SignedAndEnvelopedData
Pkcs7的一种结构,用来包装加密的私钥。结构如下:
Purpose:数字信封
SignedAndEnvelopedData ::= SEQUENCE {
version INTEGER {seVer1(1), seVer2(2)} (seVer1 | seVer2),
recipientInfos RecipientInfos,
digestAlgorithms
DigestAlgorithmIdentifiers,
encryptedContentInfo
EncryptedContentInfo,
certificates CHOICE {
certSet [0] IMPLICIT ExtendedCertificatesAndCertificates,
certSequence [2] IMPLICIT Certificates
} OPTIONAL,
crls CHOICE {
crlSet [1] IMPLICIT CertificateRevocationLists,
crlSequence [3] IMPLICIT CRLSequence
} OPTIONAL,
signerInfos SignerInfos
} (WITH COMPONENTS { ..., version (seVer1),
recipientInfos (WITH COMPONENTS { ..., riSet PRESENT }),
digestAlgorithms (WITH COMPONENTS { ..., daSet PRESENT }),
certificates (WITH COMPONENTS { ..., certSequence ABSENT }),
crls (WITH COMPONENTS { ..., crlSequence ABSENT }),
signerInfos (WITH COMPONENTS { ..., siSet PRESENT })
} |
WITH COMPONENTS { ..., version (seVer2),
recipientInfos (WITH COMPONENTS { ..., riSequence PRESENT }),
digestAlgorithms (WITH COMPONENTS { ..., daSequence PRESENT }),
certificates (WITH COMPONENTS { ..., certSet ABSENT }),
crls (WITH COMPONENTS { ..., crlSet ABSENT }),
signerInfos (WITH COMPONENTS { ..., siSequence PRESENT })
})
解密数字信封:
首先获取recipientInfo中的EncryptedKey的value值,用私钥解密出来对称秘钥symmKey,在用对称秘钥去解EncryptedContentInfo中的EncryptedContent的value值,解密后获得enprivateKey。
验证数字信封签名:
验证签名首先判断signerInfo中的AuthenticatedAttributes是否有值,有值获取该属性的attributesValue值,用symmKey解密该attributesValue后的到的结果,作为明文data与EncryptedDigest验签。
如果AuthenticatedAttributes没有值,则获取
signedAndEnvelopedData.getEncryptedContentInfo().getEncryptedContent()
用symmKey解密的结果作为明文data与EncryptedDigest验签。
故验证数字信封签名需要先解密获取到对称秘钥KEY才能验签。