3.4. Securing Code

3.4.1. Micosoft Code

You can sign your programs and applet to certify that you are the author of such code. It is important for your customes to trust that nobody has tried to insert a virus or a backdoor inside your code. To authenticate your code you need Microsoft Authenticode SDK. You can get it from the Microsoft web site in the MSDN section.

Gernerate a certificate as usual but with a Common Name (CN) like “ACME Software Cert”. Have the certificate signed by the CA and convert it to a pkcs12 format.

CA.pl -newreq
CA.pl -sign
CA.pl -pkcs12 "ACME Software Cert"

You get a file called newcert.p12 that you import in the Certificate store by clicking on the file when in Windows.

You can now use this certificate for signing your code

signcode -cn "ACME Software cert" -tr 5 -tw 2 -n "My Application" \
-i http://www.acme.com/myapp/ \
-t http://timestamp.verisign.com/scripts/timstamp.dll myapp.exe

When you try to install and run your application a dialog will appears with the title “My Application” and with a link pointed by the -i argument.