In a world driven by software, ensuring software integrity is paramount. Users expect the applications they install to be safe and trustworthy, while developers need assurance that their code remains untampered with during distribution. This is where code signing comes into play.
Understanding Code Signing
At its core, code signing is a cryptographic process that attaches a digital signature to software. This signature, generated using a private key, serves as a unique identifier of authenticity and integrity. It assures users that the software they're about to install has not been compromised or altered since it was signed.
Threats to Software Integrity
Given the critical nature of code signing operations, they are often targeted by threat actors. These actors try to steal keys, include malware or tamper with applications. For instance, HashiCorp had its private key exposed in Codecov security breach [source].
Taiwanese PC maker MSI earlier this year confirmed that its code signing keys were leaked on the dark web [source]. Hackers have stolen code-signing certificates from GitHub as well [source]. The dangerous thing about such incidents is that an attacker can use the stolen signing keys to sign malicious software and make it look safe and legitimate.
To prevent such cyber threats, the CA/Browser Forum has updated code signing requirements to enhance software security and integrity. For those unfamiliar with it, CA/Browser forum is a consortium that promotes industry guidelines for digital certificate issuance and management.
According to version 3.4 of the baseline requirements [source], “For Code Signing Certificates, Signing Services shall protect Private Keys in a Hardware Crypto Module conforming to at least FIPS 140‐2 level 2 or Common Criteria EAL 4+”.
Fortanix offers numerous benefits when it comes to code signing.
- FIPS Level 3 HSM: Fortanix provides a market leading Hardware Security Module (HSM) that allows you to comply with the CA/Browser Forum’s new code signing requirements.
- Integrations and Flexibility: Fortanix supports a wide range of use cases and integrations, from signing Docker images with Notary to signing Windows applications with the Microsoft CNG provider and Java applications with Java Cryptography Extension (JCE). Whether you need to sign git commits or verify them, Fortanix has you covered.
- Audit logs: Fortanix offers comprehensive auditing capabilities, enabling you to track every code signing operation, making it easy to meet compliance requirements and handle incidents.
- RBAC and Quorum control: Fortanix DSM provides fine-grained access control for key usage as well as elaborate quorum-based policies. These policies can be configured to require approval from M of N administrators before a signing operation is executed. Approvals can be obtained asynchronously and in a distributed manner.
Whether you're a software developer looking to install confidence in your users or a user looking to safeguard your digital environment, the digital signature is your beacon of trust.
Fortanix elevates code signing solution to new heights, by offering vigorous key management, HSM-backed security, seamless DevOps integration, audit trails, multi-cloud flexibility, and regulatory compliance.
With Fortanix, your code signing processes are not just secure; they're fortified against the evolving threat landscape. Put trust in your software with Fortanix.