diff --git a/src/security/builtin_plugins/authentication/src/auth_utils.c b/src/security/builtin_plugins/authentication/src/auth_utils.c
index 6acbf9bbc1..388f58fff6 100644
--- a/src/security/builtin_plugins/authentication/src/auth_utils.c
+++ b/src/security/builtin_plugins/authentication/src/auth_utils.c
@@ -74,7 +74,7 @@ char *get_certificate_subject_name(X509 *cert, DDS_Security_SecurityException *e
 dds_time_t get_certificate_expiry(const X509 *cert)
 {
   assert(cert);
-  ASN1_TIME *asn1 = X509_get_notAfter(cert);
+  const ASN1_TIME *asn1 = X509_get0_notAfter(cert);
   if (asn1 != NULL)
   {
     int days, seconds;
@@ -123,6 +123,75 @@ DDS_Security_ValidationResult_t get_subject_name_DER_encoded(const X509 *cert, u
   return DDS_SECURITY_VALIDATION_OK;
 }
 
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+
+static DDS_Security_ValidationResult_t check_key(EVP_PKEY *key, const char *key_type, bool isPrivate, DDS_Security_SecurityException *ex)
+{
+    DDSRT_UNUSED_ARG(key_type);
+
+    if (EVP_PKEY_id(key) == EVP_PKEY_RSA)
+    {
+        if (isPrivate)
+        {
+            RSA *rsaKey = EVP_PKEY_get1_RSA(key);
+            const bool fail = (rsaKey && RSA_check_key(rsaKey) != 1);
+            RSA_free(rsaKey);
+            if (fail)
+            {
+                DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "RSA key not correct : ");
+                return DDS_SECURITY_VALIDATION_FAILED;
+            }
+        }
+    }
+    else
+    {
+        assert(EVP_PKEY_id(key) == EVP_PKEY_EC);
+        EC_KEY *ecKey = EVP_PKEY_get1_EC_KEY(key);
+        const bool fail = (ecKey && EC_KEY_check_key(ecKey) != 1);
+        EC_KEY_free(ecKey);
+        if (fail)
+        {
+            DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EC key not correct : ");
+            return DDS_SECURITY_VALIDATION_FAILED;
+        }
+    }
+    return DDS_SECURITY_VALIDATION_OK;
+}
+
+#else
+
+static DDS_Security_ValidationResult_t check_key(EVP_PKEY *key, const char *key_type, int isPrivate, DDS_Security_SecurityException *ex)
+{
+    DDS_Security_ValidationResult_t result = DDS_SECURITY_VALIDATION_OK;
+    EVP_PKEY_CTX *ctx = NULL;
+
+    if ((ctx = EVP_PKEY_CTX_new_from_pkey(NULL, key, NULL)) == NULL)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_CTX_new_from_pkey(%s) failed : ", key_type);
+        return DDS_SECURITY_VALIDATION_FAILED;
+    }
+    if (isPrivate)
+    {
+        if (EVP_PKEY_private_check(ctx) != 1)
+        {
+            DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "%s key not correct : ", key_type);
+            result = DDS_SECURITY_VALIDATION_FAILED  ;
+        }
+    }
+    else
+    {
+        if (EVP_PKEY_public_check(ctx) != 1)
+        {
+            DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "%s key not correct : ", key_type);
+            result = DDS_SECURITY_VALIDATION_FAILED  ;
+        }
+    }
+    EVP_PKEY_CTX_free(ctx);
+    return result;
+}
+
+#endif
+
 static DDS_Security_ValidationResult_t check_key_type_and_size(EVP_PKEY *key, int isPrivate, DDS_Security_SecurityException *ex)
 {
   const char *sub = isPrivate ? "private key" : "certificate";
@@ -135,18 +204,7 @@ static DDS_Security_ValidationResult_t check_key_type_and_size(EVP_PKEY *key, in
       DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "RSA %s has unsupported key size (%d)", sub, EVP_PKEY_bits(key));
       return DDS_SECURITY_VALIDATION_FAILED;
     }
-    if (isPrivate)
-    {
-      RSA *rsaKey = EVP_PKEY_get1_RSA(key);
-      const bool fail = (rsaKey && RSA_check_key(rsaKey) != 1);
-      RSA_free(rsaKey);
-      if (fail)
-      {
-        DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "RSA key not correct : ");
-        return DDS_SECURITY_VALIDATION_FAILED;
-      }
-    }
-    return DDS_SECURITY_VALIDATION_OK;
+    return check_key(key, "RSA", isPrivate, ex);
 
   case EVP_PKEY_EC:
     if (EVP_PKEY_bits(key) != 256)
@@ -154,15 +212,7 @@ static DDS_Security_ValidationResult_t check_key_type_and_size(EVP_PKEY *key, in
       DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EC %s has unsupported key size (%d)", sub, EVP_PKEY_bits(key));
       return DDS_SECURITY_VALIDATION_FAILED;
     }
-    EC_KEY *ecKey = EVP_PKEY_get1_EC_KEY(key);
-    const bool fail = (ecKey && EC_KEY_check_key(ecKey) != 1);
-    EC_KEY_free(ecKey);
-    if (fail)
-    {
-      DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EC key not correct : ");
-      return DDS_SECURITY_VALIDATION_FAILED;
-    }
-    return DDS_SECURITY_VALIDATION_OK;
+    return check_key(key, "EC", isPrivate, ex);
 
