The sender encrypts the file with the public key of the receiver issued by CA, and signs the file with its own key. When the recipient receives the file, he first analyzes the signature with the sender's public key to prove that the file is indeed sent by the sender. Then use your own private key to decrypt the file and read it.
Electronic signature is the general name of modern authentication technology. According to the Uniform Electronic Transactions Act of the United States, "electronic signature" refers to "an electronic sound, symbol or program associated with or logically associated with an electronic record, which is signed or adopted by someone for the purpose of signing an electronic record"; According to the United Nations Model Law on Electronic Commerce, an electronic signature is the data in electronic form contained in, attached to or logically associated with a data message, which can be used to confirm the identity of the signer related to the data message and show that the signer approves the information contained in the data message; The European Union's Electronic Signature Directive stipulates that "electronic signature" generally refers to "data in electronic form connected or logically connected with other electronic records and used as authentication methods."
From the above definition, any electronic technical means that can prove the identity of the parties and approve the contents of documents in electronic communication can be called electronic signature, which is a general concept of modern authentication technology and an important guarantee for the security of e-commerce.