From only $109 per year!
Think of code signing as shrink-wrap for your digital software. Any tampering will break the
digital signature and alert your customers that the code has been altered and is no longer
Making it hard to tweak your code means your customers can trust that the software they're
downloading is indeed the software you published; untainted. Signed code preserves both your
business reputation and intellectual property.
Code signing doesn't alter the application—it simply appends a digital signature to the
executable code. Digital signatures assure your customers that the integrity of the code they
download from your site is intact. This digital signature delivers details that authenticate the
signer and ensure that the code has not been subsequently modified.
Plus, in Windows Vista, Windows 7, Windows Server 2008 and later versions, a UAC (User Account
Control) dialog box interrupts installations of unsigned code. That dialog identifies you as an
"unidentified publisher" - not a very professional appearance. Signed code, however, appears with
your (company's) name.
Members of CodeProject get special
pricing on code signing certificates.
Your customers can download digitally signed Active X controls, dynamic link libraries, .cab
files or HTML content from your site with full confidence that code really comes from you and hasn't
been altered or corrupted since it was created and signed.
Code signing is available for a variety of content including software objects, macros, device
drivers, firmware images, virus updates and configuration files for secure delivery over the
Digital signatures are created using a public-key signature algorithm such as the RSA public-key
cipher. A public-key algorithm actually uses two different keys: the public key and the private key
(called a key pair). The private key is known only to its owner, while the public key can be
available to anyone.
Public-key algorithms are designed so that if one key is used for encryption, the other is
necessary for decryption. Furthermore, the decryption key cannot be reasonably calculated from the
encryption key. In digital signatures, the private key generates the signature, and the
corresponding public key validates it.
If you're distributing code electronically you risk impersonation and tampering.
CodeProject's Code Signing Digital IDs for Microsoft
Authenticode protect against these hazards.
Code Project offers Digital IDs designed for commercial software developers. This class of
Digital ID provides assurance regarding an organization's identity and legitimacy, much like a
business license, and is designed to represent the level of assurance expected by your customers.
Authenticode relies on industry standard cryptography techniques such as X.509 v3 certificates
and PKCS #7 and #10 signature standards. These are well-proven cryptography protocols, which ensure
a robust implementation of code signing technology.
Authenticode uses digital signature technology to assure users of the origin and integrity of
software. In a digital signature, the private key generates the signature, and the corresponding
public key validates it. To save time, the Authenticode protocols use a cryptographic digest, which
is a one-way hash of the document.
By purchasing a Certificate from CodeProject, you agree to
Code Signing Certificate Agreement and CodeProject
Certificate Practice Agreement.