   default:
     DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "%s has not supported type", sub);
@@ -187,12 +237,12 @@ static DDS_Security_ValidationResult_t check_certificate_type_and_size(X509 *cer
 DDS_Security_ValidationResult_t check_certificate_expiry(const X509 *cert, DDS_Security_SecurityException *ex)
 {
   assert(cert);
-  if (X509_cmp_current_time(X509_get_notBefore(cert)) == 0)
+  if (X509_cmp_current_time(X509_get0_notBefore(cert)) == 0)
   {
     DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_CERT_STARTDATE_IN_FUTURE_CODE, DDS_SECURITY_VALIDATION_FAILED, DDS_SECURITY_ERR_CERT_STARTDATE_IN_FUTURE_MESSAGE);
     return DDS_SECURITY_VALIDATION_FAILED;
   }
-  if (X509_cmp_current_time(X509_get_notAfter(cert)) == 0)
+  if (X509_cmp_current_time(X509_get0_notAfter(cert)) == 0)
   {
     DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_CERT_EXPIRED_CODE, DDS_SECURITY_VALIDATION_FAILED, DDS_SECURITY_ERR_CERT_EXPIRED_MESSAGE);
     return DDS_SECURITY_VALIDATION_FAILED;
@@ -681,6 +731,8 @@ DDS_Security_ValidationResult_t get_certificate_contents(X509 *cert, unsigned ch
   return DDS_SECURITY_VALIDATION_OK;
 }
 
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+
 static DDS_Security_ValidationResult_t get_rsa_dh_parameters(EVP_PKEY **params, DDS_Security_SecurityException *ex)
 {
   DH *dh = NULL;
@@ -708,6 +760,48 @@ static DDS_Security_ValidationResult_t get_rsa_dh_parameters(EVP_PKEY **params,
   return DDS_SECURITY_VALIDATION_OK;
 }
 
+#else
+
+static DDS_Security_ValidationResult_t get_rsa_dh_parameters(EVP_PKEY **params, DDS_Security_SecurityException *ex)
+{
+    DDS_Security_ValidationResult_t result = DDS_SECURITY_VALIDATION_OK;
+    OSSL_PARAM pkey_params[2];
+    EVP_PKEY_CTX *pctx = NULL;
+    char group_name[] = "dh_2048_256";
+
+    *params = NULL;
+
+    pkey_params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0);
+    pkey_params[1] = OSSL_PARAM_construct_end();
+
+    if ((pctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL)) == NULL)
+    {
+        DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_CTX_new_from_name(DHX) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+    }
+    else if (EVP_PKEY_keygen_init(pctx) != 1)
+    {
+        DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_keygen_init(DHX) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+    }
+    else if (EVP_PKEY_CTX_set_params(pctx, pkey_params) != 1)
+    {
+        DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_CTX_set_params(DHX) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+    }
+    else if (EVP_PKEY_keygen(pctx, params) != 1)
+    {
+        DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_keygen(DHX) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+    }
+
+    EVP_PKEY_CTX_free(pctx);
+    return result;
+}
+
+#endif
+
+
 static DDS_Security_ValidationResult_t get_ec_dh_parameters(EVP_PKEY **params, DDS_Security_SecurityException *ex)
 {
   EVP_PKEY_CTX *pctx = NULL;
@@ -788,6 +882,9 @@ DDS_Security_ValidationResult_t generate_dh_keys(EVP_PKEY **dhkey, Authenticatio
   return DDS_SECURITY_VALIDATION_FAILED;
 }
 
+
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+
 static const BIGNUM *dh_get_public_key(DH *dhkey)
 {
 #ifdef AUTH_INCLUDE_DH_ACCESSORS
@@ -811,6 +908,7 @@ static int dh_set_public_key(DH *dhkey, BIGNUM *pubkey)
 
 static DDS_Security_ValidationResult_t dh_public_key_to_oct_modp(EVP_PKEY *pkey, unsigned char **buffer, uint32_t *length, DDS_Security_SecurityException *ex)
 {
+  DDS_Security_ValidationResult_t result = DDS_SECURITY_VALIDATION_FAILED;
   DH *dhkey;
   ASN1_INTEGER *asn1int;
   *buffer = NULL;
@@ -822,31 +920,32 @@ static DDS_Security_ValidationResult_t dh_public_key_to_oct_modp(EVP_PKEY *pkey,
   if (!(asn1int = BN_to_ASN1_INTEGER (dh_get_public_key(dhkey), NULL)))
   {
     DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to convert DH key to ASN1 integer: ");
-    DH_free(dhkey);
-    return DDS_SECURITY_VALIDATION_FAILED;
+    goto failed_asn1int;
   }
 
   int i2dlen = i2d_ASN1_INTEGER (asn1int, NULL);
   if (i2dlen <= 0)
   {
     DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to convert DH key to ASN1 integer: ");
-    DH_free(dhkey);
-    return DDS_SECURITY_VALIDATION_FAILED;
+    goto failed_i2d;
   }
 
   *length = (uint32_t) i2dlen;
   if ((*buffer = ddsrt_malloc (*length)) == NULL)
   {
     DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to convert DH key to ASN1 integer: ");
-    DH_free(dhkey);
-    return DDS_SECURITY_VALIDATION_FAILED;
+    goto failed_i2d;
   }
 
   unsigned char *buffer_arg = *buffer;
   (void) i2d_ASN1_INTEGER (asn1int, &buffer_arg);
+  result = DDS_SECURITY_VALIDATION_OK;
+
+failed_i2d:
   ASN1_INTEGER_free (asn1int);
+failed_asn1int:
   DH_free (dhkey);
-  return DDS_SECURITY_VALIDATION_OK;
+  return result;
 }
 
 static DDS_Security_ValidationResult_t dh_public_key_to_oct_ecdh(EVP_PKEY *pkey, unsigned char **buffer, uint32_t *length, DDS_Security_SecurityException *ex)
@@ -892,24 +991,6 @@ static DDS_Security_ValidationResult_t dh_public_key_to_oct_ecdh(EVP_PKEY *pkey,
   return DDS_SECURITY_VALIDATION_FAILED;
 }
 
