From 9528effb8a285e4d06f004e3e3b3c17c42139e8c Mon Sep 17 00:00:00 2001
From: Rajeev Ranjan <ranjan.rajeev@siemens.com>
Date: Wed, 7 Aug 2024 16:06:36 +0200
Subject: [PATCH] CMP: add testcase for central keygen

---
 apps/cmp.c                                    | 37 ++++++++++++++++--
 apps/include/cmp_mock_srv.h                   |  2 +
 apps/lib/cmp_mock_srv.c                       | 25 ++++++++++++
 crypto/cmp/cmp_local.h                        |  3 +-
 crypto/cmp/cmp_msg.c                          | 38 +++++++++++++++++-
 crypto/cmp/cmp_server.c                       | 32 +++++++++++++--
 crypto/cms/cms_asn1.c                         |  1 +
 crypto/cms/cms_lib.c                          | 39 +++++++++++++++++++
 crypto/crmf/crmf_lib.c                        | 23 ++++++-----
 include/openssl/cmp.h.in                      |  2 +
 include/openssl/cms.h.in                      |  6 +++
 include/openssl/crmf.h.in                     |  3 ++
 .../80-test_cmp_http_data/Mock/server.cnf     |  1 +
 .../80-test_cmp_http_data/Mock/server.crt     | 39 ++++++++++---------
 .../80-test_cmp_http_data/test_commands.csv   | 13 +++++--
 util/libcrypto.num                            |  4 ++
 16 files changed, 227 insertions(+), 41 deletions(-)

diff --git a/apps/cmp.c b/apps/cmp.c
index f1c60254e08f88..66356baefae9b0 100644
--- a/apps/cmp.c
+++ b/apps/cmp.c
@@ -200,6 +200,8 @@ static char *opt_srv_trusted = NULL;
 static char *opt_srv_untrusted = NULL;
 static char *opt_ref_cert = NULL;
 static char *opt_rsp_cert = NULL;
+static char *opt_rsp_cert_key = NULL;
+static char *opt_rsp_keypass = NULL;
 static char *opt_rsp_crl = NULL;
 static char *opt_rsp_extracerts = NULL;
 static char *opt_rsp_capubs = NULL;
@@ -284,7 +286,8 @@ typedef enum OPTION_choice {
     OPT_SRV_REF, OPT_SRV_SECRET,
     OPT_SRV_CERT, OPT_SRV_KEY, OPT_SRV_KEYPASS,
     OPT_SRV_TRUSTED, OPT_SRV_UNTRUSTED,
-    OPT_REF_CERT, OPT_RSP_CERT, OPT_RSP_CRL, OPT_RSP_EXTRACERTS, OPT_RSP_CAPUBS,
+    OPT_REF_CERT, OPT_RSP_CERT, OPT_RSP_CERT_KEY, OPT_RSP_KEYPASS,
+    OPT_RSP_CRL, OPT_RSP_EXTRACERTS, OPT_RSP_CAPUBS,
     OPT_RSP_NEWWITHNEW, OPT_RSP_NEWWITHOLD, OPT_RSP_OLDWITHNEW,
     OPT_POLL_COUNT, OPT_CHECK_AFTER,
     OPT_GRANT_IMPLICITCONF,
@@ -577,6 +580,12 @@ const OPTIONS cmp_options[] = {
      "Certificate to be expected for rr and any oldCertID in kur messages"},
     {"rsp_cert", OPT_RSP_CERT, 's',
      "Certificate to be returned as mock enrollment result"},
+    {"rsp_cert_key", OPT_RSP_CERT_KEY, 's',
+     "Private key for the certificate to be returned as mock enrollment result"},
+    {OPT_MORE_STR, 0, 0,
+     "Key to be returned for central key pair generation"},
+    {"rsp_keypass", OPT_RSP_KEYPASS, 's',
+     "Response private key (and cert) pass phrase source"},
     {"rsp_crl", OPT_RSP_CRL, 's',
      "CRL to be returned in genp of type crls"},
     {"rsp_extracerts", OPT_RSP_EXTRACERTS, 's',
@@ -689,8 +698,8 @@ static varref cmp_vars[] = { /* must be in same order as enumerated above! */
     {&opt_srv_ref}, {&opt_srv_secret},
     {&opt_srv_cert}, {&opt_srv_key}, {&opt_srv_keypass},
     {&opt_srv_trusted}, {&opt_srv_untrusted},
-    {&opt_ref_cert}, {&opt_rsp_cert}, {&opt_rsp_crl},
-    {&opt_rsp_extracerts}, {&opt_rsp_capubs},
+    {&opt_ref_cert}, {&opt_rsp_cert}, {&opt_rsp_cert_key}, {&opt_rsp_keypass},
+    {&opt_rsp_crl}, {&opt_rsp_extracerts}, {&opt_rsp_capubs},
     {&opt_rsp_newwithnew}, {&opt_rsp_newwithold}, {&opt_rsp_oldwithnew},
 
