Cryptographic Message Syntax

The Cryptographic Message Syntax (CMS) is the IETF's standard for cryptographically protected messages. It can be used by cryptographic schemes and protocols to digitally sign, digest, authenticate or encrypt any form of digital data.

CMS is based on the syntax of PKCS #7, which in turn is based on the Privacy-Enhanced Mail standard. The newest version of CMS (as of 2024) is specified in RFC 5652 (but also see RFC 5911 for updated ASN.1 modules conforming to ASN.1 2002 and RFC 8933 and RFC 9629 for updates to the standard).

The architecture of CMS is built around certificate-based key management, such as the profile defined by the PKIX working group.

CMS is used as the key cryptographic component of many other cryptographic standards, such as S/MIME, PKCS #12 and the RFC 3161 digital timestamping protocol.

OpenSSL is open source software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents, using the openssl-cms command.