-DDS_Security_ValidationResult_t dh_public_key_to_oct(EVP_PKEY *pkey, AuthenticationAlgoKind_t algo, unsigned char **buffer, uint32_t *length, DDS_Security_SecurityException *ex)
-{
-  assert(pkey);
-  assert(buffer);
-  assert(length);
-  switch (algo)
-  {
-  case AUTH_ALGO_KIND_RSA_2048:
-    return dh_public_key_to_oct_modp(pkey, buffer, length, ex);
-  case AUTH_ALGO_KIND_EC_PRIME256V1:
-    return dh_public_key_to_oct_ecdh(pkey, buffer, length, ex);
-  default:
-    assert(0);
-    DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Invalid key algorithm specified");
-    return DDS_SECURITY_VALIDATION_FAILED;
-  }
-}
-
 static DDS_Security_ValidationResult_t dh_oct_to_public_key_modp(EVP_PKEY **pkey, const unsigned char *keystr, uint32_t size, DDS_Security_SecurityException *ex)
 {
   DH *dhkey;
@@ -961,6 +1042,7 @@ static DDS_Security_ValidationResult_t dh_oct_to_public_key_ecdh(EVP_PKEY **pkey
   EC_KEY *eckey;
   EC_GROUP *group;
   EC_POINT *point;
+
   if (!(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)))
   {
     DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to allocate EC group: ");
@@ -1020,6 +1102,167 @@ static DDS_Security_ValidationResult_t dh_oct_to_public_key_ecdh(EVP_PKEY **pkey
   return DDS_SECURITY_VALIDATION_FAILED;
 }
 
+#else
+
+static DDS_Security_ValidationResult_t dh_public_key_to_oct_modp(EVP_PKEY *pkey, unsigned char **buffer, uint32_t *length, DDS_Security_SecurityException *ex)
+{
+    DDS_Security_ValidationResult_t result = DDS_SECURITY_VALIDATION_FAILED;
+    BIGNUM *pubkey = NULL;
+    ASN1_INTEGER *asn1int = NULL;
+    int len;
+
+    *buffer = NULL;
+
+    if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, &pubkey) != 1) {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to get DH key from PKEY: ");
+        goto fail_pubkey;
+    }
+    if ((asn1int = BN_to_ASN1_INTEGER(pubkey, NULL)) == NULL) {
+        DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to convert DH key to ASN1 integer: ");
+        goto fail_asn1int;
+    }
+    if ((len = i2d_ASN1_INTEGER(asn1int, buffer)) < 0) {
+        DDS_Security_Exception_set_with_openssl_error(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to convert ASN1 integer to DER format: ");
+        goto fail_to_der;
+    }
+    *length = (uint32_t) len;
+    result = DDS_SECURITY_VALIDATION_OK;
+
+fail_to_der:
+    ASN1_INTEGER_free(asn1int);
+fail_asn1int:
+    BN_free(pubkey);
+fail_pubkey:
+    return result;
+}
+
+static DDS_Security_ValidationResult_t dh_public_key_to_oct_ecdh(EVP_PKEY *pkey, unsigned char **buffer, uint32_t *length, DDS_Security_SecurityException *ex)
+{
+    size_t size;
+    if (EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0, &size) != 1)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to get length of encoded public key: ");
+        return DDS_SECURITY_VALIDATION_FAILED;
+    }
+    *buffer = ddsrt_malloc(size);
+    if (EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, *buffer, size, NULL) != 1)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to get encoded public key: ");
+        ddsrt_free(*buffer);
+        return DDS_SECURITY_VALIDATION_FAILED;
+    }
+    *length = (uint32_t)size;
+    return DDS_SECURITY_VALIDATION_OK;
+}
+
+static DDS_Security_ValidationResult_t dh_oct_to_public_key_modp(EVP_PKEY **pkey, const unsigned char *keystr, uint32_t size, DDS_Security_SecurityException *ex)
+{
+    DDS_Security_ValidationResult_t result = DDS_SECURITY_VALIDATION_OK;
+    ASN1_INTEGER *asn1int = NULL;
+    BIGNUM *pubkey = NULL;
+    EVP_PKEY_CTX *pctx = NULL;
+    char group_name[] = "dh_2048_256";
+    int keylen = 0;
+    unsigned char *buffer = NULL;
+    uint32_t buflen = 0;
+    OSSL_PARAM params[3];
+
+    if ((asn1int = d2i_ASN1_INTEGER(NULL, &keystr, size)) == NULL)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to convert key string to ASN1 integer: ");
+        return DDS_SECURITY_VALIDATION_FAILED;
+    }
+    if ((pubkey = ASN1_INTEGER_to_BN(asn1int, NULL)) == NULL)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Failed to convert ASN1 integer to BIGNUM: ");
+        ASN1_INTEGER_free(asn1int);
+        return DDS_SECURITY_VALIDATION_FAILED;
+    }
+
+    keylen = BN_num_bytes(pubkey) + 1;
+    buffer = ddsrt_malloc((size_t)keylen);
+    buflen = (uint32_t)BN_bn2nativepad(pubkey, buffer, keylen);
+
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0);
+    params[1] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PUB_KEY, buffer, buflen);
+    params[2] = OSSL_PARAM_construct_end();
+
+    if ((pctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL)) == NULL)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_CTX_new_from_name(DHX) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+    }
+    else if (EVP_PKEY_fromdata_init(pctx) != 1)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_fromdata_init(DHX) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+    }
+    else if (EVP_PKEY_fromdata(pctx, pkey, EVP_PKEY_PUBLIC_KEY, params) != 1)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_fromdata(DHX) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+    }
+
+    EVP_PKEY_CTX_free(pctx);
+    ddsrt_free(buffer);
+    BN_free(pubkey);
+    ASN1_INTEGER_free(asn1int);
+
+    return result;
+}
+
+static DDS_Security_ValidationResult_t dh_oct_to_public_key_ecdh(EVP_PKEY **pkey, const unsigned char *keystr, uint32_t size, DDS_Security_SecurityException *ex)
+{
+    DDS_Security_ValidationResult_t result = DDS_SECURITY_VALIDATION_OK;
+    EVP_PKEY_CTX *ctx = NULL;
+    OSSL_PARAM params[3];
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, SN_X9_62_prime256v1, 0);
+    params[1] = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PUB_KEY, (void *)keystr, size);
+    params[2] = OSSL_PARAM_construct_end();
+
+    if ((ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_CTX_new_from_name(EC) failed: ");
+        return DDS_SECURITY_VALIDATION_FAILED;
+    }
+    if (EVP_PKEY_fromdata_init(ctx) != 1)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_fromdata_init(EC) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+        goto failed;
+    }
+    if (EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY, params) != 1)
+    {
+        DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "EVP_PKEY_fromdata(EC) failed: ");
+        result = DDS_SECURITY_VALIDATION_FAILED;
+        goto failed;
+    }
+
+failed:
+    EVP_PKEY_CTX_free(ctx);
+    return result;
+}
+
+#endif
+
+DDS_Security_ValidationResult_t dh_public_key_to_oct(EVP_PKEY *pkey, AuthenticationAlgoKind_t algo, unsigned char **buffer, uint32_t *length, DDS_Security_SecurityException *ex)
+{
+  assert(pkey);
+  assert(buffer);
+  assert(length);
+  switch (algo)
+  {
+  case AUTH_ALGO_KIND_RSA_2048:
+    return dh_public_key_to_oct_modp(pkey, buffer, length, ex);
+  case AUTH_ALGO_KIND_EC_PRIME256V1:
+    return dh_public_key_to_oct_ecdh(pkey, buffer, length, ex);
+  default:
+    assert(0);
+    DDS_Security_Exception_set(ex, DDS_AUTH_PLUGIN_CONTEXT, DDS_SECURITY_ERR_UNDEFINED_CODE, DDS_SECURITY_VALIDATION_FAILED, "Invalid key algorithm specified");
+    return DDS_SECURITY_VALIDATION_FAILED;
+  }
+}
+
 DDS_Security_ValidationResult_t dh_oct_to_public_key(EVP_PKEY **data, AuthenticationAlgoKind_t algo, const unsigned char *str, uint32_t size, DDS_Security_SecurityException *ex)
 {
   assert(data);
diff --git a/src/security/builtin_plugins/tests/common/src/handshake_helper.c b/src/security/builtin_plugins/tests/common/src/handshake_helper.c
index 9429a4151d..8e4ee733a9 100644
--- a/src/security/builtin_plugins/tests/common/src/handshake_helper.c
+++ b/src/security/builtin_plugins/tests/common/src/handshake_helper.c
@@ -24,7 +24,29 @@
 #include "CUnit/Test.h"
 #include "handshake_helper.h"
 
