("dwLength is set to the length
of bCertificate"), the MS var sign tool and EDK2 sources include the
header in the dwLength size.
Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
