1. basic concept
A digital signature is a mechanism to verify the authenticity of a signature generated from a fixed message and fixed private key,hence it can be ascertained that the messages are sent from the expected entity, the messages are not changed by the others.
1.1 signing process
The signing process is like the process that people signs their name on the paper. The messages are the plain texts, it uses a cryptographic hash function to calculate the hash of the messages and uses the private key of the sender to encrypt the hash value, attaches the result after the messages, the encrypted hash value is the signature(person's name on the paper) in the messages.
1.2 verifying the signature
the receiver can verify the authenticity of the messages signed by the sender. The receiver has the public key of the sender which is from the certificate of the sender, the receiver decrypt the signature in the messages with the public key of the sender to get the hash value of the messages, the receiver uses the same cryptographic hash function to calculate the hash of the messages and compares the result with the decrypted hash value, the authenticity of the messages is confirmed if the two values equal with each other, and vice versa.
1.3 digital certificate
A digital certificate is a certificate for an organization, the certificate contains the common information and the signature of the organization, the authenticity of the organization is verified by the mechanism of digital signature,the clients can ascertain that he talks with the right organization or individual and the exchanged messages are not changed in the delivery of the messages.