From a22a3ae2366d2a4ba978a32c148dfa4525d418fb Mon Sep 17 00:00:00 2001
From: Rajeev Ranjan <ranjan.rajeev@siemens.com>
Date: Tue, 11 Jun 2024 00:00:56 +0200
Subject: [PATCH] WIP

---
 crypto/cmp/cmp_kem.c                          | 127 +++++----
 crypto/cmp/cmp_kemrsa.c                       |  61 +++--
 crypto/cmp/cmp_local.h                        |  19 +-
 crypto/cmp/cmp_msg.c                          |  70 ++++-
 crypto/cmp/cmp_server.c                       |   6 +-
 crypto/cms/cms_asn1.c                         |  28 +-
 crypto/cms/cms_env.c                          | 248 +++++++++++++++++-
 crypto/cms/cms_local.h                        |  50 +++-
 crypto/cms/cms_smime.c                        |  27 +-
 crypto/crmf/crmf_err.c                        |   1 +
 crypto/crmf/crmf_lib.c                        |  49 +++-
 crypto/err/openssl.txt                        |   1 +
 crypto/objects/obj_dat.h                      |  22 +-
 crypto/objects/obj_mac.num                    |   2 +
 crypto/objects/obj_xref.h                     |   2 +-
 crypto/objects/objects.txt                    |   3 +
 fuzz/oids.txt                                 |   4 +-
 include/crypto/crmferr.h                      |   2 +-
 include/openssl/cms.h.in                      |   3 +-
 include/openssl/crmf.h.in                     |   4 +
 include/openssl/crmferr.h                     |   1 +
 include/openssl/obj_mac.h                     |  10 +-
 .../80-test_cmp_http_data/Mock/kem.crt        |  62 ++---
 .../80-test_cmp_http_data/Mock/kem.key        | 126 ++-------
 .../80-test_cmp_http_data/Mock/test.cnf       |   4 +-
 util/libcrypto.num                            |  89 +++++++
 26 files changed, 749 insertions(+), 272 deletions(-)

diff --git a/crypto/cmp/cmp_kem.c b/crypto/cmp/cmp_kem.c
index 614829d7bfb5d7..6e620443a93f0e 100644
--- a/crypto/cmp/cmp_kem.c
+++ b/crypto/cmp/cmp_kem.c
@@ -55,7 +55,7 @@ static int x509_algor_from_nid_with_md(int nid, X509_ALGOR **palg,
     return *palg != NULL;
 }
 
-X509_ALGOR *ossl_cmp_kem_kdf_algor(const OSSL_CMP_CTX *ctx, int nid_kdf)
+X509_ALGOR *ossl_cmp_kem_kdf_algor(int nid_kdf, OSSL_LIB_CTX *libctx, char *propq)
 {
     X509_ALGOR *alg = NULL;
 
@@ -65,11 +65,13 @@ X509_ALGOR *ossl_cmp_kem_kdf_algor(const OSSL_CMP_CTX *ctx, int nid_kdf)
     } else if (nid_kdf == NID_id_kdf_kdf2) {
         EVP_MD *md = NULL;
 
-        if ((md = EVP_MD_fetch(ctx->libctx, "SHA256",
-                               ctx->propq)) == NULL)
+        if ((md = EVP_MD_fetch(libctx, "SHA256",
+                               propq)) == NULL)
             return NULL;
         (void)x509_algor_from_nid_with_md(NID_id_kdf_kdf2, &alg, md);
         EVP_MD_free(md);
+    } else {
+        ERR_raise(ERR_LIB_CMP, CMP_R_UNSUPPORTED_ALGORITHM);
     }
 
     return alg;
@@ -101,8 +103,9 @@ static int get_pknid(const EVP_PKEY *pkey)
     return pknid;
 }
 
-static X509_ALGOR *kem_algor(OSSL_CMP_CTX *ctx,
-                             const EVP_PKEY *pubkey)
+X509_ALGOR *ossl_cmp_kem_algor(const EVP_PKEY *pubkey,
+                                  OSSL_LIB_CTX *libctx,
+                                  char *propq)
 {
     X509_ALGOR *kem = NULL;
     int pknid = get_pknid(pubkey);
@@ -113,7 +116,7 @@ static X509_ALGOR *kem_algor(OSSL_CMP_CTX *ctx,
     switch (pknid) {
     case EVP_PKEY_RSA:
         /* kem rsa */
-        kem = ossl_cmp_rsakem_algor(ctx);
+        kem = ossl_cmp_rsakem_algor(libctx, propq);
         break;
     case EVP_PKEY_EC:
     case EVP_PKEY_X25519:
@@ -137,7 +140,9 @@ X509_ALGOR *ossl_cmp_kem_BasedMac_algor(const OSSL_CMP_CTX *ctx)
 
     if ((param = OSSL_CMP_KEMBMPARAMETER_new()) == NULL
         || !ossl_cmp_x509_algor_set0(&param->kdf,
-                                     ossl_cmp_kem_kdf_algor(ctx, ctx->kem_kdf))
+                                     ossl_cmp_kem_kdf_algor(ctx->kem_kdf,
+                                                            ctx->libctx,
+                                                            ctx->propq))
         || !ossl_cmp_x509_algor_set0(&param->mac, mac_algor(ctx))
         || !ASN1_INTEGER_set(param->len, ctx->kem_ssklen))
         goto err;
@@ -206,21 +211,22 @@ int ossl_cmp_kem_BasedMac_required(OSSL_CMP_CTX *ctx)
     return 0;
 }
 
-static int kem_decapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey, int is_EC,
+static int kem_decapsulation(EVP_PKEY *pkey, int is_EC,
                              const unsigned char *ct, size_t ct_len,
-                             unsigned char **secret, size_t *secret_len)
+                             unsigned char **secret, size_t *secret_len,
+                             OSSL_LIB_CTX *libctx, char *propq)
 {
     int ret = 0;
     EVP_PKEY_CTX *kem_decaps_ctx;
 
-    if (ctx == NULL || pkey == NULL
+    if (pkey == NULL
         || ct == NULL
         || secret == NULL || secret_len == NULL)
         return 0;
 
-    kem_decaps_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx,
+    kem_decaps_ctx = EVP_PKEY_CTX_new_from_pkey(libctx,
                                                 pkey,
-                                                ctx->propq);
+                                                propq);
 
     if (kem_decaps_ctx == NULL
         || EVP_PKEY_decapsulate_init(kem_decaps_ctx, NULL) <= 0
@@ -248,9 +254,10 @@ static int kem_decapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey, int is_EC,
     return ret;
 }
 
-static int performKemDecapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey,
-                                   const unsigned char *ct, size_t ct_len,
-                                   unsigned char **secret, size_t *secret_len)
+int ossl_cmp_kem_performKemDecapsulation(EVP_PKEY *pkey,
+                                         const unsigned char *ct, size_t ct_len,
+                                         unsigned char **secret, size_t *secret_len,
+                                         OSSL_LIB_CTX *libctx, char *propq)
 {
     int pknid = get_pknid(pkey);
 
@@ -260,40 +267,41 @@ static int performKemDecapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey,
     if (pknid == EVP_PKEY_EC
         || pknid == EVP_PKEY_X25519
         || pknid == EVP_PKEY_X448) {
-        return kem_decapsulation(ctx, pkey, 1, ct, ct_len, secret, secret_len);
+        return kem_decapsulation(pkey, 1, ct, ct_len, secret, secret_len,
+                                 libctx, propq);
     } else if (pknid == EVP_PKEY_RSA) {
-        return ossl_cmp_kemrsa_decapsulation(ctx, pkey,
-                                             ct, ct_len, secret, secret_len);
+        return ossl_cmp_kemrsa_decapsulation(pkey,
+                                             ct, ct_len, secret, secret_len,
+                                             libctx, propq);
     } else {
-        return kem_decapsulation(ctx, pkey, 0, ct, ct_len, secret, secret_len);
+        return kem_decapsulation(pkey, 0, ct, ct_len, secret, secret_len,
+                                 libctx, propq);
     }
     return 0;
 }
 
-static int derive_ssk_HKDF(OSSL_CMP_CTX *ctx,
-                           unsigned char *key, int keylen,
+static int derive_ssk_HKDF(unsigned char *key, int keylen,
                            unsigned char *salt, int saltlen,
                            unsigned char *info, int infolen,
-                           unsigned char **ssk, int *ssklen)
+                           unsigned char **ssk, int ssklen,
+                           OSSL_LIB_CTX *libctx, char *propq)
 {
     EVP_KDF *kdf;
     EVP_KDF_CTX *kdfctx;
     OSSL_PARAM params[5], *p = params;
     int rv;
 
-    if (ctx == NULL || ssk == NULL || ssklen == NULL
-        || key == NULL || info == NULL)
+    if (ssk == NULL || key == NULL || info == NULL)
         return 0;
 
-    *ssklen = ctx->kem_ssklen;
-    *ssk = OPENSSL_zalloc(*ssklen);
+    *ssk = OPENSSL_zalloc(ssklen);
     if (*ssk == NULL
-        || (kdf = EVP_KDF_fetch(ctx->libctx, "HKDF", ctx->propq)) == NULL)
+        || (kdf = EVP_KDF_fetch(libctx, "HKDF", propq)) == NULL)
         return 0;
 
     kdfctx = EVP_KDF_CTX_new(kdf);
     EVP_KDF_free(kdf);
-    if (ctx == NULL)
+    if (kdfctx == NULL)
         return 0;
 
     *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
@@ -308,7 +316,7 @@ static int derive_ssk_HKDF(OSSL_CMP_CTX *ctx,
                                                  saltlen);
 
     *p = OSSL_PARAM_construct_end();
-    rv = EVP_KDF_derive(kdfctx, *ssk, *ssklen, params);
+    rv = EVP_KDF_derive(kdfctx, *ssk, ssklen, params);
     EVP_KDF_CTX_free(kdfctx);
     return rv;
 }
@@ -324,9 +332,13 @@ int ossl_cmp_kem_derivessk(OSSL_CMP_CTX *ctx,
         return 0;
     }
 
-    derive_ssk_HKDF(ctx, secret, secret_len,
+    /*TODO: extend key derivation for other KDFs,
+     as of now HKDFwith SHA256 is only supported. */
+    derive_ssk_HKDF(secret, secret_len,
                     salt, sizeof(salt), info, info_len,
-                    out, len);
+                    out, ctx->kem_ssklen,
+                    ctx->libctx, ctx->propq);
+    *len = ctx->kem_ssklen;
     print_buf("\nsecret", secret, secret_len);
     print_buf("\ninfo", info, info_len);
     print_buf("\nssk", *out, *len);
@@ -356,10 +368,11 @@ int ossl_cmp_kem_derivessk_using_kemctinfo(OSSL_CMP_CTX *ctx,
     if (!ossl_cmp_ctx_set1_kem_ct(ctx, ct))
         return 0;
 
-    if (!performKemDecapsulation(ctx, pkey,
-                                 ASN1_STRING_get0_data(ct),
-                                 ASN1_STRING_length(ct),
-                                 &secret, &secret_len))
+    if (!ossl_cmp_kem_performKemDecapsulation(pkey,
+                                              ASN1_STRING_get0_data(ct),
+                                              ASN1_STRING_length(ct),
+                                              &secret, &secret_len,
+                                              ctx->libctx, ctx->propq))
         goto err;
 
     if (!ossl_cmp_kem_derivessk(ctx, secret, secret_len, &ssk, &ssk_len))
@@ -400,23 +413,23 @@ int OSSL_CMP_get_ssk(OSSL_CMP_CTX *ctx)
     return ret;
 }
 
-static int kem_encapsulation(OSSL_CMP_CTX *ctx,
-                             const EVP_PKEY *pubkey,
+static int kem_encapsulation(const EVP_PKEY *pubkey,
                              int is_EC,
                              size_t *secret_len, unsigned char **secret,
-                             size_t *ct_len, unsigned char **ct)
+                             size_t *ct_len, unsigned char **ct,
+                             OSSL_LIB_CTX *libctx, char *propq)
 {
     int ret = 0;
     EVP_PKEY_CTX *kem_encaps_ctx = NULL;
 
-    if (ctx == NULL || pubkey == NULL
+    if (pubkey == NULL
         || ct == NULL
         || secret == NULL || secret_len == NULL)
         return 0;
 
-    kem_encaps_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx,
+    kem_encaps_ctx = EVP_PKEY_CTX_new_from_pkey(libctx,
                                                 (EVP_PKEY *)pubkey,
-                                                ctx->propq);
+                                                propq);
 
     if (kem_encaps_ctx == NULL
         || EVP_PKEY_encapsulate_init(kem_encaps_ctx, NULL) <= 0
@@ -450,10 +463,11 @@ static int kem_encapsulation(OSSL_CMP_CTX *ctx,
     return ret;
 }
 
