Code Signing Certificates & Key Protection

Certification Icon

Code signing has emerged as an essential ingredient to doing business for virtually any organization that distributes code to customers and partners. Code signing verifies who the publisher of a specific set of code is and attests to the fact that it has not been modified since it was signed. Certificates delivered along with software that has been signed are a key way for users to determine whether software originates from a legitimate source before installing.

Today, many software marketplaces, including mobile app stores, require code to be compliant with specific digital signing requirements. If code doesn’t meet these requirements, users have to accept a prompt, such as “unknown publisher” alert or other message, before installing. For legitimate software developers, having customers receive these messages can create significant issues.

Code signing is also widely used by device manufacturers who need to update the firmware and software of devices in the field.

Code Signing Architecture and Vulnerability

Code signing architectures are comprised of several key facets, including:

  • Public key infrastructure (PKI) technology is used to create a digital signature.

  • The digital signature is based on a private key and contents of a program file.

  • In distributing its code, the developer packages the signature with the file or in an associated catalog file.

  • Upon receipt of the signed code, users or devices will combine the file, certificate, and associated public key to verify the identity of the file signer and the integrity of the file.

Purple Cryptographic Key Icon

In code signing environments, a critical vulnerability exists: private keys. Anyone who can access a legitimate certificate owner’s private key can create software that will appear to be signed by that organization. Numerous breaches have used fraudulent code signing certificates to cause significant damage of the certificate owner’s reputation and business.

In order to effectively secure private keys used in code signing, it is vital for organizations to leverage hardware security modules (HSMs). Keys stored on servers or other systems are too susceptible to unauthorized access and compromise. Storing keys in robust, tamper-evident HSMs can eliminate these

SafeNet HSMs address several critical requirements for secure code signing:

  • Secure key generation and storage

  • High availability and reliability

  • Performance and scalability

  • Support for elliptic curve cryptography (ECC)

  • Robust administrative access controls

  • Governance and compliance

View HSM Product Details Request More Information About Code Signing
CTA HSM Critical Risk Mgmt WP
Breach Level Index Site