What is Code Signing?
Code signing is the process of authenticating software code/application/program/scripts to confirm the source of origin of the publisher and assure that the code has not been tampered or altered since it was signed.
Certificate Authorities (CA) confirm code signing source identity and bind their public key to a code signing certificate. This certificate enables validation of code sign with an authentic root certificate. Performing code sign will cater below three functions:
- Provides authentication of code
- Provides cryptographic protection
- Software/code author validation