-static int performKemEncapsulation(OSSL_CMP_CTX *ctx,
-                                   const EVP_PKEY *pubkey,
-                                   size_t *secret_len, unsigned char **secret,
-                                   size_t *ct_len, unsigned char **ct)
+int ossl_cmp_kem_performKemEncapsulation(const EVP_PKEY *pubkey,
+                                         size_t *secret_len,
+                                         unsigned char **secret,
+                                         size_t *ct_len, unsigned char **ct,
+                                         OSSL_LIB_CTX *libctx, char *propq)
 {
     int pknid;
 
@@ -469,14 +483,17 @@ static int performKemEncapsulation(OSSL_CMP_CTX *ctx,
     if (pknid == EVP_PKEY_EC
         || pknid == EVP_PKEY_X25519
         || pknid == EVP_PKEY_X448) {
-        return kem_encapsulation(ctx, pubkey, 1, secret_len,
-                                 secret, ct_len, ct);
+        return kem_encapsulation(pubkey, 1, secret_len,
+                                 secret, ct_len, ct,
+                                 libctx, propq);
     } else if (pknid == EVP_PKEY_RSA) {
-        return ossl_cmp_kemrsa_encapsulation(ctx, pubkey, secret_len,
-                                             secret, ct_len, ct);
+        return ossl_cmp_kemrsa_encapsulation(pubkey, secret_len,
+                                             secret, ct_len, ct,
+                                             libctx, propq);
     } else {
-        return kem_encapsulation(ctx, pubkey, 0, secret_len,
-                                 secret, ct_len, ct);
+        return kem_encapsulation(pubkey, 0, secret_len,
+                                 secret, ct_len, ct,
+                                 libctx, propq);
     }
 }
 
@@ -492,8 +509,10 @@ OSSL_CMP_ITAV *ossl_cmp_kem_get_KemCiphertext(OSSL_CMP_CTX *ctx,
     if (ctx == NULL || pubkey == NULL)
         return NULL;
 
-    if (!performKemEncapsulation(ctx, pubkey, &secret_len, &secret,
-                                 &ct_len, &ct))
+    if (!ossl_cmp_kem_performKemEncapsulation(pubkey,
+                                              &secret_len, &secret,
+                                              &ct_len, &ct,
+                                              ctx->libctx, ctx->propq))
         return NULL;
 
     if (!ossl_cmp_ctx_set1_kem_secret(ctx, secret, secret_len))
@@ -503,7 +522,7 @@ OSSL_CMP_ITAV *ossl_cmp_kem_get_KemCiphertext(OSSL_CMP_CTX *ctx,
     if (!ossl_cmp_ctx_set1_kem_ct(ctx, asn1ct))
         goto err;
 
-    kem_algo = kem_algor(ctx, pubkey);
+    kem_algo = ossl_cmp_kem_algor(pubkey, ctx->libctx, ctx->propq);
     kem_itav = ossl_cmp_itav_new_KemCiphertext(kem_algo,
                                                ct, ct_len);
     if (kem_itav == NULL)
diff --git a/crypto/cmp/cmp_kemrsa.c b/crypto/cmp/cmp_kemrsa.c
index 6e46a21f14d0fb..77a114179bd049 100644
--- a/crypto/cmp/cmp_kemrsa.c
+++ b/crypto/cmp/cmp_kemrsa.c
@@ -17,10 +17,22 @@
 
 #define RSAKEM_KEYLENGTH 32
 
+static void print_buf(const char *title, const unsigned char *buf,
+                      size_t buf_len)
+{
+    size_t i = 0;
+
+    fprintf(stdout, "%s , len %ld\n", title, buf_len);
+    for (i = 0; i < buf_len; ++i)
+        fprintf(stdout, "%02X%s", buf[i],
+                (i + 1) % 16 == 0 ? "\r\n" : " ");
+
+}
+
 /* using X963KDF without info */
-static int kdf2(OSSL_CMP_CTX *ctx,
-                unsigned char *secret, size_t secret_len,
-                unsigned char *out, int out_len)
+static int kdf2(unsigned char *secret, size_t secret_len,
+                unsigned char *out, int out_len,
+                OSSL_LIB_CTX *libctx, char *propq)
 {
     EVP_KDF *kdf;
     EVP_KDF_CTX *kctx;
@@ -29,7 +41,7 @@ static int kdf2(OSSL_CMP_CTX *ctx,
     if (out == NULL)
         return 0;
 
-    kdf = EVP_KDF_fetch(ctx->libctx, "X963KDF", ctx->propq);
+    kdf = EVP_KDF_fetch(libctx, "X963KDF", propq);
     kctx = EVP_KDF_CTX_new(kdf);
     EVP_KDF_free(kdf);
 
@@ -45,7 +57,7 @@ static int kdf2(OSSL_CMP_CTX *ctx,
     return 1;
 }
 
-X509_ALGOR *ossl_cmp_rsakem_algor(OSSL_CMP_CTX *ctx)
+X509_ALGOR *ossl_cmp_rsakem_algor(OSSL_LIB_CTX *libctx, char *propq)
 {
     X509_ALGOR *kemrsa_algo = NULL;
     OSSL_CMP_RSAKEMPARAMETERS *param = NULL;
@@ -53,8 +65,9 @@ X509_ALGOR *ossl_cmp_rsakem_algor(OSSL_CMP_CTX *ctx)
 
     if ((param = OSSL_CMP_RSAKEMPARAMETERS_new()) == NULL
         || !ossl_cmp_x509_algor_set0(&param->KeyDerivationFunction,
-                                     ossl_cmp_kem_kdf_algor(ctx,
-                                                            NID_id_kdf_kdf2))
+                                     ossl_cmp_kem_kdf_algor(NID_id_kdf_kdf2,
+                                                            libctx,
+                                                            propq))
         || !ASN1_INTEGER_set(param->KeyLength, RSAKEM_KEYLENGTH))
         goto err;
 
@@ -72,16 +85,17 @@ X509_ALGOR *ossl_cmp_rsakem_algor(OSSL_CMP_CTX *ctx)
     return kemrsa_algo;
 }
 
-int ossl_cmp_kemrsa_decapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey,
+int ossl_cmp_kemrsa_decapsulation(EVP_PKEY *pkey,
                                   const unsigned char *ct, size_t ct_len,
-                                  unsigned char **secret, size_t *secret_len)
+                                  unsigned char **secret, size_t *secret_len,
+                                  OSSL_LIB_CTX *libctx, char *propq)
 {
     int ret = 0;
     size_t sec_len;
     unsigned char *sec;
     EVP_PKEY_CTX *kem_decaps_ctx;
 
-    if (ctx == NULL || pkey == NULL
+    if (pkey == NULL
         || ct == NULL
         || secret == NULL || secret_len == NULL)
         return 0;
@@ -89,9 +103,9 @@ int ossl_cmp_kemrsa_decapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey,
     if (EVP_PKEY_get_base_id(pkey) != EVP_PKEY_RSA)
         return 0;
 
-    kem_decaps_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx,
+    kem_decaps_ctx = EVP_PKEY_CTX_new_from_pkey(libctx,
                                                 pkey,
-                                                ctx->propq);
+                                                propq);
 
     if (kem_decaps_ctx == NULL
         || EVP_PKEY_decapsulate_init(kem_decaps_ctx, NULL) <= 0
@@ -119,29 +133,33 @@ int ossl_cmp_kemrsa_decapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey,
         goto err;
     }
 
-    if (!kdf2(ctx, sec, sec_len, *secret, *secret_len)) {
+    if (!kdf2(sec, sec_len, *secret, *secret_len, libctx, propq)) {
         OPENSSL_clear_free(sec, sec_len);
         OPENSSL_clear_free(*secret, *secret_len);
         goto err;
     }
     OPENSSL_clear_free(sec, sec_len);
+
+    print_buf("\nct", ct, ct_len);
+    print_buf("\nsecret", *secret, *secret_len);
+
     ret = 1;
  err:
     EVP_PKEY_CTX_free(kem_decaps_ctx);
     return ret;
 }
 
-int ossl_cmp_kemrsa_encapsulation(OSSL_CMP_CTX *ctx,
-                                  const EVP_PKEY *pubkey,
+int ossl_cmp_kemrsa_encapsulation(const EVP_PKEY *pubkey,
                                   size_t *secret_len, unsigned char **secret,
-                                  size_t *ct_len, unsigned char **ct)
+                                  size_t *ct_len, unsigned char **ct,
+                                  OSSL_LIB_CTX *libctx, char *propq)
 {
     int ret = 0;
     size_t sec_len;
     unsigned char *sec;
     EVP_PKEY_CTX *kem_encaps_ctx;
 
-    if (ctx == NULL || pubkey == NULL
+    if (pubkey == NULL
         || ct == NULL
         || secret == NULL || secret_len == NULL)
         return 0;
@@ -149,9 +167,9 @@ int ossl_cmp_kemrsa_encapsulation(OSSL_CMP_CTX *ctx,
     if (EVP_PKEY_get_base_id(pubkey) != EVP_PKEY_RSA)
         return 0;
 
-    kem_encaps_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx,
+    kem_encaps_ctx = EVP_PKEY_CTX_new_from_pkey(libctx,
                                                 (EVP_PKEY *)pubkey,
-                                                ctx->propq);
+                                                propq);
 
     if (kem_encaps_ctx == NULL
         || EVP_PKEY_encapsulate_init(kem_encaps_ctx, NULL) <= 0
@@ -185,13 +203,16 @@ int ossl_cmp_kemrsa_encapsulation(OSSL_CMP_CTX *ctx,
         goto err;
     }
 
-    if (!kdf2(ctx, sec, sec_len, *secret, *secret_len)) {
+    if (!kdf2(sec, sec_len, *secret, *secret_len, libctx, propq)) {
         OPENSSL_clear_free(sec, sec_len);
         OPENSSL_clear_free(*secret, *secret_len);
         OPENSSL_clear_free(*ct, *ct_len);
         goto err;
     }
     OPENSSL_clear_free(sec, sec_len);
+
+    print_buf("\nct", *ct, *ct_len);
+    print_buf("\nsecret", *secret, *secret_len);
     ret = 1;
  err:
     EVP_PKEY_CTX_free(kem_encaps_ctx);
diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h
index 7bfe4e3efcc7bd..091c78c460691b 100644
--- a/crypto/cmp/cmp_local.h
+++ b/crypto/cmp/cmp_local.h
@@ -13,6 +13,7 @@
 # define OSSL_CRYPTO_CMP_LOCAL_H
 
 # include "internal/cryptlib.h"
+# include "internal/cmp.h"
 
 # include <openssl/cmp.h>
 # include <openssl/err.h>
@@ -998,6 +999,8 @@ int ossl_cmp_msg_set_bodytype(OSSL_CMP_MSG *msg, int type);
 OSSL_CMP_MSG *ossl_cmp_msg_create(OSSL_CMP_CTX *ctx, int bodytype);
 OSSL_CMP_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    const OSSL_CRMF_MSG *crm);
+OSSL_CMP_CERTIFIEDKEYPAIR *ossl_cmp_Enccert_init(X509* cert,
+                                                 const X509* encryption_recip);
 OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    int certReqId, const OSSL_CMP_PKISI *si,
                                    X509 *cert, const X509 *encryption_recip,
@@ -1068,7 +1071,8 @@ int ossl_cmp_exchange_error(OSSL_CMP_CTX *ctx, int status, int fail_info,
 
 /* from cmp_kem.c */
 X509_ALGOR *ossl_cmp_kem_BasedMac_algor(const OSSL_CMP_CTX *ctx);
-X509_ALGOR *ossl_cmp_kem_kdf_algor(const OSSL_CMP_CTX *ctx, int nid_kdf);
+X509_ALGOR *ossl_cmp_kem_kdf_algor(int nid_kdf,
+                                   OSSL_LIB_CTX *libctx, char *propq);
 int ossl_cmp_kem_BasedMac_required(OSSL_CMP_CTX *ctx);
 int ossl_cmp_kem_derivessk(OSSL_CMP_CTX *ctx,
                            unsigned char *secret, int secret_len,
@@ -1083,14 +1087,15 @@ OSSL_CMP_ITAV *ossl_cmp_kem_get_KemCiphertext(OSSL_CMP_CTX *ctx,
                                               const EVP_PKEY *pubkey);
 