     {(char **)&opt_poll_count}, {(char **)&opt_check_after},
@@ -1203,11 +1212,25 @@ static OSSL_CMP_SRV_CTX *setup_srv_ctx(ENGINE *engine)
     if (opt_rsp_cert == NULL) {
         CMP_warn("no -rsp_cert given for mock server");
     } else {
-        if (!setup_cert(srv_ctx, opt_rsp_cert, opt_keypass,
+        if (!setup_cert(srv_ctx, opt_rsp_cert, opt_rsp_keypass,
                         "cert the mock server returns on certificate requests",
                         (add_X509_fn_t)ossl_cmp_mock_srv_set1_certOut))
             goto err;
     }
+    if (opt_rsp_cert_key != NULL) {
+        EVP_PKEY *pkey = load_key_pwd(opt_rsp_cert_key, opt_keyform,
+                                      opt_rsp_keypass, engine,
+                                      "private key for enrollment cert");
+
+        if (pkey == NULL
+            || !ossl_cmp_mock_srv_set1_certOutKey(srv_ctx, pkey)) {
+            EVP_PKEY_free(pkey);
+            goto err;
+        }
+        EVP_PKEY_free(pkey);
+    }
+    cleanse(opt_rsp_keypass);
+
     if (!setup_mock_crlout(srv_ctx, opt_rsp_crl,
                            "CRL to be returned by the mock server"))
         goto err;
@@ -3118,6 +3141,12 @@ static int get_opts(int argc, char **argv)
         case OPT_RSP_CERT:
             opt_rsp_cert = opt_str();
             break;
+        case OPT_RSP_CERT_KEY:
+            opt_rsp_cert_key = opt_str();
+            break;
+        case OPT_RSP_KEYPASS:
+            opt_rsp_keypass = opt_str();
+            break;
         case OPT_RSP_CRL:
             opt_rsp_crl = opt_str();
             break;
diff --git a/apps/include/cmp_mock_srv.h b/apps/include/cmp_mock_srv.h
index 6b4290460aa6cc..86bbac217b5e4e 100644
--- a/apps/include/cmp_mock_srv.h
+++ b/apps/include/cmp_mock_srv.h
@@ -22,6 +22,8 @@ void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
 
 int ossl_cmp_mock_srv_set1_refCert(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
 int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
+int ossl_cmp_mock_srv_set1_certOutKey(OSSL_CMP_SRV_CTX *srv_ctx,
+                                      EVP_PKEY *pkey);
 int ossl_cmp_mock_srv_set1_crlOut(OSSL_CMP_SRV_CTX *srv_ctx, X509_CRL *crl);
 int ossl_cmp_mock_srv_set1_chainOut(OSSL_CMP_SRV_CTX *srv_ctx,
                                     STACK_OF(X509) *chain);
diff --git a/apps/lib/cmp_mock_srv.c b/apps/lib/cmp_mock_srv.c
index d98d4598a9750c..7004086026352a 100644
--- a/apps/lib/cmp_mock_srv.c
+++ b/apps/lib/cmp_mock_srv.c
@@ -19,6 +19,7 @@
 typedef struct {
     X509 *refCert;             /* cert to expect for oldCertID in kur/rr msg */
     X509 *certOut;             /* certificate to be returned in cp/ip/kup msg */
+    EVP_PKEY *certOutKey;     /* Private key to be returned for central keygen */
     X509_CRL *crlOut;          /* CRL to be returned in genp for crls */
     STACK_OF(X509) *chainOut;  /* chain of certOut to add to extraCerts field */
     STACK_OF(X509) *caPubsOut; /* used in caPubs of ip and in caCerts of genp */
@@ -87,6 +88,22 @@ static mock_srv_ctx *mock_srv_ctx_new(void)
 DEFINE_OSSL_SET1_CERT(refCert)
 DEFINE_OSSL_SET1_CERT(certOut)
 
