This identifies a signature based on an X.509 certificate. If the signature is an X.509
certificate then verification of the signature of an image should validate the public
key certificate in the image using certificate path verification, up to this X.509
certificate as a trusted root. The SignatureHeader size shall always be 0. The
SignatureSize may vary but shall always be 16 (size of the SignatureOwner component) +
the size of the certificate itself.
Note: This means that each certificate will normally be in a separate EFI_SIGNATURE_LIST.
This identifies a signature based on an X.509 certificate. If the signature is an X.509 certificate then verification of the signature of an image should validate the public key certificate in the image using certificate path verification, up to this X.509 certificate as a trusted root. The SignatureHeader size shall always be 0. The SignatureSize may vary but shall always be 16 (size of the SignatureOwner component) + the size of the certificate itself. Note: This means that each certificate will normally be in a separate EFI_SIGNATURE_LIST.