Code signing is used to ensure the validity of the source cosed. When you distribute code over the internet, no matter if its raw source code or binary code, it is possible that an attacker changes the code. If the code then gets distributed the user probably trusts your code, since you sent it to them. This allows attackers to distribute malicious codes without you even knowing it. To ensure that only your original code is used and no malicious code is inserted, code signing is used. Your code, binary or raw, gets signed before you deploy it to your customers by using many different security methods, such as calculating the SHA-1. The whole bundle gets then signed by an official authority which ensures that all enclosed data is originally provided by you. With code signing you can be sure that the code you distribute, is the code you wrote!
Currently code signing is available for the following platforms:
- Windows Active X
- Windows Kernel Software
- Microsoft Office Macros & Visual Basic Applications (VBA)
- MacOS 9 and later Apple Signing
- Sun Java JAR
- Adobe AIR
- Mozilla & Netscape Objects
If you think about signing your code, please contact our support team for better advisory.