8May
Should my executable check that it has been signed with my certificate
We distribute a Windows application. The application is code signed with a certificate from a proper/trusted CA. This provides some guarantee that the application came from us (checked by the OS).
We use CryptQueryObject to get the fields of the certificate (yes, we should update to CNG), and we check that the fields match the organization. We are updating the Org post-acquisition which got me looking into this to make sure we are checking the right fields.
So far, I have not found recommendations from a reputable source that we need to perform these checks.
If we should be performing them, I would like to know what risks they are mitigating. What attributes should we actually check to be effective?