+int ossl_cmp_mock_srv_set1_certOutKey(OSSL_CMP_SRV_CTX *srv_ctx,
+                                      EVP_PKEY *pkey)
+{
+    mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
+
+    if (ctx == NULL) {
+        ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
+        return 0;
+    }
+    if (pkey != NULL && !EVP_PKEY_up_ref(pkey))
+        return 0;
+    EVP_PKEY_free(ctx->certOutKey);
+    ctx->certOutKey = pkey;
+    return 1;
+}
+
 int ossl_cmp_mock_srv_set1_crlOut(OSSL_CMP_SRV_CTX *srv_ctx,
                                   X509_CRL *crl)
 {
@@ -275,6 +292,7 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
     mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
     int bodytype;
     OSSL_CMP_PKISI *si = NULL;
+    EVP_PKEY *certOutKey = NULL;
 
     if (ctx == NULL || cert_req == NULL
             || certOut == NULL || chainOut == NULL || caPubs == NULL) {
@@ -358,6 +376,13 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
             && (*certOut = X509_dup(ctx->certOut)) == NULL)
         /* Should return a cert produced from request template, see FR #16054 */
         goto err;
+    if (ctx->certOutKey != NULL
+        && OSSL_CMP_SRV_CTX_centralKeygen_req(crm, (X509_REQ *) p10cr)
+        /* using newPkey to return the private key */
+        && (((certOutKey = EVP_PKEY_dup(ctx->certOutKey)) == NULL)
+            || !OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx),
+                                          1 /* priv */, certOutKey)))
+        goto err;
     if (ctx->chainOut != NULL
             && (*chainOut = X509_chain_up_ref(ctx->chainOut)) == NULL)
         goto err;
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h
index 4ebbbbfd1462de..8da454e644a92a 100644
--- a/crypto/cmp/cmp_local.h
+++ b/crypto/cmp/cmp_local.h
@@ -952,7 +952,8 @@ OSSL_CMP_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    const OSSL_CRMF_MSG *crm);
 OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    int certReqId, const OSSL_CMP_PKISI *si,
-                                   X509 *cert, const X509 *encryption_recip,
+                                   X509 *cert, EVP_PKEY *certkey,
+                                   const X509 *encryption_recip,
                                    STACK_OF(X509) *chain, STACK_OF(X509) *caPubs,
                                    int unprotectedErrors);
 OSSL_CMP_MSG *ossl_cmp_rr_new(OSSL_CMP_CTX *ctx);
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index 8d74c74e493afc..291e41d9d814a9 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -19,6 +19,9 @@
 #include <openssl/crmf.h>
 #include <openssl/err.h>
 #include <openssl/x509.h>
+#include <openssl/cms.h>
+#include <openssl/pem.h>
+#include <openssl/bio.h>
 
 OSSL_CMP_MSG *OSSL_CMP_MSG_new(OSSL_LIB_CTX *libctx, const char *propq)
 {
@@ -449,9 +452,39 @@ OSSL_CMP_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int type,
     return NULL;
 }
 
+static OSSL_CRMF_ENCRYPTEDKEY *encprivatekey(OSSL_CMP_CTX *ctx, EVP_PKEY *privKey)
+{
+    OSSL_CRMF_ENCRYPTEDKEY *ek = NULL;
+    CMS_EnvelopedData *envData = NULL;
+    STACK_OF(X509) *encryption_recips = NULL;
+    int res = 0;
+    X509 *recip = X509_dup(ctx->validatedSrvCert);
+
+    encryption_recips = sk_X509_new_null();
+    if (encryption_recips == NULL || recip == NULL
+        || !sk_X509_push(encryption_recips, recip))
+        goto err;
+
+    envData = OSSL_CMS_env_sign_key(privKey, ctx->cert, ctx->pkey,
+                                    encryption_recips, ctx->libctx, ctx->propq);
+    if (envData == NULL)
+        goto err;
+    if ((ek = OSSL_CRMF_ENCRYPTEDKEY_init_envdata(envData)) == NULL)
+        goto err;
+    res = 1;
+
+ err:
+    sk_X509_pop_free(encryption_recips, X509_free);
+    if (!res)
+        M_ASN1_free_of(envData, CMS_EnvelopedData);
+
+    return ek;
+}
+
 OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    int certReqId, const OSSL_CMP_PKISI *si,
-                                   X509 *cert, const X509 *encryption_recip,
+                                   X509 *cert, EVP_PKEY *certkey,
+                                   const X509 *encryption_recip,
                                    STACK_OF(X509) *chain, STACK_OF(X509) *caPubs,
                                    int unprotectedErrors)
 {
@@ -495,6 +528,9 @@ OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
         if (!X509_up_ref(cert))
             goto err;
         resp->certifiedKeyPair->certOrEncCert->value.certificate = cert;
+
+        if (certkey != NULL)
+            resp->certifiedKeyPair->privateKey = encprivatekey(ctx, certkey);
     }
 
     if (!sk_OSSL_CMP_CERTRESPONSE_push(repMsg->response, resp))
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c
index 84bddcec0907ad..162f9040a614ef 100644
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -205,6 +205,27 @@ static OSSL_CMP_MSG *delayed_delivery(OSSL_CMP_SRV_CTX *srv_ctx,
     return msg;
 }
 