-const BIGNUM *
+
+void
+octet_seq_init(
+    struct octet_seq *seq,
+    unsigned char *data,
+    uint32_t size)
+{
+    seq->data = ddsrt_malloc(size);
+    memcpy(seq->data, data, size);
+    seq->length = size;
+}
+
+void
+octet_seq_deinit(
+    struct octet_seq *seq)
+{
+    ddsrt_free(seq->data);
+}
+
+
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
+
+static const BIGNUM *
 dh_get_public_key(
      DH *dhkey)
 {
@@ -37,7 +59,7 @@ dh_get_public_key(
 #endif
 }
 
-int
+static int
 dh_set_public_key(
      DH *dhkey,
      BIGNUM *pubkey)
@@ -50,6 +72,622 @@ dh_set_public_key(
     return 1;
 }
 
+ASN1_INTEGER *
+get_pubkey_asn1int(EVP_PKEY *pkey)
+{
+    ASN1_INTEGER *result;
+    DH *dhkey = EVP_PKEY_get1_DH(pkey);
+    if (!dhkey) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get DH key from PKEY: %s", msg);
+        ddsrt_free(msg);
+        return NULL;
+    }
+    result = BN_to_ASN1_INTEGER(dh_get_public_key(dhkey), NULL);
+    DH_free(dhkey);
+    return result;
+}
+
+int
+get_dh_public_key_modp_2048(
+    EVP_PKEY *pkey,
+    struct octet_seq *pubkey)
+{
+    int r = 0;
+    DH *dhkey;
+    unsigned char *buffer = NULL;
+    uint32_t size;
+    ASN1_INTEGER *asn1int;
+
+    dhkey = EVP_PKEY_get1_DH(pkey);
+    if (!dhkey) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get DH key from PKEY: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+        goto fail_get_dhkey;
+    }
+
+    asn1int = BN_to_ASN1_INTEGER( dh_get_public_key(dhkey) , NULL);
+    if (!asn1int) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to convert DH key to ASN1 integer: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+        goto fail_get_pubkey;
+    }
+
+    size = (uint32_t)i2d_ASN1_INTEGER(asn1int, &buffer);
+    octet_seq_init(pubkey, buffer, size);
+
+    ASN1_INTEGER_free(asn1int);
+    OPENSSL_free(buffer);
+
+fail_get_pubkey:
+    DH_free(dhkey);
+fail_get_dhkey:
+    return r;
+}
+
+int
+get_dh_public_key_ecdh(
+    EVP_PKEY *pkey,
+    struct octet_seq *pubkey)
+{
+    int r = 0;
+    EC_KEY *eckey = NULL;
+    const EC_GROUP *group = NULL;
+    const EC_POINT *point = NULL;
+    size_t sz;
+
+    if (!(eckey = EVP_PKEY_get1_EC_KEY(pkey))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get EC key from PKEY: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (!(point = EC_KEY_get0_public_key(eckey))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get public key from ECKEY: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (!(group = EC_KEY_get0_group(eckey))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get group from ECKEY: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if ((sz = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL)) != 0) {
+        pubkey->data = ddsrt_malloc(sz);
+        pubkey->length = (uint32_t) EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, pubkey->data, sz, NULL);
+        if (pubkey->length == 0) {
+            char *msg = get_openssl_error_message_for_test();
+            printf("Failed to serialize public EC key: %s", msg);
+            ddsrt_free(msg);
+            octet_seq_deinit(pubkey);
+            r = -1;
+        }
+    } else {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to serialize public EC key: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    }
+
+    if (eckey) EC_KEY_free(eckey);
+
+    return r;
+}
+
+static EVP_PKEY *
+modp_data_to_pubkey(
+    const unsigned char *data,
+    uint32_t size)
+{
+    EVP_PKEY *pkey= NULL;
+    DH *dhkey = NULL;
+    ASN1_INTEGER *asni;
+    BIGNUM *bn = NULL;
+
+    if (!(asni = d2i_ASN1_INTEGER(NULL, &data, (long)size))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to decode DH public key: %s", msg);
+        ddsrt_free(msg);
+        goto fail_asni;
+    }
+
+    if (!(bn = ASN1_INTEGER_to_BN(asni, NULL))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to convert to BIGNU<: %s", msg);
+        ddsrt_free(msg);
+        goto fail_bn;
+    }
+
+    if (!(dhkey = DH_get_2048_256())) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate dhkey: %s", msg);
+        ddsrt_free(msg);
+        goto fail_dhkey;
+    }
+
+    dh_set_public_key(dhkey,bn);
+
+    if (!(pkey = EVP_PKEY_new())) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate pkey: %s", msg);
+        ddsrt_free(msg);
+        goto fail_pkey;
+    }
+
+    if (!EVP_PKEY_set1_DH(pkey, dhkey)) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to set public key: %s", msg);
+        ddsrt_free(msg);
+        EVP_PKEY_free(pkey);
+        pkey = NULL;
+    }
+
+    ASN1_INTEGER_free(asni);
+    DH_free(dhkey);
+
+    return pkey;
+
+fail_pkey:
+    DH_free(dhkey);
+fail_dhkey:
+    BN_free(bn);
+fail_bn:
+    ASN1_INTEGER_free(asni);
+fail_asni:
+    return NULL;
+}
+
+static EVP_PKEY *
+ecdh_data_to_pubkey(
+    const unsigned char *data,
+    uint32_t size)
+{
+    EVP_PKEY *pkey = NULL;
+    EC_KEY *eckey = NULL;
+    EC_GROUP *group = NULL;
+    EC_POINT *point = NULL;
+
+    if (!(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate EC group: %s", msg);
+        ddsrt_free(msg);
+    } else if (!(point = EC_POINT_new(group))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate EC point: %s", msg);
+        ddsrt_free(msg);
+    } else if (EC_POINT_oct2point(group, point, data, size, NULL) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to deserialize EC public key to EC point: %s", msg);
+        ddsrt_free(msg);
