Authenticode or other code signing for Mac and Linux
Do Mac and Linux have something like Authenticode?
If yes, can anyone point to an example snippet, preferably in C, on how to check if the signatures match?
Thanks
Edit: Mac in here section has a possible answer. But I don’t know if this can be done in pure C.
Solution
The standard way to verify code running on Linux systems is to validate the binaries once when you install the package, not each time you run them. The package, such as an RPM, contains a cryptographic signature that must match the contents of the file or the installer will refuse to install. Standard UNIX permissions prevent normal users from later modifying these files on disk. The checksums of files on disk can be periodically compared to the checksums they should be (using RPM or TripWire or something similar) in case they are modified or corrupted.