A Digital Envelope is created by generating a random symmetric key, encrypting the message with a symmetric key algorithm (e.g. AES) and the symmetric key. The symmetric key is then encrypted with an asymmetric key algorithm (e.g. RSA) and the recipient’s public key.
Creating Digital Signature (Sender)
The recipient can open the message by recovering the symmetric key (by decrypting it with and their own private key), then decrypting the message with the recovered symmetric key. Every message has a new randomly chosen symmetric key. A Digital Envelop buys you privacy.
Opening a Digital Envelope (Recipient)
Digital Envelopes can be used in S/MIME e-mail, document security and secure file storage.
A given message can be protected by Digital Signature and/or Digital Envelope (they are independent).