Code Signing (Authenticode) Certifications
Code signing is widely used to protect software that is distributed over the Internet. Code signing does not alter it; it simply appends a digital signature to the executable code itself. This digital signature provides enough information to authenticate the signer as well as to ensure that a code is not been subsequently modified. Code signing digital IDs (or certificates) allow content publishers including software developers to sign their content that includes software objects, macros, device drivers, firmware images, configuration files or other types of content for secure delivery over the Internet.
Digital signatures are created using a public-key signature algorithm such as the RSA public-key cipher. A public-key algorithm actually uses two different keys: the public key and the private key (called a key pair). The private key is known only to its owner, while the public key can be available to anyone. Public-key algorithms are designed so that if one key is used for encryption, the other is necessary for decryption. Furthermore, the decryption key cannot be reasonably calculated from the encryption key. In digital signatures, the private key generates the signature, and the corresponding public key validates it.
When customers download software signed with a Code Signing Certificate issued by a trusted Certificate Authority, they can be assured of:
Code signing is widely used to protect software that is distributed over the Internet. Code signing does not alter it; it simply appends a digital signature to the executable code itself. This digital signature provides enough information to authenticate the signer as well as to ensure that a code is not been subsequently modified. Code signing digital IDs (or certificates) allow content publishers including software developers to sign their content that includes software objects, macros, device drivers, firmware images, configuration files or other types of content for secure delivery over the Internet.
Digital signatures are created using a public-key signature algorithm such as the RSA public-key cipher. A public-key algorithm actually uses two different keys: the public key and the private key (called a key pair). The private key is known only to its owner, while the public key can be available to anyone. Public-key algorithms are designed so that if one key is used for encryption, the other is necessary for decryption. Furthermore, the decryption key cannot be reasonably calculated from the encryption key. In digital signatures, the private key generates the signature, and the corresponding public key validates it.
When customers download software signed with a Code Signing Certificate issued by a trusted Certificate Authority, they can be assured of:
- Content Source: End users can confirm that the software really comes from the publisher who signed it.
- Content Integrity: End users can verify that the software has not been altered or corrupted since it was signed.
