The low-level message functions adhere to RSA PKCS #7 Cryptographic Message Syntax Standard, published by RSA Laboratories, a division of RSA Data Security, Inc. The specification is available on their web site, http://www.rsa.com. To most effectively use the low-level message functions, you should become familiar with this specification. A few of its definitions are highlighted here.
The PKCS #7 standard describes a general syntax for data that may have cryptography applied to it, such as digital signatures and digital envelopes. The syntax admits recursion, so that, for example, one envelope can be nested inside another, or one party can sign digital data that has already been put into an envelope. It also allows arbitrary attributes, such as signing time, to be authenticated along with the content of a message. Further, it provides for other attributes, such as countersignatures, to be associated with a signature.
The type of data contained in a PKCS #7 message is called its content type. There are two classes of content types—Base and Enhanced.
The content in the Enhanced class employs encapsulation, giving rise to the terms, outer content (the one containing the enhancements) and inner content (the one being enhanced). For example, an Enhanced class might contain the Data content type (Base class) that has a signature included with it. In this case, the Data content type is the inner content and the combination of the Data content type and the signature forms the outer content.
The content types defined in PKCS #7 standard are:
Note Throughout the PKCS #7 specification, the terms digest and digested are used to refer to the value produced from applying a hashing algorithm to data. Throughout this manual we have used the terms "hash" and "hashed" for the same purpose. For example, the data type used with the low-level message functions is called hashed rather than digested. For the purposes of this document the two sets of terms may be used interchangeably.