 /* from cmp_kemrsa.c */
-X509_ALGOR *ossl_cmp_rsakem_algor(OSSL_CMP_CTX *ctx);
-int ossl_cmp_kemrsa_decapsulation(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey,
+X509_ALGOR *ossl_cmp_rsakem_algor(OSSL_LIB_CTX *libctx, char *propq);
+int ossl_cmp_kemrsa_decapsulation(EVP_PKEY *pkey,
                                   const unsigned char *ct, size_t ct_len,
-                                  unsigned char **secret, size_t *secret_len);
-int ossl_cmp_kemrsa_encapsulation(OSSL_CMP_CTX *ctx,
-                                  const EVP_PKEY *pubkey,
+                                  unsigned char **secret, size_t *secret_len,
+                                  OSSL_LIB_CTX *libctx, char *propq);
+int ossl_cmp_kemrsa_encapsulation(const EVP_PKEY *pubkey,
                                   size_t *secret_len, unsigned char **secret,
-                                  size_t *ct_len, unsigned char **ct);
+                                  size_t *ct_len, unsigned char **ct,
+                                  OSSL_LIB_CTX *libctx, char *propq);
 
 /* from cmp_genm.c */
 OSSL_CMP_ITAV *ossl_cmp_genm_get_itav(OSSL_CMP_CTX *ctx,
diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index 659c1774ec5174..8b669eca19554b 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -19,6 +19,9 @@
 #include <openssl/crmf.h>
 #include <openssl/err.h>
 #include <openssl/x509.h>
+#include <openssl/cms.h>
+#include <openssl/pem.h>
+#include <openssl/bio.h>
 
 OSSL_CMP_MSG *OSSL_CMP_MSG_new(OSSL_LIB_CTX *libctx, const char *propq)
 {
@@ -449,6 +452,50 @@ OSSL_CMP_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int type,
     return NULL;
 }
 
+OSSL_CMP_CERTIFIEDKEYPAIR *ossl_cmp_Enccert_init(X509 *cert, const X509 *encryption_recip)
+{
+    OSSL_CMP_CERTIFIEDKEYPAIR *certifiedKeyPair = NULL;
+    CMS_EnvelopedData *env = NULL;
+    CMS_ContentInfo *cms;
+    EVP_CIPHER *cipher;
+    OSSL_CRMF_ENCRYPTEDKEY *encKey = NULL;
+    BIO* data;
+
+    if ((certifiedKeyPair = OSSL_CMP_CERTIFIEDKEYPAIR_new()) == NULL)
+        goto err;
+
+    if ((cipher = EVP_CIPHER_fetch(NULL, "aes-256-cbc", NULL)) == NULL)
+        goto err;
+
+    if ((data = BIO_new(BIO_s_mem())) == NULL
+        || !i2d_X509_bio(data, cert))
+        goto err;
+
+    cms = CMS_EnvelopedData_create(cipher); //TODO: pass lib ctx
+    if (!CMS_add1_recipient_cert(cms, (X509 *)encryption_recip, 0)) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_RECIPIENT_ERROR);
+        goto err;
+    }
+    CMS_set_detached(cms, 0);
+    if (CMS_final(cms, data, NULL, SMIME_BINARY) == 0)
+        goto err;
+    env = OSSL_CMS_get0_enveloped(cms);
+    if ((encKey =
+            OSSL_CRMF_ENCRYPTEDKEY_init_envdata(env))
+         == NULL)
+        goto err;
+
+    certifiedKeyPair->certOrEncCert->type = OSSL_CMP_CERTORENCCERT_ENCRYPTEDCERT;
+    certifiedKeyPair->certOrEncCert->value.encryptedCert = encKey;
+    return certifiedKeyPair;
+
+ err:
+    BIO_free(data);
+    OSSL_CMP_CERTIFIEDKEYPAIR_free(certifiedKeyPair);
+    EVP_CIPHER_free(cipher);
+    return NULL;
+}
+
 OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    int certReqId, const OSSL_CMP_PKISI *si,
                                    X509 *cert, const X509 *encryption_recip,
@@ -483,18 +530,19 @@ OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
     if (status != OSSL_CMP_PKISTATUS_rejection
             && status != OSSL_CMP_PKISTATUS_waiting && cert != NULL) {
         if (encryption_recip != NULL) {
-            ERR_raise(ERR_LIB_CMP, ERR_R_UNSUPPORTED);
-            goto err;
+            if ((resp->certifiedKeyPair
+                    = ossl_cmp_Enccert_init(cert, encryption_recip)) == NULL)
+                goto err;
+        } else {
+            if ((resp->certifiedKeyPair = OSSL_CMP_CERTIFIEDKEYPAIR_new())
+                == NULL)
+                goto err;
+            resp->certifiedKeyPair->certOrEncCert->type =
+                OSSL_CMP_CERTORENCCERT_CERTIFICATE;
+            if (!X509_up_ref(cert))
+                goto err;
+            resp->certifiedKeyPair->certOrEncCert->value.certificate = cert;
         }
-
-        if ((resp->certifiedKeyPair = OSSL_CMP_CERTIFIEDKEYPAIR_new())
-            == NULL)
-            goto err;
-        resp->certifiedKeyPair->certOrEncCert->type =
-            OSSL_CMP_CERTORENCCERT_CERTIFICATE;
-        if (!X509_up_ref(cert))
-            goto err;
-        resp->certifiedKeyPair->certOrEncCert->value.certificate = cert;
     }
 
     if (!sk_OSSL_CMP_CERTRESPONSE_push(repMsg->response, resp))
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c
index a002faa8c27319..a4db5e862d75ce 100644
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -217,6 +217,7 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
     OSSL_CMP_MSG *msg = NULL;
     OSSL_CMP_PKISI *si = NULL;
     X509 *certOut = NULL;
+    X509 *encryption_recip = NULL;
     STACK_OF(X509) *chainOut = NULL, *caPubs = NULL;
     const OSSL_CRMF_MSG *crm = NULL;
     const X509_REQ *p10cr = NULL;
@@ -309,8 +310,11 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
             goto err;
     }
 
+    if (OSSL_CRMF_MSG_certreq_encrcert_popo(crm))
+        encryption_recip = certOut; /* for indirect POP */
+
     msg = ossl_cmp_certrep_new(srv_ctx->ctx, bodytype, certReqId, si,
-                               certOut, NULL /* enc */, chainOut, caPubs,
+                               certOut, encryption_recip, chainOut, caPubs,
                                srv_ctx->sendUnprotectedErrors);
     /* When supporting OSSL_CRMF_POPO_KEYENC, "enc" will need to be set */
     if (msg == NULL)
diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
index bc6b2769f98cdf..8c9a589e3e7490 100644
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -190,10 +190,32 @@ ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
         ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
 } ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo)
 
+ASN1_ADB_TEMPLATE(oritypeandvalue_default) = ASN1_OPT(CMS_OtherRecipientInfo,
+                                                       oriValue.other,
+                                                       ASN1_ANY);
+ASN1_ADB(CMS_OtherRecipientInfo) = {
+      ADB_ENTRY(NID_id_smime_ori_kem,
+              ASN1_OPT(CMS_OtherRecipientInfo, oriValue.kemri,
+                       CMS_KEMRecipientInfo)),
+} ASN1_ADB_END(CMS_OtherRecipientInfo, 0, oriType, 0,
+               &oritypeandvalue_default_tt, NULL);
+
 ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
-  ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
-  ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
-} static_ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
+    ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
+    ASN1_ADB_OBJECT(CMS_OtherRecipientInfo)
+} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
+
+ASN1_SEQUENCE(CMS_KEMRecipientInfo) = {
+        ASN1_EMBED(CMS_KEMRecipientInfo, version, INT32),
+        ASN1_SIMPLE(CMS_KEMRecipientInfo, rid, CMS_SignerIdentifier),
+        ASN1_SIMPLE(CMS_KEMRecipientInfo, kem, X509_ALGOR),
+        ASN1_SIMPLE(CMS_KEMRecipientInfo, kemct, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(CMS_KEMRecipientInfo, kdf, X509_ALGOR),
+        ASN1_SIMPLE(CMS_KEMRecipientInfo, kekLength, ASN1_INTEGER),
+        ASN1_EXP_OPT(CMS_KEMRecipientInfo, ukm, ASN1_OCTET_STRING, 0),
+        ASN1_SIMPLE(CMS_KEMRecipientInfo, wrap, X509_ALGOR),
+        ASN1_SIMPLE(CMS_KEMRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_KEMRecipientInfo)
 
 /* Free up RecipientInfo additional data */
 static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index b877e106199aee..00a162ff3fd3b8 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -18,6 +18,7 @@
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
 #include "crypto/x509.h"
+#include "internal/cmp.h"
 #include "cms_local.h"
 
 /* CMS EnvelopedData Utilities */
@@ -60,7 +61,7 @@ void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf)
     }
 }
 
-CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms)
+CMS_EnvelopedData *OSSL_CMS_get0_enveloped(CMS_ContentInfo *cms)
 {
     if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
         ERR_raise(ERR_LIB_CMS, CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
@@ -93,7 +94,7 @@ static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms)
         cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
         return cms->d.envelopedData;
     }
-    return ossl_cms_get0_enveloped(cms);
+    return OSSL_CMS_get0_enveloped(cms);
 }
 
 static CMS_AuthEnvelopedData *
@@ -329,6 +330,74 @@ CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher)
     return CMS_AuthEnvelopedData_create_ex(cipher, NULL, NULL);
 }
 
+static int cms_RecipientInfo_kemri_init(CMS_RecipientInfo *ri, X509 *recip,
+                                       EVP_PKEY *pk, unsigned int flags,
+                                       const CMS_CTX *ctx)
+{
+    CMS_KEMRecipientInfo *kemri;
+    int idtype;
+    int ret = 0;
+
+    ri->d.ori = M_ASN1_new_of(CMS_OtherRecipientInfo);
+    if (ri->d.ori == NULL)
+        return 0;
+    ri->type = CMS_RECIPINFO_OTHER;
+
+    ri->d.ori->oriType = OBJ_nid2obj(NID_id_smime_ori_kem); 
+    kemri = M_ASN1_new_of(CMS_KEMRecipientInfo);
+    if (kemri == NULL)
+        goto err;
+    ri->d.ori->oriValue.kemri = kemri;
+
+    kemri->cms_ctx = ctx;
+    kemri->version = 0;
+
+    if (flags & CMS_USE_KEYID)
+        idtype = CMS_RECIPINFO_KEYIDENTIFIER;
+    else
+        idtype = CMS_RECIPINFO_ISSUER_SERIAL;
+
+    X509_up_ref(recip);
+    EVP_PKEY_up_ref(pk);
+    kemri->pkey = pk;
+    kemri->recip = recip;
+    ossl_cmp_kem_performKemEncapsulation(pk,
+                                         &kemri->secret_len,
+                                         &kemri->secret,
+                                         &kemri->ct_len,
+                                         &kemri->ct,
+                                         ctx->libctx, ctx->propq);
+    /* TODO: Need to use KDF to generate ssk using ukm, for now directly 
+    using encapsulation output */
+    /*
+     * Not a typo: RecipientIdentifier and SignerIdentifier are the same
+     * structure.
+     */
+    if (!ossl_cms_set1_SignerIdentifier(kemri->rid, recip, idtype, ctx)
+        || !ossl_cmp_asn1_octet_string_set1_bytes(&kemri->kemct,
+                                                  kemri->ct, kemri->ct_len)
+        || !ossl_cmp_x509_algor_set0(&kemri->kem,
+                                     ossl_cmp_kem_algor(pk, ctx->libctx,
+                                                        ctx->propq))
+        || !ossl_cmp_x509_algor_set0(&kemri->kdf,
+                                     ossl_cmp_kem_kdf_algor(NID_hkdfWithSHA256,
+                                                            ctx->libctx,
+                                                            ctx->propq))
+        || !ASN1_INTEGER_set(kemri->kekLength, 32))
+        goto err;
+
+    /* hard coded for KEK of length 32 */
+    (void)X509_ALGOR_set0(kemri->wrap, OBJ_nid2obj(NID_id_aes256_wrap),
+                          V_ASN1_UNDEF, NULL); /* cannot fail */
+
+    return 1;
+
+ err:
+    M_ASN1_free_of(kemri, CMS_KEMRecipientInfo);
+    M_ASN1_free_of(ri->d.ori, CMS_OtherRecipientInfo);
+    return ret;
+}
+
 /* Key Transport Recipient Info (KTRI) routines */
 
 /* Initialise a ktri based on passed certificate and key */
@@ -426,6 +495,11 @@ CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
             goto err;
         break;
 
+    case CMS_RECIPINFO_OTHER_KEM:
+        if (!cms_RecipientInfo_kemri_init(ri, recip, pk, flags, ctx))
+            goto err;
+        break;
+
     default:
         ERR_raise(ERR_LIB_CMS, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
         goto err;
@@ -1016,6 +1090,166 @@ static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
     return r;
 }
 