+int OSSL_CMP_SRV_CTX_centralKeygen_req(const OSSL_CRMF_MSG *crm,
+                                       X509_REQ *p10cr)
+{
+    X509_PUBKEY *pubkey = NULL;
+    const unsigned char *pk = NULL;
+    int pklen, ret = 0;
+
+    if (crm != NULL)
+        pubkey = OSSL_CRMF_CERTTEMPLATE_get0_publicKey(OSSL_CRMF_MSG_get0_tmpl(crm));
+    else if (p10cr != NULL)
+        pubkey = X509_REQ_get_X509_PUBKEY(p10cr);
+
+    if (pubkey == NULL
+        || (X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey)
+            && pklen == 0))
+        ret = 1;
+
+    pk = NULL;
+    return ret;
+}
+
 /*
  * Processes an ir/cr/p10cr/kur and returns a certification response.
  * Only handles the first certification request contained in req
@@ -216,9 +237,10 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
     OSSL_CMP_MSG *msg = NULL;
     OSSL_CMP_PKISI *si = NULL;
     X509 *certOut = NULL;
+    EVP_PKEY *certOutKey = NULL;
     STACK_OF(X509) *chainOut = NULL, *caPubs = NULL;
     const OSSL_CRMF_MSG *crm = NULL;
-    const X509_REQ *p10cr = NULL;
+    X509_REQ *p10cr = NULL;
     int bodytype;
     int certReqId;
 
@@ -263,7 +285,8 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
     }
     srv_ctx->certReqId = certReqId;
 
-    if (!ossl_cmp_verify_popo(srv_ctx->ctx, req, srv_ctx->acceptRAVerified)) {
+    if (!(OSSL_CMP_SRV_CTX_centralKeygen_req(crm, p10cr)
+          || ossl_cmp_verify_popo(srv_ctx->ctx, req, srv_ctx->acceptRAVerified))) {
         /* Proof of possession could not be verified */
         si = OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_rejection,
                                      1 << OSSL_CMP_PKIFAILUREINFO_badPOP,
@@ -287,10 +310,12 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
                                          /* do not set if polling starts: */
                                          && certOut != NULL))
             goto err;
+        if (srv_ctx->ctx->newPkey != NULL && srv_ctx->ctx->newPkey_priv)
+            certOutKey = srv_ctx->ctx->newPkey;
     }
 
     msg = ossl_cmp_certrep_new(srv_ctx->ctx, bodytype, certReqId, si,
-                               certOut, NULL /* enc */, chainOut, caPubs,
+                               certOut, certOutKey, NULL /* enc */, chainOut, caPubs,
                                srv_ctx->sendUnprotectedErrors);
     /* When supporting OSSL_CRMF_POPO_KEYENC, "enc" will need to be set */
     if (msg == NULL)
@@ -299,6 +324,7 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
  err:
     OSSL_CMP_PKISI_free(si);
     X509_free(certOut);
+    OSSL_CMP_CTX_set0_newPkey(srv_ctx->ctx, 0, NULL);
     OSSL_STACK_OF_X509_free(chainOut);
     OSSL_STACK_OF_X509_free(caPubs);
     return msg;
diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
index 9ac848e448b941..e02c8e90e39393 100644
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -243,6 +243,7 @@ ASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = {
         ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo),
         ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
 } ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData)
+IMPLEMENT_ASN1_DUP_FUNCTION(CMS_EnvelopedData)
 
