Creating and Receiving Enveloped Data Messages
An enveloped message is a message that is encrypted for a set of recipients. In the envelopment process, a session encryption key is generated and the message is encrypted with that key. The encryption key itself is then encrypted separately for each recipient using the public keys from each intended recipient's certificate. The enveloped message consists of the encrypted message, the certificates of the intended recipients, and the set of encrypted keys, one for each recipient. The message generated is in PKCS #7/CMS format.
The following sections show procedures and examples for enveloped message tasks:
- Encoding Enveloped Data
- Decoding Enveloped Data
- Alternate Code for Encoding an Enveloped Message
- Example C Program: Encoding an Enveloped, Signed Message