+    } else if (!(eckey = EC_KEY_new())) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate EC KEY: %s", msg);
+        ddsrt_free(msg);
+    } else if (EC_KEY_set_group(eckey, group) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to convert octet sequence to ASN1 integer: %s", msg);
+        ddsrt_free(msg);
+    } else if (EC_KEY_set_public_key(eckey, point) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to set EC public key: %s", msg);
+        ddsrt_free(msg);
+    } else if (!(pkey = EVP_PKEY_new())) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate EVP key: %s", msg);
+        ddsrt_free(msg);
+    } else if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to set EVP key to EC public key: %s", msg);
+        ddsrt_free(msg);
+        EVP_PKEY_free(pkey);
+        pkey = NULL;
+    }
+
+    if (eckey) EC_KEY_free(eckey);
+    if (point) EC_POINT_free(point);
+    if (group) EC_GROUP_free(group);
+
+    return pkey;
+}
+
+int
+create_dh_key_modp_2048(
+    EVP_PKEY **pkey)
+{
+    int r = 0;
+    EVP_PKEY *params = NULL;
+    EVP_PKEY_CTX *kctx = NULL;
+    DH *dh = NULL;
+
+    *pkey = NULL;
+
+    if ((params = EVP_PKEY_new()) == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate EVP_PKEY: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if ((dh = DH_get_2048_256()) == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate DH parameter: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_set1_DH(params, dh) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to set DH parameter to MODP_2048_256: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate KEY context %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to initialize KEY context: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to generate :MODP_2048_256 keys %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    }
+
+    if (params) EVP_PKEY_free(params);
+    if (kctx) EVP_PKEY_CTX_free(kctx);
+    if (dh) DH_free(dh);
+
+    return r;
+}
+
+int
+create_dh_key_ecdh(
+    EVP_PKEY **pkey)
+{
+    int r = 0;
+    EVP_PKEY *params = NULL;
+    EVP_PKEY_CTX *pctx = NULL;
+    EVP_PKEY_CTX *kctx = NULL;
+
+    *pkey = NULL;
+
+    if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate DH parameter context: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_paramgen_init(pctx) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to initialize DH generation context: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to set DH generation parameter generation method: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_paramgen(pctx, &params) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to generate DH parameters: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to allocate KEY context %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to initialize KEY context: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to generate :MODP_2048_256 keys %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    }
+
+    if (kctx) EVP_PKEY_CTX_free(kctx);
+    if (params) EVP_PKEY_free(params);
+    if (pctx) EVP_PKEY_CTX_free(pctx);
+
+    return r;
+}
+
+
+#else
+
+ASN1_INTEGER *
+get_pubkey_asn1int(EVP_PKEY *pkey)
+{
+    BIGNUM *pubkey_bn = NULL;
+    ASN1_INTEGER *asn1int = NULL;
+
+    if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, &pubkey_bn) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get DH key from PKEY: %s", msg);
+        ddsrt_free(msg);
+        return NULL;
+    }
+    asn1int = BN_to_ASN1_INTEGER(pubkey_bn, NULL);
+    BN_free(pubkey_bn);
+    return asn1int;
+}
+
+int
+get_dh_public_key_modp_2048(
+    EVP_PKEY *pkey,
+    struct octet_seq *pubkey)
+{
+    int r = -1;
+    BIGNUM *pubkbn = NULL;
+    ASN1_INTEGER *asn1int = NULL;
+    unsigned char *buffer = NULL;
+    int size = 0;
+
+    if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, &pubkbn) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get DH key from PKEY: %s", msg);
+        ddsrt_free(msg);
+        goto fail_get_pubkey;
+    }
+
+    asn1int = BN_to_ASN1_INTEGER(pubkbn, NULL);
+    if (asn1int == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to convert bignum to ASN.1 integer: %s", msg);
+        ddsrt_free(msg);
+        goto fail_pubkey_to_asn1int;
+    }
+
+    size = i2d_ASN1_INTEGER(asn1int, &buffer);
+    if (size < 0) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to convert ASN.1 integer to der: %s", msg);
+        ddsrt_free(msg);
+        goto fail_asn1int_to_der;
+    }
+
+    octet_seq_init(pubkey, buffer,  (uint32_t)size);
+    OPENSSL_free(buffer);
+    r = 0;
+
+fail_asn1int_to_der:
+    ASN1_INTEGER_free(asn1int);
+fail_pubkey_to_asn1int:
+    BN_free(pubkbn);
+fail_get_pubkey:
+    return r;
+}
+
+int
+get_dh_public_key_ecdh(
+    EVP_PKEY *pkey,
+    struct octet_seq *pubkey)
+{
+    unsigned char *keyval = NULL;
+    size_t size;
+
+    if (!EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY , NULL, 0, &size))
+    {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get size of encoded public key: %s", msg);
+        ddsrt_free(msg);
+        return -1;
+    }
+    keyval = ddsrt_malloc(size);
+    if (!EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, keyval, size, NULL))
+    {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to get size of encoded public key: %s", msg);
+        ddsrt_free(msg);
+        ddsrt_free(keyval);
+        return -1;
+    }
+
+    octet_seq_init(pubkey, keyval, (uint32_t)size);
+    ddsrt_free(keyval);
+
+    return 0;
