How does file encryption and signing work?

P

Pavel Bykov2021-04-04 14:23:35

Encryption

Pavel Bykov, 2021-04-04 14:23:35

Good afternoon, I don’t quite understand how file encryption through a certificate works (why install a root certificate in order for the certificate through which you will encrypt and sign a file to work), and what is the general difference between signing and encrypting a file, and also has Does it make sense to immediately sign and encrypt the file? I would like to know if there are any videos or articles about how it works, and how it would be possible to implement such functionality, for example, in node js.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

CityCat4, 2021-04-04
@CityCat4

And what, banned in Google?
The root certificate is needed in order to pass the certificate validity check. You issue yourself a certificate - but there is zero trust in it. You must either somehow convince / force all those who will read your mail, for example, put this certificate in trusted ones (it's easy in the enterprise - put it into politics and scattered to everyone).
This is the point of issuing a certificate in a CA with worldwide recognition - at least in LE - so that the validity check passes without dancing with the root certificate.
The signature does not change the content of the file - it will be readable. The signature guarantees that the file has not been modified during the delivery process.
Encryption changes the file - it cannot be read, but a malicious person can modify it - and it cannot be decrypted.
Signing an encrypted file guarantees that the encrypted file has not been modified and will decrypt normally.