+static int cms_RecipientInfo_kemri_encrypt(const CMS_ContentInfo *cms,
+                                           CMS_KEMRecipientInfo *kemri)
+{
+    CMS_EncryptedContentInfo *ec;
+    unsigned char *wkey = NULL;
+    int wkeylen;
+    int r = 0;
+    EVP_CIPHER *cipher = NULL;
+    int outlen = 0;
+    EVP_CIPHER_CTX *ctx = NULL;
+    const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
+
+    ec = ossl_cms_get0_env_enc_content(cms);
+    if (ec == NULL)
+        return 0;
+
+    if (kemri->secret == NULL) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_NO_KEY);
+        return 0;
+    }
+
+    cipher = cms_get_key_wrap_cipher(kemri->secret_len, cms_ctx);
+    if (cipher == NULL) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_KEY_LENGTH);
+        goto err;
+    }
+
+    /* 8 byte prefix for AES wrap ciphers */
+    wkey = OPENSSL_malloc(ec->keylen + 8);
+    if (wkey == NULL)
+        goto err;
+
+    ctx = EVP_CIPHER_CTX_new();
+    if (ctx == NULL) {
+        ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
+        goto err;
+    }
+
+    EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
+    if (!EVP_EncryptInit_ex(ctx, cipher, NULL, kemri->secret, NULL)
+            || !EVP_EncryptUpdate(ctx, wkey, &wkeylen, ec->key, ec->keylen)
+            || !EVP_EncryptFinal_ex(ctx, wkey + wkeylen, &outlen)) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_WRAP_ERROR);
+        goto err;
+    }
+    wkeylen += outlen;
+    if (!ossl_assert((size_t)wkeylen == ec->keylen + 8)) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_WRAP_ERROR);
+        goto err;
+    }
+
+    ASN1_STRING_set0(kemri->encryptedKey, wkey, wkeylen);
+
+    r = 1;
+ err:
+    EVP_CIPHER_free(cipher);
+    if (!r)
+        OPENSSL_free(wkey);
+    EVP_CIPHER_CTX_free(ctx);
+
+    return r;
+}
+
+int cms_RecipientInfo_kemri_decrypt(const CMS_ContentInfo *cms,
+                                    CMS_KEMRecipientInfo *kemri)
+{
+    CMS_EncryptedContentInfo *ec;
+    unsigned char *ukey = NULL;
+    int ukeylen;
+    int r = 0, wrap_nid;
+    EVP_CIPHER *cipher = NULL;
+    int outlen = 0;
+    EVP_CIPHER_CTX *ctx = NULL;
+    const CMS_CTX *cms_ctx = ossl_cms_get0_cmsctx(cms);
+
+    ec = ossl_cms_get0_env_enc_content(cms);
+    if (ec == NULL)
+        return 0;
+
+    if (!kemri->secret) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_NO_KEY);
+        return 0;
+    }
+
+    wrap_nid = OBJ_obj2nid(kemri->wrap->algorithm);
+    if (aes_wrap_keylen(wrap_nid) != kemri->secret_len) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_KEY_LENGTH);
+        return 0;
+    }
+
+    /* If encrypted key length is invalid don't bother */
+
+    if (kemri->encryptedKey->length < 16) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
+        goto err;
+    }
+
+    cipher = cms_get_key_wrap_cipher(kemri->secret_len, cms_ctx);
+    if (cipher == NULL) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_INVALID_KEY_LENGTH);
+        goto err;
+    }
+
+    ukey = OPENSSL_malloc(kemri->encryptedKey->length - 8);
+    if (ukey == NULL)
+        goto err;
+
+    ctx = EVP_CIPHER_CTX_new();
+    if (ctx == NULL) {
+        ERR_raise(ERR_LIB_CMS, ERR_R_EVP_LIB);
+        goto err;
+    }
+
+    if (!EVP_DecryptInit_ex(ctx, cipher, NULL, kemri->secret, NULL)
+            || !EVP_DecryptUpdate(ctx, ukey, &ukeylen,
+                                  kemri->encryptedKey->data,
+                                  kemri->encryptedKey->length)
+            || !EVP_DecryptFinal_ex(ctx, ukey + ukeylen, &outlen)) {
+        ERR_raise(ERR_LIB_CMS, CMS_R_UNWRAP_ERROR);
+        goto err;
+    }
+    ukeylen += outlen;
+
+    OPENSSL_clear_free(ec->key, ec->keylen);
+    ec->key = ukey;
+    ec->keylen = ukeylen;
+
+    r = 1;
+
+ err:
+    EVP_CIPHER_free(cipher);
+    if (!r)
+        OPENSSL_free(ukey);
+    EVP_CIPHER_CTX_free(ctx);
+
+    return r;
+}
+
+static int cms_RecipientInfo_ori_encrypt(const CMS_ContentInfo *cms,
+                                         CMS_OtherRecipientInfo *ori)
+{
+    if (ori != NULL && ori->oriType == OBJ_nid2obj(NID_id_smime_ori_kem))
+        return cms_RecipientInfo_kemri_encrypt(cms,
+                                               (CMS_KEMRecipientInfo*) ori->oriValue.kemri);
+
+    ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
+    return 0;
+}
+
+static int cms_RecipientInfo_ori_decrypt(CMS_ContentInfo *cms,
+                                         CMS_OtherRecipientInfo *ori)
+{
+    if (ori != NULL && ori->oriType == OBJ_nid2obj(NID_id_smime_ori_kem))
+        return cms_RecipientInfo_kemri_decrypt(cms,
+                                               (CMS_KEMRecipientInfo*) ori->oriValue.kemri);
+
+    ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
+    return 0;
+}
+
 int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
 {
     switch (ri->type) {
@@ -1027,6 +1261,9 @@ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
 
     case CMS_RECIPINFO_PASS:
         return ossl_cms_RecipientInfo_pwri_crypt(cms, ri, 0);
+    
+    case CMS_RECIPINFO_OTHER:
+        return cms_RecipientInfo_ori_decrypt(cms, ri->d.ori);
 
     default:
         ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE);
@@ -1048,6 +1285,9 @@ int CMS_RecipientInfo_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
 
     case CMS_RECIPINFO_PASS:
         return ossl_cms_RecipientInfo_pwri_crypt(cms, ri, 1);
+    
+    case CMS_RECIPINFO_OTHER:
+        return cms_RecipientInfo_ori_encrypt(cms, ri->d.ori);
 
     default:
         ERR_raise(ERR_LIB_CMS, CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
@@ -1264,7 +1504,7 @@ int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain)
     EVP_CIPHER_CTX *ctx = NULL;
     BIO *mbio = BIO_find_type(chain, BIO_TYPE_CIPHER);
 
-    env = ossl_cms_get0_enveloped(cms);
+    env = OSSL_CMS_get0_enveloped(cms);
     if (env == NULL)
         return 0;
 
@@ -1350,7 +1590,7 @@ int ossl_cms_pkey_get_ri_type(EVP_PKEY *pk)
     else if (EVP_PKEY_is_a(pk, "EC"))
         return CMS_RECIPINFO_AGREE;
     else if (EVP_PKEY_is_a(pk, "RSA"))
-        return CMS_RECIPINFO_TRANS;
+        return CMS_RECIPINFO_OTHER_KEM;  /* for testing RSA KEM */
 
     /*
      * Otherwise this might ben an engine implementation, so see if we can get
diff --git a/crypto/cms/cms_local.h b/crypto/cms/cms_local.h
index 7069021267defa..704db78574a351 100644
--- a/crypto/cms/cms_local.h
+++ b/crypto/cms/cms_local.h
@@ -41,6 +41,7 @@ typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
 typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
 typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
 typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
+typedef struct CMS_KEMRecipientInfo_st CMS_KEMRecipientInfo;
 typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
 typedef struct CMS_CTX_st CMS_CTX;
 
@@ -241,9 +242,49 @@ struct CMS_PasswordRecipientInfo_st {
     const CMS_CTX *cms_ctx;
 };
 
+/*
+  KEMRecipientInfo ::= SEQUENCE {
+    version CMSVersion,  -- always set to 0
+    rid RecipientIdentifier,
+    kem KEMAlgorithmIdentifier,
+    kemct OCTET STRING,
+    kdf KeyDerivationAlgorithmIdentifier,
+    kekLength INTEGER (1..65535),
+    ukm [0] EXPLICIT UserKeyingMaterial OPTIONAL,
+    wrap KeyEncryptionAlgorithmIdentifier,
+    encryptedKey EncryptedKey }
+*/
+struct CMS_KEMRecipientInfo_st {
+    int32_t version;
+    CMS_RecipientIdentifier *rid;
+    X509_ALGOR *kem;
+    ASN1_OCTET_STRING *kemct;
+    X509_ALGOR *kdf;
+    ASN1_INTEGER *kekLength;
+    ASN1_OCTET_STRING *ukm;
+    X509_ALGOR *wrap;
+    ASN1_OCTET_STRING *encryptedKey;
+    /* Recipient Key and cert */
+    X509 *recip;
+    EVP_PKEY *pkey;
+    /* Public key context for this operation */
+    EVP_PKEY_CTX *pctx;
+    const CMS_CTX *cms_ctx;
+    size_t secret_len;
+    unsigned char *secret;
+    size_t ct_len;
+    unsigned char *ct;
+};
+
 struct CMS_OtherRecipientInfo_st {
     ASN1_OBJECT *oriType;
-    ASN1_TYPE *oriValue;
+    union {
+        char *ptr;
+        /* NID_id_smime_ori_kem */
+        CMS_KEMRecipientInfo *kemri;
+        /* this is to be used for so far undeclared objects */
+        ASN1_TYPE *other;
+    } oriValue;
 };
 
 struct CMS_DigestedData_st {
@@ -448,7 +489,7 @@ int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
 BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
 int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
 void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf);
-CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms);
+/* CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms); */
 CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms);
 CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms);
 
@@ -485,6 +526,9 @@ int ossl_cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt);
 int ossl_cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt);
 int ossl_cms_rsa_sign(CMS_SignerInfo *si, int verify);
 
+int cms_RecipientInfo_kemri_decrypt(const CMS_ContentInfo *cms,
+                                    CMS_KEMRecipientInfo *kemri);
+
 DECLARE_ASN1_ITEM(CMS_CertificateChoices)
 DECLARE_ASN1_ITEM(CMS_DigestedData)
 DECLARE_ASN1_ITEM(CMS_EncryptedData)
@@ -493,6 +537,8 @@ DECLARE_ASN1_ITEM(CMS_AuthEnvelopedData)
 DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
 DECLARE_ASN1_ITEM(CMS_KeyAgreeRecipientInfo)
 DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_OtherRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_KEMRecipientInfo)
 DECLARE_ASN1_ITEM(CMS_OriginatorPublicKey)
 DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
 DECLARE_ASN1_ITEM(CMS_Receipt)
diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c
index 99a72f4dffe3cf..4ffbe598c83187 100644
--- a/crypto/cms/cms_smime.c
+++ b/crypto/cms/cms_smime.c
@@ -8,6 +8,7 @@
  */
 
 #include "internal/cryptlib.h"
+#include "internal/cmp.h"
 #include <openssl/asn1t.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
@@ -696,6 +697,21 @@ static int cms_kari_set1_pkey_and_peer(CMS_ContentInfo *cms,
     return 0;
 }
 
+static int cms_kemri_set1_pkey(CMS_ContentInfo *cms,
+                               CMS_KEMRecipientInfo *kemri,
+                               EVP_PKEY *pk)
+{
+    if (!ossl_cmp_kem_performKemDecapsulation(pk,
+                                         ASN1_STRING_get0_data(kemri->kemct),
+                                         ASN1_STRING_length(kemri->kemct),
+                                         &kemri->secret, &kemri->secret_len,
+                                         cms->ctx.libctx, cms->ctx.propq)
+        || !cms_RecipientInfo_kemri_decrypt(cms, kemri))
+        return 0;
+
+    return 1;
+}
+
 int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
 {
      return CMS_decrypt_set1_pkey_and_peer(cms, pk, cert, NULL);
@@ -731,7 +747,8 @@ int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk,
 
         ri = sk_CMS_RecipientInfo_value(ris, i);
         ri_type = CMS_RecipientInfo_type(ri);
-        if (!ossl_cms_pkey_is_ri_type_supported(pk, ri_type))
+        if (ri_type != CMS_RECIPINFO_OTHER
+            && !ossl_cms_pkey_is_ri_type_supported(pk, ri_type))
             continue;
         match_ri = 1;
         if (ri_type == CMS_RECIPINFO_AGREE) {
@@ -740,9 +757,15 @@ int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk,
                 return 1;
             if (r < 0)
                 return 0;
+        } else if (ri_type == CMS_RECIPINFO_OTHER) {
+            if (OBJ_obj2nid(ri->d.ori->oriType) == NID_id_smime_ori_kem) {
+                if (cms_kemri_set1_pkey(cms, ri->d.ori->oriValue.kemri, pk))
+                    return 1;
+                return 0;
+            }
         }
         /* If we have a cert, try matching RecipientInfo, else try them all */
-        else if (cert == NULL || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
+        else if (cert == NULL || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) { //TODO: function return -2
             EVP_PKEY_up_ref(pk);
             CMS_RecipientInfo_set0_pkey(ri, pk);
             r = CMS_RecipientInfo_decrypt(cms, ri);
diff --git a/crypto/crmf/crmf_err.c b/crypto/crmf/crmf_err.c
index 48543cb41a7029..86cbc8f594c7a6 100644
--- a/crypto/crmf/crmf_err.c
+++ b/crypto/crmf/crmf_err.c
@@ -19,6 +19,7 @@
 static const ERR_STRING_DATA CRMF_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_BAD_PBM_ITERATIONCOUNT),
     "bad pbm iterationcount"},
+    {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_CMS_NOT_SUPPORTED), "cms not supported"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_CRMFERROR), "crmferror"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR), "error"},
     {ERR_PACK(ERR_LIB_CRMF, 0, CRMF_R_ERROR_DECODING_CERTIFICATE),
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
index 37dc0cc939ce49..c1d84881e802c3 100644
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -457,6 +457,28 @@ int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
     return 0;
 }
 