+}
+
+static EVP_PKEY *
+modp_data_to_pubkey(
+    const unsigned char *data,
+    uint32_t size)
+{
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY_CTX *pctx = NULL;
+    ASN1_INTEGER *asn1int = NULL;
+    BIGNUM *pubkey = NULL;
+    unsigned char *buffer;
+    int bufsize;
+    OSSL_PARAM params[3];
+    size_t keysize;
+    char group_name[] = "dh_2048_256";
+
+    if (!(asn1int = d2i_ASN1_INTEGER(NULL, &data, size))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to decode DH public key: %s", msg);
+        ddsrt_free(msg);
+        goto fail_asni;
+    }
+
+    if (!(pubkey = ASN1_INTEGER_to_BN(asn1int, NULL))) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("Failed to convert to BIGNUN: %s", msg);
+        ddsrt_free(msg);
+        goto fail_pubkey;
+    }
+
+    bufsize = BN_num_bytes(pubkey) + 1;
+    buffer = ddsrt_malloc((size_t)bufsize);
+    keysize = (size_t)BN_bn2nativepad(pubkey, buffer, bufsize);
+
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0);
+    params[1] = OSSL_PARAM_construct_BN(OSSL_PKEY_PARAM_PUB_KEY, buffer, keysize);
+    params[2] = OSSL_PARAM_construct_end();
+
+    pctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL);
+    if (pctx == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_new_from_name(DHX) failed: %s", msg);
+        ddsrt_free(msg);
+        goto fail_ctx;
+    }
+
+    if (EVP_PKEY_fromdata_init(pctx) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_fromdata_init(DHX) failed: %s", msg);
+        ddsrt_free(msg);
+        goto fail_key_init;
+    }
+
+    if (EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_PUBLIC_KEY, params) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_fromdata(DHX) failed: %s", msg);
+        ddsrt_free(msg);
+        goto fail_key_init;
+    }
+
+fail_key_init:
+    EVP_PKEY_CTX_free(pctx);
+fail_ctx:
+    BN_free(pubkey);
+    ddsrt_free(buffer);
+fail_pubkey:
+    ASN1_INTEGER_free(asn1int);
+fail_asni:
+    return pkey;
+}
+
+static EVP_PKEY *
+ecdh_data_to_pubkey(
+    const unsigned char *data,
+    uint32_t size)
+{
+    EVP_PKEY_CTX *ctx;
+    EVP_PKEY *pkey = NULL;
+
+    OSSL_PARAM params[3];
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, SN_X9_62_prime256v1, 0);
+    params[1] = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PUB_KEY, (void *)data, size);
+    params[2] = OSSL_PARAM_construct_end();
+
+    ctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
+    if (ctx == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_new_from_name(EC) failed: %s", msg);
+        ddsrt_free(msg);
+        goto fail_ctx;
+    }
+
+    if (EVP_PKEY_fromdata_init(ctx) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_fromdata_init(EC) failed: %s", msg);
+        ddsrt_free(msg);
+        goto fail_init;
+    }
+
+    if (EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_PUBLIC_KEY, params) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_fromdata(EC) failed: %s", msg);
+        ddsrt_free(msg);
+    }
+
+fail_init:
+    EVP_PKEY_CTX_free(ctx);
+fail_ctx:
+    return pkey;
+}
+
+int
+create_dh_key_modp_2048(
+    EVP_PKEY **pkey)
+{
+    int r = 0;
+    EVP_PKEY_CTX *pctx = NULL;
+    OSSL_PARAM pkey_params[2];
+    char group_name[] = "dh_2048_256";
+
+    *pkey = NULL;
+
+    pkey_params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0);
+    pkey_params[1] = OSSL_PARAM_construct_end();
+
+    if ((pctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL)) == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_new_from_name(DHX) failed: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_keygen_init(pctx) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_keygen_init(DHX, %s) failed: %s", group_name, msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_CTX_set_params(pctx, pkey_params) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_set_params(DHX) failed: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (EVP_PKEY_keygen(pctx, pkey) != 1) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_set_params(DHX) failed: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    }
+
+    if (pctx) EVP_PKEY_CTX_free(pctx);
+    return r;
+}
+
+int
+create_dh_key_ecdh(
+    EVP_PKEY **pkey)
+{
+    int r = 0;
+    EVP_PKEY_CTX *pctx = NULL;
+    OSSL_PARAM pkey_params[3];
+    char group_name[] = "prime256v1";
+
+    *pkey = NULL;
+
+    pkey_params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0);
+    pkey_params[1] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, OSSL_PKEY_EC_POINT_CONVERSION_FORMAT_COMPRESSED, 0);
+    pkey_params[2] = OSSL_PARAM_construct_end();
+
+    if ((pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) == NULL) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_new_from_name(ECDH) failed: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (!EVP_PKEY_keygen_init(pctx)) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_keygen_init(ECDH, %s) failed: %s", group_name, msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (!EVP_PKEY_CTX_set_params(pctx, pkey_params)) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_set_params(ECDH) failed: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    } else if (!EVP_PKEY_keygen(pctx, pkey)) {
+        char *msg = get_openssl_error_message_for_test();
+        printf("EVP_PKEY_CTX_set_params(ECDH) failed: %s", msg);
+        ddsrt_free(msg);
+        r = -1;
+    }
+
+    if (pctx) EVP_PKEY_CTX_free(pctx);
+    return r;
+}
+
+#endif
+
 
