Definition: Code signing is a process of digitally signing a program, file, software update or executable, so that it’s authenticity and integrity can be verified upon installation and execution.
Code Signing explained
Code signing certificates are used by software developers and distributors to digitally sign executables and software programs so that end-users are able to verify that the code they receive has not been tampered with. The ultimate aim is to alleviate the end user’s concern that the software can be downloaded from a trusted source.
A code signing certificate is a digital certificate that prominently displays the name of the publisher and, if required, a timestamp, and is issued by a Certificate Authority. The digital certificate binds the identity of an organization to a public key that is mathematically related to a public key pair and is traceable back to a trusted Certificate Authority. The use of private and public key systems is called Public Key Infrastructure (PKI). The developer signs code with its private key and the end user uses the developer’s public key to verify the developer's identity;
- If the system trusts the certificate, the download or execution will proceed
- If there is no certificate, or If the system does not trust the root or the hashes do not match (i.e., if the signature has been tampered with), the download is interrupted with a warning informing the user that the software may not be trusted.
The integrity of the system relies on securing keys from unauthorized access. Best practice would be to store keys in secure, tamper-proof, cryptographic hardware devices such as Hardware Security Modules (HSMs).
How to increase the protection of code signing certificate private keys?