The purpose of this issue is to add new Processors and Controller Services supporting encryption and decryption using Cryptographic Message Syntax as defined in RFC 5652.
CMS provides the underlying specification for S/MIME messages and also supports encryption and decryption using X.509 certificates. Standard Java Key Stores can be used to support encrypting messages for one or more recipients. Decrypting messages can also be supported based on matching certificate serial number and issuer attributes.
The current EncryptContent Processor supports encryption using passwords and PGP keys, but does not support encryption using X.509 certificates. New Processors for encryption and decryption would support encryption using X.509 certificates using CMS classes in the Bouncy Castle library. New Controller Services would provide access to certificate and private key information from standard Java Key Stores.