(/)

Home (https://www.sslshopper.com/) SSL Wizard  SSL FAQ (ssl-faq.html) SSL Reviews (certi cate-authority-reviews.html)

SSL News (ssl-security-news.html) SSL Tools  

What is Code Signing?

What is Code Signing? Code signing is the method of using a certi cate-based digital signature to sign executables and scripts in order to verify the author’s identity and
ensure that the code has not been changed or corrupted since it was signed by the author. This helps users and other software to determine whether the software can
be trusted.

Purpose of Code Signing

Because of the potential damage that an executable or script can cause to a computer system, it is important that users be able to trust code published on the Internet. If
you know that an application is signed by Microsoft, Inc instead of IWantToHackYou, LLC, you’ll be much more likely to install it. There are two important ways that Code
Signing increases trust:

Authentication. Verifying who the author of the software is.

Integrity. Verifying that the software hasn’t been tampered with since it was signed.

For example, say you write an application called WordWrite, sign it using your code signing certi cate, and distribute it on your website. Before running the application,
your users will see that it is signed by you and they will know that it hasn’t been changed by a hacker in the process of downloading it.
Another advantage that code signing provides is the ability to trust updates. If you release an update to a software application and sign it uses the same key as the
original application, the update can be automatically trusted because it couldn’t have come from anywhere other than you.
All major operating systems (Microsoft Windows, Apple OS X, Linux, etc.) and web browsers support code signing. They also use code signing to ensure that malicious
code cannot be distributed through the patch system. Learn more about Microsoft Windows code signing (http://msdn.microsoft.com/en-us/library/ms537361.aspx) and
Apple OS X code signing (http://developer.apple.com/DOCUMENTATION/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html).

What is a Code Signing Certi cate?

A code signing certi cate allows you to sign code using a private and public key system similar to the method used by SSL and SSH. A public/private key pair is generated
when the certi cate is requested. The private key stays on the applicant’s machine and is never sent to the certi cate provider. The public key is submitted to the provider
with the certi cate request and the provider issues a certi cate.
The code signing certi cate acts as a digital signature. When you sign data, you include your digital signature with the data. A certi cate contains information that fully
identi es an entity, and is issued by a certi cate authority (certi cate-authority-reviews.html) (CA) after that authority has veri ed the entity's identity. When the sender of
a message signs the message with its private key, the message recipient can use the sender's public key to verify the sender's identity.

What is the role of trust in Code Signing?

Code signing certi cates should be signed by a trusted root certi cation authority using a secure public key infrastructure (PKI). Certi cation authorities are
organizations, determined to be trustworthy, that issue certi cates to entities whose identity has been veri ed. Certi cates are veri ed using a chain of CAs. Each
certi cate is linked to the certi cate of the CA that signed it. By following this chain path, to a trusted CA, you can be assured that a certi cate is valid. For example, if a
user’s system is set to trust a particular certi cate authority and receives an executable signed by an entity that was validated by that authority, he can choose to trust the
executable by proxy.
This does not guarantee that the code itself can be trusted, only that it was signed by a speci c legal entity. A hacker could still get a code signing certi cate and sign a
virus but he will be legally accountable for it. In addition to validating an entity’s identity, commercial CAs require applicants to pledge not to distribute software that they
know, or should have known, contains viruses or would otherwise harm a user's computer or code.

How does Code Signing Work?

In order to sign a piece of code, an author goes through the following process:

Applies for a code signing certi cate from a code signing certi cate authority (certi cate-authority-reviews.html)

Has his identity veri ed and receives a code signing certi cate

Generates a one-way hash of the software and uses the private key to encrypt this hash

Bundling the hash and certi cate with the executable

When a user receives the application, he veri es it by:

Decrypting the hash using the public key in the certi cate

Creating a new hash of the downloaded application


 Comparing the new hash with the hash that was signed by the certi cate

If the two hashes match, the user knows that the application has not been modi ed since it was
signed. Most of these steps are handled by the operating system automatically. For example, when
you run a signed application on Windows, you will see the following dialog:

This indicates that iTunesSetup.exe was signed by Apple Inc. using a certi cate from a trusted
certi cate authority (one that has root certi cates included with Windows). If you right-click the
executable and view the properties of it, the Digital Signatures tab will let you view the details of the
certi cate:

This shows that the certi cate was issued by VeriSign (symantec-certi cate-authority-reviews.html). An unsigned application would display the following dialog:

