PS: The reason for the first step of calculation is that the asymmetric encryption principle limits that the content that can be encrypted cannot be too large (it can't be larger than the number of bits of N mentioned above, that is, it can't be larger than 1024 bits /2048 bits), so if you want to sign any big data, you need to sign its eigenvalue instead, and the effect is the same.
Marking a piece of data is to recognize the data (sign a name) and then send it to others to let others know that these data have been authenticated by me and have not been tampered with. If someone tampers with the file content or signature, it will lead to the failure of signature verification and prove that the content has been tampered with. Digital signature cannot guarantee confidentiality.
In order to use the signature correctly, there is a premise that the public key used to verify the signature must belong to the real sender. If there is a man-in-the-middle attack, the public key will be forged and the digital signature will be invalid. Therefore, before verifying the signature, we must first verify the legitimacy of the public key.
So how to verify the legitimacy of the public key?
Also known as public key certificate (PKC), it contains personal information, this person's public key and the digital signature of the certificate authority (CA) on the public key. A CA refers to an individual or organization that can recognize that "the public key really belongs to this person" and can generate a digital signature. Certificates guarantee the legitimacy of public keys.