Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
19-15
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 19 S/MIME Security Services
Verifying, Decrypting, or Decrypting and Verifying Incoming Messages using S/MIME
Note
You can use Email Security appliance S/MIME security services to verify, decrypt, or decrypt and verify
outgoing and incoming messages.
outgoing and incoming messages.
S/MIME Verification and Decryption Workflow in Email Security Appliance
•
•
S/MIME Verification Workflow
The following process describes how Email Security appliance performs S/MIME verification.
1.
Apply a hash algorithm to the signed message to create a message digest.
2.
Decrypt the PKCS7 signature attached to the signed message using the public key of the sender's
S/MIME certificate, and get the message digest.
S/MIME certificate, and get the message digest.
3.
Compare the generated message digest with the message digest retrieved from the signed message.
If the message digests match, the message is verified.
If the message digests match, the message is verified.
S/MIME Decryption Workflow
The following process describes how Email Security appliance performs S/MIME decryption.
1.
Decrypt the session key using the private key of the appliance’s S/MIME certificate
2.
Decrypt the message body using the session key.