Code signing

From Lazarus wiki
Jump to navigationJump to search

English (en) français (fr)

Every piece of code may contain viruses, spyware, trojan horses, backdoors, rootkits, keyloggers and other kinds of malware. The risk has dramatically increased with the advent of wide-area networks like the internet, where it is easy to download programs of unknown or unverified origin.

One measure to reduce the effects of malicious code is that some modern operating systems require executables and scripts that have been downloaded from the internet to be signed with a developer's certificate. Code signing confirms the identity of the software author and guarantees that the code has not been altered or corrupted since it was signed by use of a cryptographic hash. Therefore, it ensures both authenticity and integrity of the executables.


Overview of code-signing a program written with Lazarus and Free Pascal


Code signing is required in iOS and modern versions of macOS. Microsoft implements for Windows a form of code signing based on Authenticode to include information about developers and their code with their programs through the use of digital signatures.

See also