+int OSSL_CRMF_MSG_certreq_encrcert_popo(const OSSL_CRMF_MSG *req)
+{
+    OSSL_CRMF_POPOPRIVKEY *keyEnc;
+    
+    if (req == NULL || req->popo == NULL) {
+        ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
+        return 0;
+    }
+
+    keyEnc = req->popo->value.keyEncipherment;
+    if (keyEnc == NULL) {
+        ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_MISSING_KEYENCIPHERMENT);
+        return 0;
+    } 
+    if( keyEnc->type == OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE
+            && keyEnc->value.subsequentMessage != NULL
+            && ASN1_INTEGER_get(keyEnc->value.subsequentMessage)
+                == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT)
+        return 1;
+    return 0;
+}
+
 /* verifies the Proof-of-Possession of the request with the given rid in reqs */
 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
                                int rid, int acceptRAVerified,
@@ -528,23 +550,14 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
             return 0;
         break;
     case OSSL_CRMF_POPO_KEYENC:
-    {
         /*
          * When OSSL_CMP_certrep_new() supports encrypted certs,
          * should return 1 if the type of req->popo->value.keyEncipherment
          * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and
          * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT
          */
-        OSSL_CRMF_POPOPRIVKEY *keyEnc = req->popo->value.keyEncipherment;
-        if (keyEnc == NULL) {
-            ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_MISSING_KEYENCIPHERMENT);
-            return 0;
-        } 
-        if( keyEnc->type == OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE
-                && keyEnc->value.subsequentMessage != NULL
-                && ASN1_INTEGER_get(keyEnc->value.subsequentMessage) == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT)
+        if (OSSL_CRMF_MSG_certreq_encrcert_popo(req))
             return 1;
-    }
         /* fall through */
     case OSSL_CRMF_POPO_KEYAGREE:
     default:
@@ -760,4 +773,18 @@ X509
     ERR_raise(ERR_LIB_CRMF, CRMF_R_CMS_NOT_SUPPORTED);
     return NULL;
 #endif /* OPENSSL_NO_CMS */
-}
\ No newline at end of file
+}
+
+OSSL_CRMF_ENCRYPTEDKEY 
+*OSSL_CRMF_ENCRYPTEDKEY_init_envdata(CMS_EnvelopedData *envdata)
+{
+    OSSL_CRMF_ENCRYPTEDKEY *ek = OSSL_CRMF_ENCRYPTEDKEY_new();
+    if (ek == NULL)
+        return NULL;
+
+    ek->type = OSSL_CRMF_ENCRYPTEDKEY_ENVELOPEDDATA;
+    ek->value.envelopedData = envdata;
+
+    return ek;
+}
+
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index a432d789ee2440..d6fc0d72e4eae0 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -441,6 +441,7 @@ CONF_R_UNKNOWN_MODULE_NAME:113:unknown module name
 CONF_R_VARIABLE_EXPANSION_TOO_LONG:116:variable expansion too long
 CONF_R_VARIABLE_HAS_NO_VALUE:104:variable has no value
 CRMF_R_BAD_PBM_ITERATIONCOUNT:100:bad pbm iterationcount
+CRMF_R_CMS_NOT_SUPPORTED:123:cms not supported
 CRMF_R_CRMFERROR:102:crmferror
 CRMF_R_ERROR:103:error
 CRMF_R_ERROR_DECODING_CERTIFICATE:104:error decoding certificate
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 78e690aa59e0b9..1247b8b9e83fa0 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by crypto/objects/obj_dat.pl
  *
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[8518] = {
+static const unsigned char so[8539] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -1187,9 +1187,11 @@ static const unsigned char so[8518] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x1C,  /* [ 8492] OBJ_hkdfWithSHA256 */
     0x28,0x81,0x8C,0x71,0x02,0x02,0x04,            /* [ 8503] OBJ_id_kem_rsa */
     0x28,0x81,0x8C,0x71,0x02,0x05,0x02,            /* [ 8510] OBJ_id_kdf_kdf2 */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x0D,  /* [ 8517] OBJ_id_smime_ori */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x0D,0x03,  /* [ 8527] OBJ_id_smime_ori_kem */
 };
 
-#define NUM_NID 1325
+#define NUM_NID 1327
 static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"UNDEF", "undefined", NID_undef},
     {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2516,9 +2518,11 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"hkdfWithSHA256", "HKDF with SHA256", NID_hkdfWithSHA256, 11, &so[8492]},
     {"id-kem-rsa", "id-kem-rsa", NID_id_kem_rsa, 7, &so[8503]},
     {"id-kdf-kdf2", "id-kdf-kdf2", NID_id_kdf_kdf2, 7, &so[8510]},
+    {"id-smime-ori", "id-smime-ori", NID_id_smime_ori, 10, &so[8517]},
+    {"id-smime-ori-kem", "id-smime-ori-kem", NID_id_smime_ori_kem, 11, &so[8527]},
 };
 
-#define NUM_SN 1316
+#define NUM_SN 1318
 static const unsigned int sn_objs[NUM_SN] = {
      364,    /* "AD_DVCS" */
      419,    /* "AES-128-CBC" */
@@ -3362,6 +3366,8 @@ static const unsigned int sn_objs[NUM_SN] = {
      201,    /* "id-smime-mod-ets-eSignature-97" */
      199,    /* "id-smime-mod-msg-v3" */
      198,    /* "id-smime-mod-oid" */
+    1325,    /* "id-smime-ori" */
+    1326,    /* "id-smime-ori-kem" */
      194,    /* "id-smime-spq" */
      250,    /* "id-smime-spq-ets-sqt-unotice" */
      249,    /* "id-smime-spq-ets-sqt-uri" */
@@ -3838,7 +3844,7 @@ static const unsigned int sn_objs[NUM_SN] = {
     1289,    /* "zstd" */
 };
 
-#define NUM_LN 1316
+#define NUM_LN 1318
 static const unsigned int ln_objs[NUM_LN] = {
      363,    /* "AD Time Stamping" */
      405,    /* "ANSI X9.62" */
@@ -4682,6 +4688,8 @@ static const unsigned int ln_objs[NUM_LN] = {
      201,    /* "id-smime-mod-ets-eSignature-97" */
      199,    /* "id-smime-mod-msg-v3" */
      198,    /* "id-smime-mod-oid" */
+    1325,    /* "id-smime-ori" */
+    1326,    /* "id-smime-ori-kem" */
      194,    /* "id-smime-spq" */
      250,    /* "id-smime-spq-ets-sqt-unotice" */
      249,    /* "id-smime-spq-ets-sqt-uri" */
@@ -5158,7 +5166,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      125,    /* "zlib compression" */
 };
 
-#define NUM_OBJ 1182
+#define NUM_OBJ 1184
 static const unsigned int obj_objs[NUM_OBJ] = {
        0,    /* OBJ_undef                        0 */
      181,    /* OBJ_iso                          1 */
@@ -6203,6 +6211,7 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      193,    /* OBJ_id_smime_cd                  1 2 840 113549 1 9 16 4 */
      194,    /* OBJ_id_smime_spq                 1 2 840 113549 1 9 16 5 */
      195,    /* OBJ_id_smime_cti                 1 2 840 113549 1 9 16 6 */
+    1325,    /* OBJ_id_smime_ori                 1 2 840 113549 1 9 16 13 */
      158,    /* OBJ_x509Certificate              1 2 840 113549 1 9 22 1 */
      159,    /* OBJ_sdsiCertificate              1 2 840 113549 1 9 22 2 */
      160,    /* OBJ_x509Crl                      1 2 840 113549 1 9 23 1 */
@@ -6318,6 +6327,7 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      254,    /* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
      255,    /* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
      256,    /* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
+    1326,    /* OBJ_id_smime_ori_kem             1 2 840 113549 1 9 16 13 3 */
      150,    /* OBJ_keyBag                       1 2 840 113549 1 12 10 1 1 */
      151,    /* OBJ_pkcs8ShroudedKeyBag          1 2 840 113549 1 12 10 1 2 */
      152,    /* OBJ_certBag                      1 2 840 113549 1 12 10 1 3 */
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 36d45cb5e68bc9..47b63545d66220 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -1322,3 +1322,5 @@ id_KemBasedMac		1321
 hkdfWithSHA256		1322
 id_kem_rsa		1323
 id_kdf_kdf2		1324
+id_smime_ori		1325
+id_smime_ori_kem		1326
diff --git a/crypto/objects/obj_xref.h b/crypto/objects/obj_xref.h
index 913606f1754d46..01339d9da088d1 100644
--- a/crypto/objects/obj_xref.h
+++ b/crypto/objects/obj_xref.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by objxref.pl
  *
- * Copyright 1998-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1998-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index fccd47767ee8a3..93d56d16196d59 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -257,6 +257,7 @@ SMIME 3			: id-smime-alg
 SMIME 4			: id-smime-cd
 SMIME 5			: id-smime-spq
 SMIME 6			: id-smime-cti
+SMIME 13		: id-smime-ori
 
 # S/MIME Modules
 id-smime-mod 1		: id-smime-mod-cms
@@ -357,6 +358,8 @@ id-smime-cti 4		: id-smime-cti-ets-proofOfSender
 id-smime-cti 5		: id-smime-cti-ets-proofOfApproval
 id-smime-cti 6		: id-smime-cti-ets-proofOfCreation
 
+id-smime-ori 3		: id-smime-ori-kem
+
 pkcs9 20		:			: friendlyName
 pkcs9 21		:			: localKeyID
 !Alias ms-corp 1 3 6 1 4 1 311
diff --git a/fuzz/oids.txt b/fuzz/oids.txt
index 9e01c6b66f2a1f..125c878ca1985e 100644
--- a/fuzz/oids.txt
+++ b/fuzz/oids.txt
@@ -1,7 +1,7 @@
 # WARNING: do not edit!
 # Generated by fuzz/mkfuzzoids.pl
 #
-# Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the Apache License 2.0 (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -1183,3 +1183,5 @@ OBJ_id_KemBasedMac="\x2A\x86\x48\x86\xF6\x7D\x07\x42\x10"
 OBJ_hkdfWithSHA256="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x1C"
 OBJ_id_kem_rsa="\x28\x81\x8C\x71\x02\x02\x04"
 OBJ_id_kdf_kdf2="\x28\x81\x8C\x71\x02\x05\x02"
+OBJ_id_smime_ori="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x0D"
+OBJ_id_smime_ori_kem="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x0D\x03"
diff --git a/include/crypto/crmferr.h b/include/crypto/crmferr.h
index f1a27e04993b60..89f80eee6b1545 100644
--- a/include/crypto/crmferr.h
+++ b/include/crypto/crmferr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
diff --git a/include/openssl/cms.h.in b/include/openssl/cms.h.in
index 239667700aacd2..a46f00df090d33 100644
--- a/include/openssl/cms.h.in
+++ b/include/openssl/cms.h.in
@@ -68,6 +68,7 @@ CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq)
 # define CMS_RECIPINFO_KEK               2
 # define CMS_RECIPINFO_PASS              3
 # define CMS_RECIPINFO_OTHER             4
+# define CMS_RECIPINFO_OTHER_KEM         5
 
 /* S/MIME related flags */
 
@@ -209,7 +210,7 @@ BIO *CMS_EnvelopedData_decrypt(CMS_EnvelopedData *env, BIO *detached_data,
                                EVP_PKEY *pkey, X509 *cert,
                                ASN1_OCTET_STRING *secret, unsigned int flags,
                                OSSL_LIB_CTX *libctx, const char *propq);
-
+CMS_EnvelopedData *OSSL_CMS_get0_enveloped(CMS_ContentInfo *cms);
 CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
                                            X509 *recip, unsigned int flags);
 CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip,
diff --git a/include/openssl/crmf.h.in b/include/openssl/crmf.h.in
index 34b1d05277715f..0d131fa6a6eeb5 100644
--- a/include/openssl/crmf.h.in
+++ b/include/openssl/crmf.h.in
@@ -27,6 +27,7 @@ use OpenSSL::stackhash qw(generate_stack_macros);
 #  include <openssl/safestack.h>
 #  include <openssl/crmferr.h>
 #  include <openssl/x509v3.h> /* for GENERAL_NAME etc. */
+#  include <openssl/cms.h>
 