 /* for DEBUG purposes */
 void print_binary_test( char* name, unsigned char *value, uint32_t size){
@@ -285,122 +923,6 @@ get_public_key(
     return result;
 }
 
-static EVP_PKEY *
-modp_data_to_pubkey(
-    const unsigned char *data,
-    uint32_t size)
-{
-    EVP_PKEY *pkey= NULL;
-    DH *dhkey = NULL;
-    ASN1_INTEGER *asni;
-    BIGNUM *bn = NULL;
-
-    if (!(asni = d2i_ASN1_INTEGER(NULL, &data, (long)size))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to decode DH public key: %s", msg);
-        ddsrt_free(msg);
-        goto fail_asni;
-    }
-
-    if (!(bn = ASN1_INTEGER_to_BN(asni, NULL))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to convert to BIGNU<: %s", msg);
-        ddsrt_free(msg);
-        goto fail_bn;
-    }
-
-    if (!(dhkey = DH_get_2048_256())) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate dhkey: %s", msg);
-        ddsrt_free(msg);
-        goto fail_dhkey;
-    }
-
-    dh_set_public_key(dhkey,bn);
-
-    if (!(pkey = EVP_PKEY_new())) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate pkey: %s", msg);
-        ddsrt_free(msg);
-        goto fail_pkey;
-    }
-
-    if (!EVP_PKEY_set1_DH(pkey, dhkey)) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set public key: %s", msg);
-        ddsrt_free(msg);
-        EVP_PKEY_free(pkey);
-        pkey = NULL;
-    }
-
-    ASN1_INTEGER_free(asni);
-    DH_free(dhkey);
-
-    return pkey;
-
-fail_pkey:
-    DH_free(dhkey);
-fail_dhkey:
-    BN_free(bn);
-fail_bn:
-    ASN1_INTEGER_free(asni);
-fail_asni:
-    return NULL;
-}
-
-static EVP_PKEY *
-ecdh_data_to_pubkey(
-    const unsigned char *data,
-    uint32_t size)
-{
-    EVP_PKEY *pkey = NULL;
-    EC_KEY *eckey = NULL;
-    EC_GROUP *group = NULL;
-    EC_POINT *point = NULL;
-
-    if (!(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate EC group: %s", msg);
-        ddsrt_free(msg);
-    } else if (!(point = EC_POINT_new(group))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate EC point: %s", msg);
-        ddsrt_free(msg);
-    } else if (EC_POINT_oct2point(group, point, data, size, NULL) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to deserialize EC public key to EC point: %s", msg);
-        ddsrt_free(msg);
-    } else if (!(eckey = EC_KEY_new())) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate EC KEY: %s", msg);
-        ddsrt_free(msg);
-    } else if (EC_KEY_set_group(eckey, group) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to convert octet sequence to ASN1 integer: %s", msg);
-        ddsrt_free(msg);
-    } else if (EC_KEY_set_public_key(eckey, point) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set EC public key: %s", msg);
-        ddsrt_free(msg);
-    } else if (!(pkey = EVP_PKEY_new())) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate EVP key: %s", msg);
-        ddsrt_free(msg);
-    } else if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set EVP key to EC public key: %s", msg);
-        ddsrt_free(msg);
-        EVP_PKEY_free(pkey);
-        pkey = NULL;
-    }
-
-    if (eckey) EC_KEY_free(eckey);
-    if (point) EC_POINT_free(point);
-    if (group) EC_GROUP_free(group);
-
-    return pkey;
-}
-
 int
 check_shared_secret(
     dds_security_authentication *auth,
@@ -557,9 +1079,9 @@ create_asymmetrical_signature_for_test(
         ddsrt_free(*signature);
     }
 