 ASN1_NDEF_SEQUENCE(CMS_DigestedData) = {
         ASN1_EMBED(CMS_DigestedData, version, INT32),
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index b09985ad3e27fe..dddf7e1ed606b9 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -739,3 +739,42 @@ int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
     *pkeyid = keyid;
     return 1;
 }
+
+CMS_EnvelopedData *OSSL_CMS_env_sign_key(EVP_PKEY *privKey,  /* TODO - take bio as input */
+                                         X509 *signcert, EVP_PKEY *signkey,
+                                         STACK_OF(X509) *encryption_recip,
+                                         OSSL_LIB_CTX *libctx, const char *propq)
+{
+    CMS_EnvelopedData *evd = NULL;
+    BIO *privbio = NULL, *signbio = NULL, *envelopbio = NULL;
+    CMS_ContentInfo *signcms = NULL, *evpcms = NULL;
+
+    privbio = BIO_new(BIO_s_mem());
+    if (privbio == NULL || i2d_PrivateKey_bio(privbio, privKey) <= 0)
+        goto err;
+
+    signcms = CMS_sign_ex(signcert, signkey, NULL, privbio, CMS_BINARY,
+                          libctx, propq);
+    if (signcms == NULL)
+        goto err;
+
+    signbio = BIO_new(BIO_s_mem());
+    if (signbio == NULL
+        || ASN1_item_i2d_bio(ASN1_ITEM_rptr(CMS_SignedData), signbio, signcms->d.signedData) <= 0)
+        goto err;
+
+    evpcms = CMS_encrypt_ex(encryption_recip, signbio,
+                            EVP_aes_256_cbc(), CMS_BINARY, libctx, propq);
+    if (evpcms == NULL)
+        goto err;
+    evd = CMS_EnvelopedData_dup(evpcms->d.envelopedData);
+
+ err:
+    BIO_free(privbio);
+    BIO_free(signbio);
+    BIO_free(envelopbio);
+    CMS_ContentInfo_free(signcms);
+    CMS_ContentInfo_free(evpcms);
+
+    return evd;
+}
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
index d2d3e0fd9be0aa..741743402459f1 100644
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -38,6 +38,7 @@
 #include <openssl/crmf.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
+#include <openssl/cms.h>
 
 /*-
  * atyp = Attribute Type
@@ -627,18 +628,8 @@ static int check_cmKGA(ossl_unused const X509_PURPOSE *purpose,
         return ret;
     ekus = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL);
     for (i = 0; i < sk_ASN1_OBJECT_num(ekus); i++) {
-# if OPENSSL_VERSION_NUMBER >= 0x30000000L
         if (OBJ_obj2nid(sk_ASN1_OBJECT_value(ekus, i)) == NID_cmKGA)
             goto end;
-# else
-        {
-            char txt[100];
-
-            if (OBJ_obj2txt(txt, sizeof(txt), sk_ASN1_OBJECT_value(ekus, i), 1)
-                    && strcmp(txt, "1.3.6.1.5.5.7.3.32") == 0) /* OID cmKGA */
-                goto end;
-        }
-# endif
     }
     ret = 0;
 
@@ -912,3 +903,15 @@ X509
     return NULL;
 #endif /* OPENSSL_NO_CMS */
 }
+
+OSSL_CRMF_ENCRYPTEDKEY
+*OSSL_CRMF_ENCRYPTEDKEY_init_envdata(CMS_EnvelopedData *envdata)
+{
+    OSSL_CRMF_ENCRYPTEDKEY *ek = OSSL_CRMF_ENCRYPTEDKEY_new();
+
+    if (ek == NULL)
+        return NULL;
+    ek->type = OSSL_CRMF_ENCRYPTEDKEY_ENVELOPEDDATA;
+    ek->value.envelopedData = envdata;
+    return ek;
+}
diff --git a/include/openssl/cmp.h.in b/include/openssl/cmp.h.in
index d659331fa38fa7..13a059266b2727 100644
--- a/include/openssl/cmp.h.in
+++ b/include/openssl/cmp.h.in
@@ -542,6 +542,8 @@ int OSSL_CMP_SRV_CTX_set_accept_unprotected(OSSL_CMP_SRV_CTX *srv_ctx, int val);
 int OSSL_CMP_SRV_CTX_set_accept_raverified(OSSL_CMP_SRV_CTX *srv_ctx, int val);
 int OSSL_CMP_SRV_CTX_set_grant_implicit_confirm(OSSL_CMP_SRV_CTX *srv_ctx,
                                                 int val);
+int OSSL_CMP_SRV_CTX_centralKeygen_req(const OSSL_CRMF_MSG *crm,
+                                       X509_REQ *p10cr);
 
 /* from cmp_client.c */
 X509 *OSSL_CMP_exec_certreq(OSSL_CMP_CTX *ctx, int req_type,
diff --git a/include/openssl/cms.h.in b/include/openssl/cms.h.in
index 239667700aacd2..9885edabac5345 100644
--- a/include/openssl/cms.h.in
+++ b/include/openssl/cms.h.in
@@ -57,6 +57,8 @@ DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
 DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
 
+DECLARE_ASN1_DUP_FUNCTION(CMS_EnvelopedData)
+
 CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
 
 # define CMS_SIGNERINFO_ISSUER_SERIAL    0
@@ -397,6 +399,10 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
 
 int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
                           ASN1_OCTET_STRING *ukm, int keylen);
+CMS_EnvelopedData *OSSL_CMS_env_sign_key(EVP_PKEY *privKey,  /* TODO - take bio as input */
+                                         X509 *signcert, EVP_PKEY *signkey,
+                                         STACK_OF(X509) *encryption_recip,
+                                         OSSL_LIB_CTX *libctx, const char *propq);
 