 /* explicit #includes not strictly needed since implied by the above: */
 #  include <openssl/types.h>
@@ -151,6 +152,7 @@ int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext);
 int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
                               EVP_PKEY *pkey, const EVP_MD *digest,
                               OSSL_LIB_CTX *libctx, const char *propq);
+int OSSL_CRMF_MSG_certreq_encrcert_popo(const OSSL_CRMF_MSG *req);
 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
                                int rid, int acceptRAVerified,
                                OSSL_LIB_CTX *libctx, const char *propq);
@@ -182,6 +184,8 @@ X509
 *OSSL_CRMF_ENCRYPTEDKEY_get1_encCert(const OSSL_CRMF_ENCRYPTEDKEY *ecert,
                                      OSSL_LIB_CTX *libctx, const char *propq,
                                      EVP_PKEY *pkey, unsigned int flags);
+OSSL_CRMF_ENCRYPTEDKEY
+*OSSL_CRMF_ENCRYPTEDKEY_init_envdata( CMS_EnvelopedData *envdata);
 
 #  ifdef __cplusplus
 }
diff --git a/include/openssl/crmferr.h b/include/openssl/crmferr.h
index 410dec5b609a8d..2b3f7ce0baa666 100644
--- a/include/openssl/crmferr.h
+++ b/include/openssl/crmferr.h
@@ -24,6 +24,7 @@
  * CRMF reason codes.
  */
 #  define CRMF_R_BAD_PBM_ITERATIONCOUNT                    100
+#  define CRMF_R_CMS_NOT_SUPPORTED                         123
 #  define CRMF_R_CRMFERROR                                 102
 #  define CRMF_R_ERROR                                     103
 #  define CRMF_R_ERROR_DECODING_CERTIFICATE                104
diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
index 27ee80f7c53724..bb6e59772e5d06 100644
--- a/include/openssl/obj_mac.h
+++ b/include/openssl/obj_mac.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated by crypto/objects/objects.pl
  *
- * Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
  * in the file LICENSE in the source distribution or at
@@ -791,6 +791,10 @@
 #define NID_id_smime_cti                195
 #define OBJ_id_smime_cti                OBJ_SMIME,6L
 
+#define SN_id_smime_ori         "id-smime-ori"
+#define NID_id_smime_ori                1325
+#define OBJ_id_smime_ori                OBJ_SMIME,13L
+
 #define SN_id_smime_mod_cms             "id-smime-mod-cms"
 #define NID_id_smime_mod_cms            196
 #define OBJ_id_smime_mod_cms            OBJ_id_smime_mod,1L
@@ -1107,6 +1111,10 @@
 #define NID_id_smime_cti_ets_proofOfCreation            256
 #define OBJ_id_smime_cti_ets_proofOfCreation            OBJ_id_smime_cti,6L
 
