diff --git a/ctaocrypt/src/pkcs7.c b/ctaocrypt/src/pkcs7.c
index 269686609..7f4cee04c 100644
--- a/ctaocrypt/src/pkcs7.c
+++ b/ctaocrypt/src/pkcs7.c
@@ -55,7 +55,7 @@ CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output)
     byte ID_Length[MAX_LENGTH_SZ];
 
     switch (pkcs7TypeOID) {
-        case PKCS7:
+        case PKCS7_MSG:
             typeSz = sizeof(pkcs7);
             typeName = pkcs7;
             break;
@@ -122,6 +122,65 @@ int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32 dataSz,
     return 0;
 }
 
+
+int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz)
+{
+    XMEMSET(pkcs7, 0, sizeof(PKCS7));
+    pkcs7->singleCert = cert;
+    pkcs7->singleCertSz = certSz;
+
+    return 0;
+}
+
+
+int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    static const byte oid[] =
+        { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+                         0x07, 0x01 };
+    byte seq[MAX_SEQ_SZ];
+    byte octetStr[MAX_OCTET_STR_SZ];
+    word32 seqSz;
+    word32 octetStrSz;
+    int idx = 0;
+
+    octetStrSz = SetOctetString(pkcs7->contentSz, octetStr);
+    seqSz = SetSequence(pkcs7->contentSz + octetStrSz + sizeof(oid), seq);
+
+    if (outputSz < pkcs7->contentSz + octetStrSz + sizeof(oid) + seqSz)
+        return BUFFER_E;
+
+    XMEMCPY(output, seq, seqSz);
+    idx += seqSz;
+    XMEMCPY(output + idx, oid, sizeof(oid));
+    idx += sizeof(oid);
+    XMEMCPY(output + idx, octetStr, octetStrSz);
+    idx += octetStrSz;
+    XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz);
+    idx += pkcs7->contentSz;
+
+    return idx;
+}
+
+
+int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    (void)pkcs7;
+    (void)output;
+    (void)outputSz;
+    return 0;
+}
+
+
+int PKCS7_EncodeEnvelopeData(PKCS7* pkcs7, byte* output, word32 outputSz)
+{
+    (void)pkcs7;
+    (void)output;
+    (void)outputSz;
+    return 0;
+}
+
+
 #else  /* HAVE_PKCS7 */
 
 
diff --git a/cyassl/ctaocrypt/pkcs7.h b/cyassl/ctaocrypt/pkcs7.h
index 72acf14c2..d5f23ee58 100644
--- a/cyassl/ctaocrypt/pkcs7.h
+++ b/cyassl/ctaocrypt/pkcs7.h
@@ -36,7 +36,7 @@
 #endif
 
 enum PKCS7_TYPES {
-    PKCS7                     = 650,   /* 1.2.840.113549.1.7 */ 
+    PKCS7_MSG                 = 650,   /* 1.2.840.113549.1.7 */ 
     DATA                      = 651,   /* 1.2.840.113549.1.7.1 */
     SIGNED_DATA               = 652,   /* 1.2.840.113549.1.7.2 */
     ENVELOPED_DATA            = 653,   /* 1.2.840.113549.1.7.3 */
@@ -53,6 +53,33 @@ enum Pkcs7_Misc {
                            MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
 };
 
+
+typedef struct PKCS7Attrib {
+    byte* oid;
+    word32 oidSz;
+    byte* value;
+    word32 valueSz;
+} PKCS7Attrib;
+
+
+typedef struct PKCS7 {
+    byte* content;
+    word32 contentSz;
+    int contentOID;
+
+    int hashOID;
+    int encryptOID;
+
+    byte* singleCert;
+    word32 singleCertSz;
+    byte* issuer;
+    word32 issuerSz;
+    
+    PKCS7Attrib** signedAttribs;
+    word32 signedAttribsSz; /* Number of attribs in list */
+} PKCS7;
+
+
 CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data,
                              word32 dataSz, int cipher, byte* out,
                              word32* outSz, word32 flags);
@@ -64,6 +91,13 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
                                      byte* contentKeyEnc,
                                      int* keyEncSz, byte* out, word32 outSz);
 
+CYASSL_API int  PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
+CYASSL_API int  PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
+CYASSL_API int  PKCS7_EncodeSignedData(PKCS7* pkcs7,
+                                       byte* output, word32 outputSz);
+CYASSL_API int  PKCS7_EncodeEnvelopeData(PKCS7* pkcs7,
+                                         byte* output, word32 outputSz);
+
 #ifdef __cplusplus
     } /* extern "C" */
 #endif