PKCS-7 Message Processing

PKCS-7 is a cryptographic messaging syntax. It provides a standard format for packaging cryptographically enhanced data. SET uses the DigestedData, EnvelopedData, and SignedData PKCS-7 message types. The PKCS-7 services available in SETREF provide only a subset of the functionality described by PKCS-7; specifically, SETREF provides only those parts profiled in the SET specification.

Although the application programmer is unlikely to access these services directly, the PKCS-7 module is the gateway to nearly all the cryptographic functionality in SET. PKCS-7 provides generic (rather than SET-specific) security services to SET. Insofar as SET is defined independent of specific cryptographic algorithms, PKCS-7 provides the mechanism for this algorithm "agility."

Where X.509v3 provides the syntax for public key certificates, PKCS-7 implements the generic processing of these certificates. Processing rules which are specific to SET are implemented in the ops module.