+#define SN_id_smime_ori_kem             "id-smime-ori-kem"
+#define NID_id_smime_ori_kem            1326
+#define OBJ_id_smime_ori_kem            OBJ_id_smime_ori,3L
+
 #define LN_friendlyName         "friendlyName"
 #define NID_friendlyName                156
 #define OBJ_friendlyName                OBJ_pkcs9,20L
diff --git a/test/recipes/80-test_cmp_http_data/Mock/kem.crt b/test/recipes/80-test_cmp_http_data/Mock/kem.crt
index 3af72d02f46bf1..682e062f138093 100644
--- a/test/recipes/80-test_cmp_http_data/Mock/kem.crt
+++ b/test/recipes/80-test_cmp_http_data/Mock/kem.crt
@@ -1,48 +1,22 @@
 -----BEGIN CERTIFICATE-----
-MIIIbTCCB1WgAwIBAgIUenD0adt4paVWXXt99SFndc81IlgwDQYJKoZIhvcNAQEL
+MIIDkjCCAnqgAwIBAgIUCIoReKKPB6Yh4B0HEeykhscAQ68wDQYJKoZIhvcNAQEL
 BQAwWjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoT
 GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAxMKc3ViaW50ZXJDQTAe
-Fw0yNDAxMTAxMjIwMjBaFw0yNDAyMDkxMjIwMjBaMBMxETAPBgNVBAMMCEtFTV9D
-RVJUMIIGNDANBgsrBgEEAYGwGgUGAwOCBiEAgnCeD2wSfUcRVHJyW3a7EkiGw3dj
-IRhld6QbJOE02BYn5zyqIBWsKgYo4vVIafwA45lujTjCTQFSkLy7z3panly5u4qw
-J6zINNOb5/PEuDtk07l/65OAAYW8erGwPrazaGxnwCEVIRCK5WW7tFUSoTMQ9Zef
-fcNnVTVl1RIMSXvB9eIVv8J2eMN7VNrKnPcliUAALrC6lVeWMGOa1Bghs3VB1NXM
-+iGKHFlqeoZ153CLNvSuqyaIGYRNv2p9q4bKKuGL97u6DbtBdFFKpCTGiqKTahcB
-aRFjGBAb61S3Riun7ssgqSEv/zKGEFbOuBBaxQnGqWTBWJt9OoYg06xgSqWmE7in
-JmZLdaGxCLg26rdnCCwz5lB25aCD0WBxHFIX+7d4/BXN9wmdW9aaBBpZHjnBDAcu
-+AwN5suYpMScVtldFTlHLqoRzlIWEjVVAePIHBwBkQM2COYn4BSdIksLa/gtWqI8
-IjhCDxOJ/eVwPBim7Qcpnjeerjd19+arcYFuE/tresctWrVob5XFDqCFPesmTMpF
-fWxpZ+CU3pqSf1ZsnmVxyKuCvbAohSxCDWCgpGygP8RQ7ySpAfRAYpUsGquS4zVK
-CJKicqWjZKCOqGNCp6Ut2gKbx6w60vKsqIJL0QGklUzJxkM1cJx7kiCuXoOqlrrO
-kbqAtDdVJco40eXFf1U3Dho1MrzNvTeDVLkc8mBRUMw6wXbHIqyvuAzKlrRZhPO5
-jfOrqyTI/HqzPjYbl6h11ytu28hda9wRRbLEFBgmqawWUFUXGQZCQBsX11KTpKG1
-V1Jj30YCmSJmSBZKaqK8bUVFHEkoBEuaXxCpxqJocxEtSXGuhPUJl7Y4B+NVtoN9
-UFKZQqgqQIEgYvALjGKHyKFw5ty4C1eF0/dm6Tg47Og2lpEz3IyRrNswWEWAyveh
-4PXO24AIxjiJdGWjz+CZsHDOEdoouDINc3QKxvBxHQozvmQwlmC20JnIZ3OXBDIk
-i3DNg+lJ/OZ6QYs4buhzHBiqRqgMSMKuJ5K1qfKN21m+RuOGAJY8LKWPpJYK9Ve8
-jToszoi3k8WpRqRHhKcTOdKcdGVXnBxcFeCfrQHQpdmG8Dme8yGpFfErV9e3mjEV
-CTgx1buQLSS0bfQZeMOnGrkUkcWAl1YdO1k0NZWre5t/vzCoyrKK4fYdiEVWbGuJ
-a+yEYowCC5Eiz1EhKayzMhND0roHqyeAFtIf07wezcoqYRLOPWYArlDHDFmYgCw+
-LdVvgSKZ8GpvVlVYmzh8V0Yj/0CSzlex+EMGqmKNOVd+uUF5KFvBSDZgcSZzrVgN
-SKlmskNrVTlR5jRJ9IcqpUIYaDq6AgR5GGOTLqFfIHbFMxglTfBXTptzunNqTUsQ
-8BqDuhCHgqmgH5uPPUHLRBtNaHUh7Gkk/1QrHeEL/TUucOx1U8l/aYEr3FhYkKZU
-exYSXrrLItOylKyxW6BOESeSUaq3ofp6KcuBS2oCdJVqoYGlZyCbssqYWiqKshWS
-B6Ua15FgPchlJ8iyNxqK9hlASBkMsKvDntPCpmuFK/R0QycNlMR/m2dnIHdESQiu
-N5mJQhoL/kusDcGGtVuV56axRbXEw6ACoShY/lBReIJzurO1sUqLAoO3bWrGOvqJ
-hnQGsgBSUZs0jqA73NHJzrd9bvlI3TOYdEgzdqZVabnKPzR8qTuxDglnFBiQiJmO
-4jefp+fB3XALNJh379OTH0Wngppt15SxOAEk+guTPDEy4pNUxFW9IrzFWiKZmVdb
-+tQdVXBb4lSGxugP3fUyKjEaEnCy6tbHCopcPsi126RK4QnKmqlwaSHHyvyYTQgD
-/2pnf2IpPJFB3IS0Bcm5TQE3PfcLSkPOopF17DrGoWmW/SiTT2dJbOky7pgHA9xX
-VEF2NCtMWMgJ4PmC8ci58hFJyLmmNZBSy9LC/NSs9JYHAYJ0HmGpUoSBV8E7OHB3
-ZACsxwMkwzYxfjtmpiyvUSlAgdjOXGcamLhsMaxbk4MDC0xSZzRLQ3i6emOPt6NY
-7JMq6jhb6Uu/k2COZleIUsQ6G0rBQSeJECVW3vdWHxK6zsDsbCzn8yj5gwOPEHNv
-aIB6gLtYUaoe7bGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgUgMB0G
-A1UdDgQWBBTIXhEhWdEMkDP+XTfpHgk5OT4PEzAfBgNVHSMEGDAWgBTpZ30QdMGa
-rrhMPwk+HHAV3R8aTzANBgkqhkiG9w0BAQsFAAOCAQEAwOJPi4A9GoKmo3oOSRkQ
-clW+16bFPPpmyi5cmdxDgG1fJPRAj25dk7qGIY2dMIZIOJBNuQz4D/VboIx53dqG
-b6jJ2G1fsXbOqrcsn5AngHJOr4zHuEO1q3737MQ8wIBRX15cPyLPBiAFEqmR902N
-STvD/XbAJmuIqRAOZKa1iyS6CLu9/Z768YaaM/hS6mS3/9r8upefO4rUbFt+3na9
-D+NSHpAvgmA6DOQWdPiDChdqW2UPBeoif7jqbBUKwR55HiCWcSxhRsXACY7FlHBk
-6VFF+DO+pfjxONgC5q1eu0ELzfWBNdzuW/csRY9nOyCMnqm+U4Ait4Zrw0WcE1Ps
-Cg==
+Fw0yMzA3MTMxNDM5NDVaFw0zMzA3MTAxNDM5NDVaMFgxCzAJBgNVBAYTAkFVMRMw
+EQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0
+eSBMdGQxETAPBgNVBAMMCGxlYWYtS0VNMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAw9GYW2QMjkZ3UJOJL3y65cQoXD9/1J5BEPGjuJKBETnxK8xnRMta
+FQiDAg5qwxvRilPk38hYmvbVbvGmrGwWpwC4y9eHeF0GL39wGzWW4oY7kqi+D9jv
+y5knBpvB6dn0DQjAm01uigU26YtCAZ7Va8+/Ankwp41+sVKzwgKBn19oBMHU1YNd
+UCFEPR5d2yM72MEeHGhjTZybBm4+ueCNSNzyC/jZMpy3oHXlmlJE2mvEsOQZA4n6
+xIUe+RwokfAXlwYFl19pbdj5G42IhLzr9ZSu6uvjm5RvCxoPdmtQZ6FxaBUNfRMG
+jqEOkYuwCJ2718yaURgbRqfmlKNdECyy4QIDAQABo1IwUDAOBgNVHQ8BAf8EBAMC
+BSAwHQYDVR0OBBYEFEQ91872uHULE2j0VfkvlMW56822MB8GA1UdIwQYMBaAFOln
+fRB0wZquuEw/CT4ccBXdHxpPMA0GCSqGSIb3DQEBCwUAA4IBAQBZIyZsem85ca5U
+Fzz88Bvvl2oKsIW8ixlhXkc4fA4pzcuXmgt0l31dO6NTEkxfDWfIinENB7kEmNmE
+XD6Cll/uvtKICViAZMdrYZZZYkToyrN6Jkrf+svdjfk4Bjr1ufixYSzj6NIb1KIa
+9vgyG0LGLEzDbUH3XCnmgYHc/c/6nt6ZoN/iVROmgcTafOv3S9/2ertAFPEpdRxX
+Axj3V2qgguBJCyhJ7VuaBhJhpWgHUjtzH61etyLoCMVKTaR9L8ocS217LeGCHKto
+d3tuL7nQctvpTqG7jvvujUlPs2uKY0Fzsqw66ez51mWVyop9rkvudkZIZ0ftMYli
+DcOpACyZ
 -----END CERTIFICATE-----
diff --git a/test/recipes/80-test_cmp_http_data/Mock/kem.key b/test/recipes/80-test_cmp_http_data/Mock/kem.key
index 1977ebf10b5520..deb103ad68826a 100644
--- a/test/recipes/80-test_cmp_http_data/Mock/kem.key
+++ b/test/recipes/80-test_cmp_http_data/Mock/kem.key
@@ -1,102 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIISmgIBADANBgsrBgEEAYGwGgUGAwSCEoQEghKAKPxbIfWzBZUJDKBIVLpE9cax
-8qFDRMlyeNeZyohP4sdaM4k4uOtWxkeTqGGobsVeLMMtiuCeRvRIL0zOKWCKyeKD
-5mPA8JDPbmM8EjpX98uv30Cq6hwRuOxQPJxMnNWMveY2B6WiFEiSvaVDMBHA2/Fa
-BokxdLOB0wqLnJpEuHxPRQKOWRaPmIy0p9q9P6sXUdW+rwE6Qwp8F6pNWmRW++gq
-DixKc6ZtSKEijDVRWfgqZJixo5yL10SS2lNrRyFi3IsARpJriznNhejDcrYAufEg
-8gWwMEAn49sRLrwU3JBGk4tfE0F5OcE+nvrAy3a+fjOkSytnmPeL1/RzrMZ5QmOL
-rtIOLtugTJYJGxlArKAEtKiZyrOUa2Y0ltpyINap9RhZ4wg/k8CqBUlIetddZ5BN
-fzDB9gEHETl3HHmVychszoovpOqi0xkifeK1z+sDgBPNsFZF2AGMqLzJ1ntWRKGa
-9tAlrfWJL6AvXvAb7KKCqOZeXYJFLThQVNxD3+Z01KbA4GFKteOiMUKHmYS89QNW
-/NskyiYMJduP/3SlwQS5Hix2PsCyZwR2dVIXdfGZX1EJ9IJFBik/LSRSdLlD2WUJ
-zoRqSUUI0mYG3nd8fKq5iLkCYBCWhdQOODzNkQupKsV94vg++SOee+cfrXvNuoxN
-blUsVsYgWSyegJAFkYsBfVyz83pkphpLzmJiQyoogkYVu9SI8hA2fBU+QbNRCiOe
-aKVRzftFN4pEbFmVnNNkA8SyUzBqUmwYAGgl5cY4YHAkorpdMteRkRWjxGGxAHY7
-BOy658ixCNJtFPAG+7ptD0m/FrTEI+tx+fQnp+liS8lbcxBqIVI4vEe4H6msmqF7
-U9kfzbBkBUuF+NG7yLkJ/QKkmuQfAM1og/UNtJtLj4moKmeNzRnE/EaaSdxIBCxT
-xpIATAcRXtCPPxV2z3kMLqZAiwEMSwo9r9lqxGLIWNso22tSf7gcObd2LKrOoflX
-zdrPqXymWZqEHnCf1BlKzBlT1JMDZtaw1XUlMmQDsHNZFGC1wuRS7juWjOYkm5hn
-3KNFw6cCVznCsrWxosjF2SAAdkoGJsG423tmRCvLggl5xyGqCbR63BkiXedDI7y5
-FDhLK7Z3zGm87oAsPxGVlAqt+XpCHLBQ9hKCAWHFaNQ13dIv72CIxEYg72eCDHGp
-FpJJIfKwBAabnrpu9mWMrrpoiSE2vUZ3fQSBxzhm+XmsGaB0nRELh+XCoRsEfdYb
-Y3WQZrolXIIfIKsR9tnCn6VGrQjLgkyB7bCAuhSVkPzPA2S5oVqAszxigeawHJaG
-9SUnvLtffvie10A5sRISz0R5U6qui1kSyNJ5VQy9i5ZhCWUuyDbAz7MyvPITgTzK
-PmIcLbxPAdgkb5aMovi377EKFTVhflw8dFQ2AlWPrWyBZIc66YNPs6Krd8Fozpab
-AEFjCDg66WwDquIkcNVIOFJOXJszotkSEDoBUIGobsEYdilNKyMeIPU4ZFu/oDbE
-gNSVorahT1WwdIt2BbgpJfhFOsF4k0WH8ONCThizPTOH5hiyHfdbhJBZmtFVNLM4
-YfzHxXU/blm6A8KBPjQo3VgyqhsLgXdQjlvJOTeA2kw8MWIatyFdW1PJsuVM79sH
-NRHFTlu1K8M/FrnNLPMyqobPzleqK+N1ujaJFzeyimh3WPl23qkIXjZ9HbO38dFD
-l6J4xSdZ9iMwbPZjZ4DO62c0IQZkqQwqB9OLRoBxh9h/p2QHaAE9EhLF+3YYXkYy
-GXaE7atMBkQSahNnGkgMQolkLAGPcxIwyDKx+3vBpYLFbpB7MRC7qRddJ4mMziuk
-kHvNoVIvReBGVbCh2ByLLiM1O/lU8ZNeKwEMwlF9BBLDjnafhFXD3Bm2xStu9Xqf
-i+YLlVpYxuwqNNlvOLKAx7o8GFubTqlFqaNrj6S+GgwKgjs256JlUmIF7mAn9pKY
-t4xDp9qrOkUp4vqCnpUZgowg0HE2JqJn3hzLPoRBP7M8XzwjJGl2+TJUKAEl90m2
-DLqRwwEDG4EB5AuKhHSe1Qcqned6FQSGIxmh9GeXgnCeD2wSfUcRVHJyW3a7EkiG
-w3djIRhld6QbJOE02BYn5zyqIBWsKgYo4vVIafwA45lujTjCTQFSkLy7z3panly5
-u4qwJ6zINNOb5/PEuDtk07l/65OAAYW8erGwPrazaGxnwCEVIRCK5WW7tFUSoTMQ
-9ZeffcNnVTVl1RIMSXvB9eIVv8J2eMN7VNrKnPcliUAALrC6lVeWMGOa1Bghs3VB
-1NXM+iGKHFlqeoZ153CLNvSuqyaIGYRNv2p9q4bKKuGL97u6DbtBdFFKpCTGiqKT
-ahcBaRFjGBAb61S3Riun7ssgqSEv/zKGEFbOuBBaxQnGqWTBWJt9OoYg06xgSqWm
-E7inJmZLdaGxCLg26rdnCCwz5lB25aCD0WBxHFIX+7d4/BXN9wmdW9aaBBpZHjnB
-DAcu+AwN5suYpMScVtldFTlHLqoRzlIWEjVVAePIHBwBkQM2COYn4BSdIksLa/gt
-WqI8IjhCDxOJ/eVwPBim7Qcpnjeerjd19+arcYFuE/tresctWrVob5XFDqCFPesm
-TMpFfWxpZ+CU3pqSf1ZsnmVxyKuCvbAohSxCDWCgpGygP8RQ7ySpAfRAYpUsGquS
-4zVKCJKicqWjZKCOqGNCp6Ut2gKbx6w60vKsqIJL0QGklUzJxkM1cJx7kiCuXoOq
-lrrOkbqAtDdVJco40eXFf1U3Dho1MrzNvTeDVLkc8mBRUMw6wXbHIqyvuAzKlrRZ
-hPO5jfOrqyTI/HqzPjYbl6h11ytu28hda9wRRbLEFBgmqawWUFUXGQZCQBsX11KT
-pKG1V1Jj30YCmSJmSBZKaqK8bUVFHEkoBEuaXxCpxqJocxEtSXGuhPUJl7Y4B+NV
-toN9UFKZQqgqQIEgYvALjGKHyKFw5ty4C1eF0/dm6Tg47Og2lpEz3IyRrNswWEWA
-yveh4PXO24AIxjiJdGWjz+CZsHDOEdoouDINc3QKxvBxHQozvmQwlmC20JnIZ3OX
-BDIki3DNg+lJ/OZ6QYs4buhzHBiqRqgMSMKuJ5K1qfKN21m+RuOGAJY8LKWPpJYK
-9Ve8jToszoi3k8WpRqRHhKcTOdKcdGVXnBxcFeCfrQHQpdmG8Dme8yGpFfErV9e3
-mjEVCTgx1buQLSS0bfQZeMOnGrkUkcWAl1YdO1k0NZWre5t/vzCoyrKK4fYdiEVW
-bGuJa+yEYowCC5Eiz1EhKayzMhND0roHqyeAFtIf07wezcoqYRLOPWYArlDHDFmY
-gCw+LdVvgSKZ8GpvVlVYmzh8V0Yj/0CSzlex+EMGqmKNOVd+uUF5KFvBSDZgcSZz
-rVgNSKlmskNrVTlR5jRJ9IcqpUIYaDq6AgR5GGOTLqFfIHbFMxglTfBXTptzunNq
-TUsQ8BqDuhCHgqmgH5uPPUHLRBtNaHUh7Gkk/1QrHeEL/TUucOx1U8l/aYEr3FhY
-kKZUexYSXrrLItOylKyxW6BOESeSUaq3ofp6KcuBS2oCdJVqoYGlZyCbssqYWiqK
-shWSB6Ua15FgPchlJ8iyNxqK9hlASBkMsKvDntPCpmuFK/R0QycNlMR/m2dnIHdE
-SQiuN5mJQhoL/kusDcGGtVuV56axRbXEw6ACoShY/lBReIJzurO1sUqLAoO3bWrG
-OvqJhnQGsgBSUZs0jqA73NHJzrd9bvlI3TOYdEgzdqZVabnKPzR8qTuxDglnFBiQ
-iJmO4jefp+fB3XALNJh379OTH0Wngppt15SxOAEk+guTPDEy4pNUxFW9IrzFWiKZ
-mVdb+tQdVXBb4lSGxugP3fUyKjEaEnCy6tbHCopcPsi126RK4QnKmqlwaSHHyvyY
-TQgD/2pnf2IpPJFB3IS0Bcm5TQE3PfcLSkPOopF17DrGoWmW/SiTT2dJbOky7pgH
-A9xXVEF2NCtMWMgJ4PmC8ci58hFJyLmmNZBSy9LC/NSs9JYHAYJ0HmGpUoSBV8E7
-OHB3ZACsxwMkwzYxfjtmpiyvUSlAgdjOXGcamLhsMaxbk4MDC0xSZzRLQ3i6emOP
-t6NY7JMq6jhb6Uu/k2COZleIUsQ6G0rBQSeJECVW3vdWHxK6zsDsbCzn8yj5gwOP
-EHNvaIB6gLtYUaoe7bEdH/Mi3ixboZPkdqNBb8PmY2dQkaypdNCOLWGUE2AWAOQJ
-dhdBHk3xbolBhviBIdMUhH6svdfNP4+YD7Hz+MsggnCeD2wSfUcRVHJyW3a7EkiG
-w3djIRhld6QbJOE02BYn5zyqIBWsKgYo4vVIafwA45lujTjCTQFSkLy7z3panly5
-u4qwJ6zINNOb5/PEuDtk07l/65OAAYW8erGwPrazaGxnwCEVIRCK5WW7tFUSoTMQ
-9ZeffcNnVTVl1RIMSXvB9eIVv8J2eMN7VNrKnPcliUAALrC6lVeWMGOa1Bghs3VB
-1NXM+iGKHFlqeoZ153CLNvSuqyaIGYRNv2p9q4bKKuGL97u6DbtBdFFKpCTGiqKT
-ahcBaRFjGBAb61S3Riun7ssgqSEv/zKGEFbOuBBaxQnGqWTBWJt9OoYg06xgSqWm
-E7inJmZLdaGxCLg26rdnCCwz5lB25aCD0WBxHFIX+7d4/BXN9wmdW9aaBBpZHjnB
-DAcu+AwN5suYpMScVtldFTlHLqoRzlIWEjVVAePIHBwBkQM2COYn4BSdIksLa/gt
-WqI8IjhCDxOJ/eVwPBim7Qcpnjeerjd19+arcYFuE/tresctWrVob5XFDqCFPesm
-TMpFfWxpZ+CU3pqSf1ZsnmVxyKuCvbAohSxCDWCgpGygP8RQ7ySpAfRAYpUsGquS
-4zVKCJKicqWjZKCOqGNCp6Ut2gKbx6w60vKsqIJL0QGklUzJxkM1cJx7kiCuXoOq
-lrrOkbqAtDdVJco40eXFf1U3Dho1MrzNvTeDVLkc8mBRUMw6wXbHIqyvuAzKlrRZ
-hPO5jfOrqyTI/HqzPjYbl6h11ytu28hda9wRRbLEFBgmqawWUFUXGQZCQBsX11KT
-pKG1V1Jj30YCmSJmSBZKaqK8bUVFHEkoBEuaXxCpxqJocxEtSXGuhPUJl7Y4B+NV
-toN9UFKZQqgqQIEgYvALjGKHyKFw5ty4C1eF0/dm6Tg47Og2lpEz3IyRrNswWEWA
-yveh4PXO24AIxjiJdGWjz+CZsHDOEdoouDINc3QKxvBxHQozvmQwlmC20JnIZ3OX
-BDIki3DNg+lJ/OZ6QYs4buhzHBiqRqgMSMKuJ5K1qfKN21m+RuOGAJY8LKWPpJYK
-9Ve8jToszoi3k8WpRqRHhKcTOdKcdGVXnBxcFeCfrQHQpdmG8Dme8yGpFfErV9e3
-mjEVCTgx1buQLSS0bfQZeMOnGrkUkcWAl1YdO1k0NZWre5t/vzCoyrKK4fYdiEVW
