{{Short description|International standard}} {{third-party |date=April 2024}} The '''Cryptographic Message Syntax''' ('''CMS''') is the [[IETF]]'s standard for [[Cryptography|cryptographically]] protected messages. It can be used by cryptographic schemes and protocols to [[Digital signature|digitally sign]], [[Cryptographic hash function|digest]], [[Message authentication code|authenticate]] or [[encryption|encrypt]] any form of digital data.

CMS is based on the syntax of [[PKCS_7|PKCS #7]], which in turn is based on the [[Privacy-Enhanced Mail]] standard. The newest version of CMS ({{As of|2024|lc=on}}) is specified in {{IETF RFC|5652}} (but also see {{IETF RFC|5911}} for updated ASN.1 modules conforming to ASN.1 2002 and {{IETF RFC|8933}} and {{IETF RFC|9629}} for updates to the standard).

The architecture of CMS is built around [[X.509|certificate-based]] key management, such as the profile defined by the [[PKIX]] [[working group]]. CMS is used as the key cryptographic component of many other cryptographic standards, such as [[S/MIME]], [[PKCS 12|PKCS #12]] and the {{IETF RFC|3161}} [[digital timestamping]] protocol.

[[OpenSSL]] is [[Open-source software|open source]] software that can encrypt, decrypt, sign and verify, compress and uncompress CMS documents, using the <code>openssl-cms</code> command.

==Norms and Standards== Cryptographic Message Syntax (CMS) is regularly updated to address evolving security needs and emerging cryptographic algorithms. * {{IETF RFC|8933}} (Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection) * {{IETF RFC|5652}} (Cryptographic Message Syntax (CMS), in use) * {{IETF RFC|3852}} (Cryptographic Message Syntax (CMS), obsolete) * {{IETF RFC|3369}} (Cryptographic Message Syntax (CMS), obsolete) * {{IETF RFC|2630}} (Cryptographic Message Syntax, obsolete) * {{IETF RFC|6268}} (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, in use) * {{IETF RFC|5911}} (New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME, updated) * {{IETF RFC|5753}} (Using Elliptic Curve Cryptography with CMS, in use) * {{IETF RFC|3278}} (Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS), obsolete) * {{IETF RFC|5084}} (Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS), in use) * {{IETF RFC|9629}} (Using Key Encapsulation Mechanism (KEM) Algorithms in the Cryptographic Message Syntax (CMS), in use)

==See also== * [[CAdES (computing)|CAdES]] - CMS Advanced Electronic Signatures * [[S/MIME]] * [[PKCS_7|PKCS #7]]

{{Cryptography navbox}}

[[Category:Cryptographic protocols]] [[Category:Internet Standards]]

{{Crypto-stub}}