 /* Backward compatibility for spelling errors. */
 # define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM
diff --git a/include/openssl/crmf.h.in b/include/openssl/crmf.h.in
index c474ba2080ddc8..0c6d3ff0a6e1f5 100644
--- a/include/openssl/crmf.h.in
+++ b/include/openssl/crmf.h.in
@@ -27,6 +27,7 @@ use OpenSSL::stackhash qw(generate_stack_macros);
 #  include <openssl/safestack.h>
 #  include <openssl/crmferr.h>
 #  include <openssl/x509v3.h> /* for GENERAL_NAME etc. */
+#  include <openssl/cms.h>
 
 /* explicit #includes not strictly needed since implied by the above: */
 #  include <openssl/types.h>
@@ -198,6 +199,8 @@ EVP_PKEY
                                   EVP_PKEY *pkey, X509 *cert,
                                   ASN1_OCTET_STRING *secret,
                                   OSSL_LIB_CTX *libctx, const char *propq);
+OSSL_CRMF_ENCRYPTEDKEY
+*OSSL_CRMF_ENCRYPTEDKEY_init_envdata(CMS_EnvelopedData *envdata);
 
 
 #  ifdef __cplusplus
diff --git a/test/recipes/80-test_cmp_http_data/Mock/server.cnf b/test/recipes/80-test_cmp_http_data/Mock/server.cnf
index 86a11f6a368297..fbd4d418b882bf 100644
--- a/test/recipes/80-test_cmp_http_data/Mock/server.cnf
+++ b/test/recipes/80-test_cmp_http_data/Mock/server.cnf
@@ -12,6 +12,7 @@ no_cache_extracerts = 1
 
 ref_cert = signer_only.crt
 rsp_cert = signer_only.crt
+rsp_cert_key = signer.key
 rsp_crl = newcrl.pem
 rsp_capubs = trusted.crt
 rsp_extracerts = signer_issuing.crt
diff --git a/test/recipes/80-test_cmp_http_data/Mock/server.crt b/test/recipes/80-test_cmp_http_data/Mock/server.crt
index 07eab2e63b8e29..d49b846995f240 100644
--- a/test/recipes/80-test_cmp_http_data/Mock/server.crt
+++ b/test/recipes/80-test_cmp_http_data/Mock/server.crt
@@ -1,24 +1,25 @@
         Issuer: CN=Root CA
         Validity
-            Not Before: Jan 14 22:29:46 2016 GMT
-            Not After : Jan 15 22:29:46 2116 GMT
+            Not Before: Aug 8 13:28:36 2024 GMT
+            Not After : Apr 11 13:28:36 2127 GMT
         Subject: CN=server.example
 -----BEGIN CERTIFICATE-----
-MIIDJTCCAg2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
-IENBMCAXDTE2MDExNDIyMjk0NloYDzIxMTYwMTE1MjIyOTQ2WjAZMRcwFQYDVQQD
-DA5zZXJ2ZXIuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-ANVdYGrf/GHuSKqMEUhDpW22Ul2qmEmxYZI1sfw6BCUMbXn/tNXJ6VwcO+Crs7h9
-o95tveDd11q/FEcRQl6mgtBhwX/dE0bmCYUHDvLU/Bpk0gqtIKsga5bwrczEGVNV
-3AEdpLPvirRJU12KBRzx3OFEv8XX4ncZV1yXC3XuiENxD8pswbSyUKd3RmxYDxG/
-8XYkWq45QrdRZynh0FUwbxfkkeqt+CjCQ2+iZKn7nZiSYkg+6w1PgkqK/z9y7pa1
-rqHBmLrvfZB1bf9aUp6r9cB+0IdD24UHBw99OHr90dPuZR3T6jlqhzfuStPgDW71
-cKzCvfFu85KVXqnwoWWVk40CAwEAAaN9MHswHQYDVR0OBBYEFMDnhL/oWSczELBS
-T1FSLwbWwHrNMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1Ud
-EwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4
-YW1wbGUwDQYJKoZIhvcNAQELBQADggEBAHvTBEN1ig8RrsT716Ginv4gGNX0LzGI
-RrZ1jO7lm5emuaPNYJpGw0iX5Zdo91qGNXPZaZ75X3S55pQTActq3OPEBOll2pyk
-iyjz+Zp/v5cfRZLlBbFW5gv2R94eibYr4U3fSn4B0yPcl4xH/l/HzJhGDsSDW8qK
-8VIJvmvsPwmL0JMCv+FR59F+NFYZdND/KCXet59WUpF9ICmFCoBEX3EyJXEPwhbi
-X2sdPzJbCjx0HLli8e0HUKNttLQxCsBTRGo6iISLLamwN47mGDa9miBADwGSiz2q
-YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
+MIIDVDCCAjygAwIBAgIUMoDahWpYk1B1WIjOwkom4s27V/EwDQYJKoZIhvcNAQEL
+BQAwEjEQMA4GA1UEAwwHUm9vdCBDQTAgFw0yNDA4MDgxMzI4MzZaGA8yMTI3MDQx
+MTEzMjgzNlowGTEXMBUGA1UEAwwOc2VydmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDVXWBq3/xh7kiqjBFIQ6VttlJdqphJsWGSNbH8
+OgQlDG15/7TVyelcHDvgq7O4faPebb3g3ddavxRHEUJepoLQYcF/3RNG5gmFBw7y
+1PwaZNIKrSCrIGuW8K3MxBlTVdwBHaSz74q0SVNdigUc8dzhRL/F1+J3GVdclwt1
+7ohDcQ/KbMG0slCnd0ZsWA8Rv/F2JFquOUK3UWcp4dBVMG8X5JHqrfgowkNvomSp
++52YkmJIPusNT4JKiv8/cu6Wta6hwZi6732QdW3/WlKeq/XAftCHQ9uFBwcPfTh6
+/dHT7mUd0+o5aoc37krT4A1u9XCswr3xbvOSlV6p8KFllZONAgMBAAGjgZgwgZUw
+CQYDVR0TBAIwADAdBgNVHQ4EFgQUwOeEv+hZJzMQsFJPUVIvBtbAes0wHwYDVR0j
+BBgwFoAUcH8uroNoWZgEIyrN6z4XzSTdAUkwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDIDAZBgNVHREEEjAQgg5zZXJ2ZXIuZXhh
+bXBsZTANBgkqhkiG9w0BAQsFAAOCAQEAPRQ87zMFGrcQau8h8wDULU2PPgo1nifQ
+1Vs+4WD7bPzk5GHl3M3OE2ZwhzYfO+ACcJa29Ahu7GRC660lXKlwONnQYuTTLqPD
+KylY9ZJQUyP+CA5oZsDtnOcfrTy837jKq18NQ3ZxbRDpoVIATNHf9J2qe9yIkxYe
+9p+aXGdvfDsNrhkz/m76V+KmioventOEKsRg64FfGKEZP8EfoBiNJipBdmN1I+GE
+VTW91jjpgBTdCmyncmVn/CaV1d5S4ed4oQMLlLc+KsqDe97bF2TssFxcMmnyxgqb
+bKDZOfzPI1HTs22tj6eLcZTIkcAuFET+uxcmFQcDsjYEf0G+iZLGWw==
 -----END CERTIFICATE-----
diff --git a/test/recipes/80-test_cmp_http_data/test_commands.csv b/test/recipes/80-test_cmp_http_data/test_commands.csv
index 26b985bf65d32a..014eef596bb991 100644
--- a/test/recipes/80-test_cmp_http_data/test_commands.csv
+++ b/test/recipes/80-test_cmp_http_data/test_commands.csv
@@ -132,8 +132,15 @@ expected,description, -section,val, -cmd,val,val2, -cacertsout,val,val2, -infoty
 1,rspin, -section,, -cmd,ir,,BLANK,,,-rspin,_RESULT_DIR/ip.der _RESULT_DIR/pkiConf.der,,BLANK,,BLANK
 0,rspin too few files - server must reject, -section,, -cmd,ir,,BLANK,,,-rspin,_RESULT_DIR/ip.der,,BLANK,,BLANK,-secret,_PBM_SECRET