-bGuJa+yEYowCC5Eiz1EhKayzMhND0roHqyeAFtIf07wezcoqYRLOPWYArlDHDFmY
-gCw+LdVvgSKZ8GpvVlVYmzh8V0Yj/0CSzlex+EMGqmKNOVd+uUF5KFvBSDZgcSZz
-rVgNSKlmskNrVTlR5jRJ9IcqpUIYaDq6AgR5GGOTLqFfIHbFMxglTfBXTptzunNq
-TUsQ8BqDuhCHgqmgH5uPPUHLRBtNaHUh7Gkk/1QrHeEL/TUucOx1U8l/aYEr3FhY
-kKZUexYSXrrLItOylKyxW6BOESeSUaq3ofp6KcuBS2oCdJVqoYGlZyCbssqYWiqK
-shWSB6Ua15FgPchlJ8iyNxqK9hlASBkMsKvDntPCpmuFK/R0QycNlMR/m2dnIHdE
-SQiuN5mJQhoL/kusDcGGtVuV56axRbXEw6ACoShY/lBReIJzurO1sUqLAoO3bWrG
-OvqJhnQGsgBSUZs0jqA73NHJzrd9bvlI3TOYdEgzdqZVabnKPzR8qTuxDglnFBiQ
-iJmO4jefp+fB3XALNJh379OTH0Wngppt15SxOAEk+guTPDEy4pNUxFW9IrzFWiKZ
-mVdb+tQdVXBb4lSGxugP3fUyKjEaEnCy6tbHCopcPsi126RK4QnKmqlwaSHHyvyY
-TQgD/2pnf2IpPJFB3IS0Bcm5TQE3PfcLSkPOopF17DrGoWmW/SiTT2dJbOky7pgH
-A9xXVEF2NCtMWMgJ4PmC8ci58hFJyLmmNZBSy9LC/NSs9JYHAYJ0HmGpUoSBV8E7
-OHB3ZACsxwMkwzYxfjtmpiyvUSlAgdjOXGcamLhsMaxbk4MDC0xSZzRLQ3i6emOP
-t6NY7JMq6jhb6Uu/k2COZleIUsQ6G0rBQSeJECVW3vdWHxK6zsDsbCzn8yj5gwOP
-EHNvaIB6gLtYUaoe7bE=
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDD0ZhbZAyORndQ
+k4kvfLrlxChcP3/UnkEQ8aO4koEROfErzGdEy1oVCIMCDmrDG9GKU+TfyFia9tVu
+8aasbBanALjL14d4XQYvf3AbNZbihjuSqL4P2O/LmScGm8Hp2fQNCMCbTW6KBTbp
+i0IBntVrz78CeTCnjX6xUrPCAoGfX2gEwdTVg11QIUQ9Hl3bIzvYwR4caGNNnJsG
+bj654I1I3PIL+NkynLegdeWaUkTaa8Sw5BkDifrEhR75HCiR8BeXBgWXX2lt2Pkb
+jYiEvOv1lK7q6+OblG8LGg92a1BnoXFoFQ19EwaOoQ6Ri7AInbvXzJpRGBtGp+aU
+o10QLLLhAgMBAAECggEAJQLhnCx93wpclOM947bckH8R7dWmsKY0wCIcAs/WC057
+Uf7xaeRRo3YXZPUaosQIR+/xa4avkKKk1rJgAWjwoyIUy5pyJYLXn3Sj2NC5MxmR
++vdf7Rjgwgexg6M+9JdYdHo6BWCOSxIPPfcvQ6Uky5rZjHshghnRX2y1Qy88FsYZ
+5TUMa7qQjbtzZPM7dePCvHy0Euw3ggjyzwN4n/TUm9U9AlEUfNWvjP56RjLHrUBc
+kiBbdMgvipu5/MMq5V63WpWxUrCOFnyofOsfuZ632CVfxy4d6fiBX0KrD0I96A1Z
+GrelDpuyq7/GL6khiO3IBkOUJgsZO/lgTCq/gd4iEQKBgQDqlv82MGDWaX2tSszW
+l/tvTR1y1aV9IcqLi32r9cuLIVNA7aJoWQLAtt5KRiE7pT6BZ4OEGbhAS+t+jXON
+UTqc8ixa9/TRhEA4aVrhevLfOIJfaT2TNCivuuAHXKmXPM8IqArfnZyat7p8Xfp6
+vNxYxWIga8CZ0ogLB+RUmqhx7QKBgQDVsL4Z8q1XF6kgL8oRyiA+IA81Jw1qL4f5
+Hpg1nJlY29ajQqBz6RPJmMN/X5Pt5/xD9WOGZwFxATkUXzwSQw1hfHdggOonVuNc
+SONCBinUtq5TdpB4H7LFqbaVgSrU1YZPiQekTyv+hfsYN4IOLCDuQxgxZ4moiHf5
+sQP7+/Y2RQKBgGyWeIwc2LZnHkWY2jh7IWfjyj3dpzzE53ywlPuESzObuW3Ukdi7
+WwrZmwvGapuxYb2ErNv5C9C3U8rArzw63WbIsr9pB2n0TcXO/sJgpwusnKyNinMZ
+MbwmRI0j11yqSSs4nc/kpRj48tmeptMpmNV+iG15cy3AxjhU7tw6ur4BAoGBAIU8
++Zs2PCyEnThrc8QZ0nbKCJFssymVT2PeVqt+5AKKuE79eQwstODLNoJR9uus7Rb2
+h0LDMRvj1lJEezEry8kQEWMDnnw+6e6dp82ACE8QRKvXzoaHxTEH+8dGTY19QYyP
+9UrW7qh5o7Fa0uXBUBsfjJMpaqTByoTOgZx5YvA9AoGAUsqA4GdiBt+HCJv+uwP3
+21XcxdhwmT9PYMh7MdONpe9kEZUu1o/MVuCSascsF5qIewIlynqnACoS/E3yILxy
+/Q4IyxJpvaocvO94xvHYa1T//FQG+JO7gOjLyF5c8IK7V3O+luxRy1I99Y87ePlq
+aPBrRRPu2ZIxrPmdPmdNp1s=
 -----END PRIVATE KEY-----
diff --git a/test/recipes/80-test_cmp_http_data/Mock/test.cnf b/test/recipes/80-test_cmp_http_data/Mock/test.cnf
index 35060297970706..2e5957b6f33042 100644
--- a/test/recipes/80-test_cmp_http_data/Mock/test.cnf
+++ b/test/recipes/80-test_cmp_http_data/Mock/test.cnf
@@ -119,8 +119,8 @@ policyIdentifier = 1.2.3.4
 [reqexts]
 basicConstraints = CA:FALSE
 #basicConstraints = critical, CA:TRUE
-keyUsage = critical, digitalSignature # keyAgreement, keyEncipherment, nonRepudiation
-extendedKeyUsage = critical, clientAuth # serverAuth, codeSigning
+keyUsage = critical, keyEncipherment  # digitalSignature keyAgreement, keyEncipherment, nonRepudiation
+#extendedKeyUsage = critical, clientAuth serverAuth, codeSigning
 #crlDistributionPoints = URI:http:
 #authorityInfoAccess = URI:http:
 subjectAltName = @alt_names
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 3ef2f18ac1cd2a..79317edb49ebb8 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5546,3 +5546,92 @@ OSSL_CMP_get_ssk                        ?	3_3_0	EXIST::FUNCTION:CMP
 OSSL_CMP_SRV_kem_get_ss                 ?	3_3_0	EXIST::FUNCTION:CMP
 EVP_DigestSqueeze                       ?	3_3_0	EXIST::FUNCTION:
 ERR_pop                                 ?	3_3_0	EXIST::FUNCTION:
+d2i_OSSL_CRMF_ENCRYPTEDKEY              ?	3_3_0	EXIST::FUNCTION:CRMF
+i2d_OSSL_CRMF_ENCRYPTEDKEY              ?	3_3_0	EXIST::FUNCTION:CRMF
+OSSL_CRMF_ENCRYPTEDKEY_free             ?	3_3_0	EXIST::FUNCTION:CRMF
+OSSL_CRMF_ENCRYPTEDKEY_new              ?	3_3_0	EXIST::FUNCTION:CRMF
+OSSL_CRMF_ENCRYPTEDKEY_it               ?	3_3_0	EXIST::FUNCTION:CRMF
+OSSL_CRMF_ENCRYPTEDKEY_get1_encCert     ?	3_3_0	EXIST::FUNCTION:CRMF
+d2i_X509_ACERT                          ?	3_3_0	EXIST::FUNCTION:
+i2d_X509_ACERT                          ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_free                         ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_new                          ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_it                           ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_dup                          ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_INFO_it                      ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_INFO_free                    ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_INFO_new                     ?	3_3_0	EXIST::FUNCTION:
+OSSL_OBJECT_DIGEST_INFO_free            ?	3_3_0	EXIST::FUNCTION:
+OSSL_OBJECT_DIGEST_INFO_new             ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_free                 ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_new                  ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_ISSUER_V2FORM_free           ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_ISSUER_V2FORM_new            ?	3_3_0	EXIST::FUNCTION:
+d2i_X509_ACERT_fp                       ?	3_3_0	EXIST::FUNCTION:STDIO
+i2d_X509_ACERT_fp                       ?	3_3_0	EXIST::FUNCTION:STDIO
+PEM_read_X509_ACERT                     ?	3_3_0	EXIST::FUNCTION:STDIO
+PEM_write_X509_ACERT                    ?	3_3_0	EXIST::FUNCTION:STDIO
+PEM_read_bio_X509_ACERT                 ?	3_3_0	EXIST::FUNCTION:
+PEM_write_bio_X509_ACERT                ?	3_3_0	EXIST::FUNCTION:
+d2i_X509_ACERT_bio                      ?	3_3_0	EXIST::FUNCTION:
+i2d_X509_ACERT_bio                      ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_sign                         ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_sign_ctx                     ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_verify                       ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_holder_entityName       ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_holder_baseCertId       ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_holder_digest           ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_issuerName              ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get_version                  ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_signature               ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get_signature_nid            ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_info_sigalg             ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_serialNumber            ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_notBefore               ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_notAfter                ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_issuerUID               ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_print                        ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_print_ex                     ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get_attr_count               ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get_attr_by_NID              ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get_attr_by_OBJ              ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get_attr                     ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_delete_attr                  ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get_ext_d2i                  ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_add1_ext_i2d                 ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_get0_extensions              ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set_version                  ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set0_holder_entityName       ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set0_holder_baseCertId       ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set0_holder_digest           ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_add1_attr                    ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_add1_attr_by_OBJ             ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_add1_attr_by_NID             ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_add1_attr_by_txt             ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_add_attr_nconf               ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set1_issuerName              ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set1_serialNumber            ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set1_notBefore               ?	3_3_0	EXIST::FUNCTION:
+X509_ACERT_set1_notAfter                ?	3_3_0	EXIST::FUNCTION:
+OSSL_OBJECT_DIGEST_INFO_get0_digest     ?	3_3_0	EXIST::FUNCTION:
+OSSL_OBJECT_DIGEST_INFO_set1_digest     ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_get0_issuer          ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_get0_serial          ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_get0_issuerUID       ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_set1_issuer          ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_set1_serial          ?	3_3_0	EXIST::FUNCTION:
+OSSL_ISSUER_SERIAL_set1_issuerUID       ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_VALUE_it          ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_VALUE_free        ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_VALUE_new         ?	3_3_0	EXIST::FUNCTION:
+d2i_OSSL_IETF_ATTR_SYNTAX               ?	3_3_0	EXIST::FUNCTION:
+i2d_OSSL_IETF_ATTR_SYNTAX               ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_free              ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_new               ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_it                ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_get0_policyAuthority ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_set0_policyAuthority ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_get_value_num     ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_get0_value        ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_add1_value        ?	3_3_0	EXIST::FUNCTION:
+OSSL_IETF_ATTR_SYNTAX_print             ?	3_3_0	EXIST::FUNCTION: