Code Signing addresses a core trust problem: how can users know that software downloaded from the internet is genuine and unmodified? By attaching a digital signature to executables, publishers assert both their identity and the integrity of the code.

How Code Signing Works

1. Developer applies for a Code Signing certificate from a Certificate Authority (CA), submitting proof of identity.
2. A public/private key pair is generated. The private key stays on the developer’s machine.
3. At signing: code is hashed → hash encrypted with private key → signature block embedded in the executable.
4. At verification: browser retrieves publisher certificate → decrypts digest with public key → rehashes code → compares. A match confirms authenticity and integrity.

Signable File Types (VeriSign Authenticode)

Extension	Type
.EXE	Executable programs
.CAB	Cabinet files (installation packages)
.OCX	ActiveX controls
.DLL	Dynamic link libraries
.CAT	Digital thumbprint files

Limitations of Code Signing

• Relies on the CA’s ability to verify applicant identity — fraudulent applications can yield valid certificates for malicious code.
• A legitimately-signed program can still contain intentionally malicious logic.
• Certificate Revocation Lists (CRLs) create a gap between key compromise and revocation.
• Users must ultimately decide whom to trust.