 0,rspin too few files - no server, -section,, -cmd,ir,,BLANK,,,-rspin,_RESULT_DIR/ip.der,,BLANK,,BLANK, -server,""""
-1,reqout_only ir - no server, -section,, -cmd,ir,,-reqout_only,_RESULT_DIR/ir2.der,,BLANK,,BLANK, -server,""""
+1,reqout_only ir - no server, -section,, -cmd,ir,,-reqout_only,_RESULT_DIR/ir2.der,,BLANK,,BLANK, -server,"""",-popo,-1,-newkeyout,_RESULT_DIR/newkeyout.pem
 0,reqout_only non-existing directory and file, -section,, -cmd,ir,,-reqout_only,idontexist/idontexist,,BLANK,,BLANK, -server,""""
 0,reqin ir - no newkey, -section,, -cmd,ir,,-reqin,_RESULT_DIR/ir2.der,,-newkey,"""",-newkey,"""",-key,"""",-cert,"""",-secret,_PBM_SECRET
-1,reqin ir and rspout - no newkey but -popo -1, -section,, -cmd,ir,,-reqin,_RESULT_DIR/ir2.der,,-rspout,_RESULT_DIR/ip2.der,-newkey,"""",--key,"""",-cert,"""",-secret,_PBM_SECRET,-popo,-1
-1,reqin ip and rspin  - no newkey but -popo -1, -section,, -cmd,ir,,-reqin,_RESULT_DIR/ir2.der,,-rspin,_RESULT_DIR/ip2.der,,-newkey,"""",-key,"""",-cert,"""",-secret,_PBM_SECRET,-popo,-1, -server,"""",-disable_confirm
+1,reqin ir and rspout - no newkey but -popo -1, -section,, -cmd,ir,,-reqin,_RESULT_DIR/ir2.der,,-rspout,_RESULT_DIR/ip2.der,-newkey,"""",-popo,-1,-newkeyout,_RESULT_DIR/newkeyout.pem
+1,reqin ip and rspin  - no newkey but -popo -1, -section,, -cmd,ir,,-reqin,_RESULT_DIR/ir2.der,,-rspin,_RESULT_DIR/ip2.der,,-newkey,"""",-server,"""",-disable_confirm,-popo,-1,-newkeyout,_RESULT_DIR/newkeyout.pem 
+,,,,,,,,,,,,,,,,,,,
+1,central key generation, -section,, -cmd,cr,, -centralkeygen, -newkeyout,_RESULT_DIR/newkeyout.pem
+0,central key generation missing newkeyout, -section,, -cmd,cr,, -centralkeygen,,BLANK,,BLANK,,BLANK,,BLANK,
+0,using popo=1 with central key generation, -section,, -cmd,cr,, -centralkeygen, -popo,1, -newkeyout,_RESULT_DIR/newkeyout.pem
+1, using popo=-1 with central key generation, -section,, -cmd,cr,, -centralkeygen, -popo,-1, -newkeyout,_RESULT_DIR/newkeyout.pem
+1, uisng popo=-1 instead of central key generation, -section,, -cmd,cr,, -popo,-1, -newkeyout,_RESULT_DIR/newkeyout.pem
+0, using popo=-1 instead of central key generation without newkeyout, -section,, -cmd,cr,, -popo,-1,,BLANK,,BLANK,,BLANK,,BLANK,
\ No newline at end of file
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 9a018b7fc78ee2..0d89146d262021 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5576,6 +5576,7 @@ i2d_OSSL_CMP_ATAVS                      ?	3_4_0	EXIST::FUNCTION:CMP
 OSSL_CMP_ATAVS_free                     ?	3_4_0	EXIST::FUNCTION:CMP
 OSSL_CMP_ATAVS_new                      ?	3_4_0	EXIST::FUNCTION:CMP
 OSSL_CMP_ATAVS_it                       ?	3_4_0	EXIST::FUNCTION:CMP
+OSSL_CMP_SRV_CTX_centralKeygen_req      ?	3_4_0	EXIST::FUNCTION:CMP
 OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free    ?	3_4_0	EXIST::FUNCTION:CRMF
 OSSL_CRMF_ATTRIBUTETYPEANDVALUE_dup     ?	3_4_0	EXIST::FUNCTION:CRMF
 OSSL_CRMF_CERTTEMPLATE_dup              ?	3_4_0	EXIST::FUNCTION:CRMF
@@ -5665,6 +5666,9 @@ OSSL_IETF_ATTR_SYNTAX_get0_value        ?	3_4_0	EXIST::FUNCTION:
 OSSL_IETF_ATTR_SYNTAX_add1_value        ?	3_4_0	EXIST::FUNCTION:
 OSSL_IETF_ATTR_SYNTAX_print             ?	3_4_0	EXIST::FUNCTION:
 X509_ACERT_add_attr_nconf               ?	3_4_0	EXIST::FUNCTION:
+OSSL_CMS_env_sign_key                   ?	3_4_0	EXIST::FUNCTION:CMS
+CMS_EnvelopedData_dup                   ?	3_4_0	EXIST::FUNCTION:CMS
+OSSL_CRMF_ENCRYPTEDKEY_init_envdata     ?	3_4_0	EXIST::FUNCTION:CRMF
 d2i_OSSL_CRMF_ENCRYPTEDKEY              ?	3_4_0	EXIST::FUNCTION:CRMF
 i2d_OSSL_CRMF_ENCRYPTEDKEY              ?	3_4_0	EXIST::FUNCTION:CRMF
 OSSL_CRMF_ENCRYPTEDKEY_free             ?	3_4_0	EXIST::FUNCTION:CRMF