Many di erent types of code can be signed. The most common include Windows applications such as .exe, .cab, .dll, .ocx, and .xpi les (using Authenticode certi cates
(microsoft-authenticode-certi cates.html)), Apple software (using Apple code signing certi cates (apple-code-signing-certi cates.html)), Microsoft O ce VBA objects and
macros (using VBA code signing certi cates (microsoft-vba-code-signing-certi cates.html)), .jar les (using Java code signing certi cates (java-code-signing- 
certi cates.html)), .air or .airi les (using Adobe AIR certi cates (adobe-air-code-signing-certi cates.html)), and Windows Vista drivers and other kernel-mode software
(using Vista code certi cates (microsoft-vista-kernel-mode-code-signing-certi cates.html)). In reality, most code signing certi cates can sign all types of code as long as
you convert the certi cate to the correct format rst.
Code Signing is essential technology that allows the author of an application to be veri ed and allows software integrity to be veri ed. Though it doesn’t prevent malicious
software from being distributed, it ensures accountability and software integrity. As long as a user recognizes and trusts the publisher of an application, he can safely run
it without worrying about whether it has been tampered with.
Compare Code Signing Certi cates (cheap-code-signing-certi cates.html)
Originally posted on Thu Apr 30, 2009

1 Comment SSL Shopper 

1 Login

Sort by Best
 Recommend 3 ⤤ Share

Join the discussion…

LOG IN WITH
OR SIGN UP WITH DISQUS ?

Name

Long Wei • 4 years ago − ⚑

I am developing code to sign and verify the signature of a DLL or SO module/image by using the public key and hash scheme.

I got it work on Windows. Now I am coding the Linux part. I am looking for a set of functions from OpenSSL Crypto lib that make same or similar
functionality of the following Windows Cryptography API functions:

- CertCreateContext
- CryptAcquireContext
- CryptImportPublicKeyInfo
- CryptCreateHash
- ImageGetDigestStream
- ImageGetCertificateData
- CryptVerifySignature

Please make my favor and take couple of seconds of your time to get an answer for me.

Your help is greatly appreciated.

If you do not have time to answer my question, is it possible for you to forward my email to a gentleman who is able to answer my question?

Best wishes,

Long Wei
425-806-4073
△ ▽ • Reply • Share ›

✉ Subscribe d Add Disqus to your siteAdd DisqusAdd 🔒 Disqus' Privacy PolicyPrivacy PolicyPrivacy

 Menu

 What is SSL? (what-is-ssl.html)

 Why SSL? (why-ssl-the-purpose-of-using-ssl-

certi cates.html)

 PKI Overview (public-key-infrastructure-pki-

overview.html)

 Choosing the right CA (choosing-the-right-certi cate-

authority.html)

 SSL Certi cate Features (ssl-certi cate-features.html)

 Ordering a Certi cate (how-to-order-an-ssl-

certi cate.html)

 What is a CSR? (what-is-a-csr-certi cate-signing-

request.html)

 SSL Certi cate Installation (ssl-certi cate-

installation.html)

 SSL Certi cate Errors (ssl-certi cate-errors.html)

 SSL Details (ssl-details.html)

 Special Types (special-ssl-certi cate-types.html)

 Code Signing (what-is-code-signing.html)

 Email Certi cates (email-certi cates-smime-

certi cates.html)

 Root Signing (article-trusted-root-signing-

certi cates.html)

 Copying a Certi cate (how-to-move-or-copy-an-ssl-

certi cate-from-one-server-to-another.html)

 Quick SSL Search

Cheap SSL Certi cates (/cheapest-ssl-certi cates.html)

EV Certi cates (/cheapest-ev-ssl-certi cates.html)

UC/SAN Certi cates (/uni ed-communications-uc-ssl-certi cates.html)

Wildcard Certi cates (/best-ssl-wildcard-certi cate.html)

Domain Validated(DV) Certi cates (/best-domain-validated-ssl-certi cates.html)

Code Signing Certi cates (/cheap-code-signing-certi cates.html)

© 2018 SSL Shopper™ All Rights Reserved | Full Disclosure (/full-disclosure.html)

Home (https://www.sslshopper.com/) SSL Wizard (ssl-certi cate-wizard.html) SSL FAQ (ssl-faq.html) SSL Reviews (certi cate-authority-reviews.html)

SSL News (ssl-security-news.html) Site Map (site-map.html) About (about-ssl-shopper.html) SSL Tools (ssl-certi cate-tools.html)