-    err_sign:
+err_sign:
     EVP_MD_CTX_destroy(mdctx);
-    err_create_ctx:
+err_create_ctx:
     return result;
 }
 
diff --git a/src/security/builtin_plugins/tests/common/src/handshake_helper.h b/src/security/builtin_plugins/tests/common/src/handshake_helper.h
index 7c82ecd092..0deb4e28ed 100644
--- a/src/security/builtin_plugins/tests/common/src/handshake_helper.h
+++ b/src/security/builtin_plugins/tests/common/src/handshake_helper.h
@@ -15,14 +15,41 @@
 #include "dds/security/core/dds_security_serialize.h"
 #include "dds/security/openssl_support.h"
 
-const BIGNUM *
-dh_get_public_key(
-     DH *dhkey);
+struct octet_seq {
+    unsigned char  *data;
+    uint32_t  length;
+};
+
+void
+octet_seq_init(
+    struct octet_seq *seq,
+    unsigned char *data,
+    uint32_t size);
+
+void
+octet_seq_deinit(
+    struct octet_seq *seq);
+
+ASN1_INTEGER *
+get_pubkey_asn1int(EVP_PKEY *pkey);
+
+int
+get_dh_public_key_modp_2048(
+    EVP_PKEY *pkey,
+    struct octet_seq *pubkey);
+
+int
+get_dh_public_key_ecdh(
+    EVP_PKEY *pkey,
+    struct octet_seq *pubkey);
+
+int
+create_dh_key_modp_2048(
+    EVP_PKEY **pkey);
 
 int
-dh_set_public_key(
-    DH *dhkey,
-    BIGNUM *pubkey);
+create_dh_key_ecdh(
+    EVP_PKEY **pkey);
 
 DDS_Security_ValidationResult_t
 create_signature_for_test(
diff --git a/src/security/builtin_plugins/tests/get_authenticated_peer_credential_token/src/get_authenticated_peer_credential_token_utests.c b/src/security/builtin_plugins/tests/get_authenticated_peer_credential_token/src/get_authenticated_peer_credential_token_utests.c
index 08a414da4b..f905df39fa 100644
--- a/src/security/builtin_plugins/tests/get_authenticated_peer_credential_token/src/get_authenticated_peer_credential_token_utests.c
+++ b/src/security/builtin_plugins/tests/get_authenticated_peer_credential_token/src/get_authenticated_peer_credential_token_utests.c
@@ -48,11 +48,6 @@ typedef enum {
 } HandshakeStep_t;
 
 
-struct octet_seq {
-    unsigned char  *data;
-    uint32_t  length;
-};
-
 static const char * AUTH_DSIGN_ALGO_RSA_NAME   = "RSASSA-PSS-SHA256";
 static const char * AUTH_KAGREE_ALGO_RSA_NAME  = "DH+MODP-2048-256";
 static const char * AUTH_KAGREE_ALGO_ECDH_NAME = "ECDH+prime256v1-CEUM";
@@ -219,25 +214,6 @@ static EVP_PKEY *g_dh_ecdh_key = NULL;
 static struct octet_seq g_dh_modp_pub_key = {NULL, 0};
 static struct octet_seq g_dh_ecdh_pub_key = {NULL, 0};
 
-
-static void
-octet_seq_init(
-    struct octet_seq *seq,
-    unsigned char *data,
-    uint32_t size)
-{
-    seq->data = ddsrt_malloc(size);
-    memcpy(seq->data, data, size);
-    seq->length = size;
-}
-
-static void
-octet_seq_deinit(
-    struct octet_seq *seq)
-{
-    ddsrt_free(seq->data);
-}
-
 static void
 serializer_participant_data(
     DDS_Security_ParticipantBuiltinTopicData *pdata,
@@ -541,199 +517,9 @@ get_adjusted_participant_guid(
     return result;
 }
 
-static int
-create_dh_key_modp_2048(
-    EVP_PKEY **pkey)
-{
-    int r = 0;
-    EVP_PKEY *params = NULL;
-    EVP_PKEY_CTX *kctx = NULL;
-    DH *dh = NULL;
-
-    *pkey = NULL;
-
-    if ((params = EVP_PKEY_new()) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate EVP_PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((dh = DH_get_2048_256()) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate DH parameter: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_set1_DH(params, dh) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set DH parameter to MODP_2048_256: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate KEY context %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize KEY context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate :MODP_2048_256 keys %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (params) EVP_PKEY_free(params);
-    if (kctx) EVP_PKEY_CTX_free(kctx);
-    if (dh) DH_free(dh);
-
-    return r;
-}
 
-static int
-get_dh_public_key_modp_2048(
-    EVP_PKEY *pkey,
-    struct octet_seq *pubkey)
-{
-    int r = 0;
-    DH *dhkey;
-    unsigned char *buffer = NULL;
-    uint32_t size;
-    ASN1_INTEGER *asn1int;
-
-    dhkey = EVP_PKEY_get1_DH(pkey);
-    if (!dhkey) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get DH key from PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-        goto fail_get_dhkey;
-    }
-
-    asn1int = BN_to_ASN1_INTEGER( dh_get_public_key(dhkey) , NULL);
-    if (!asn1int) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to convert DH key to ASN1 integer: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-        goto fail_get_pubkey;
-    }
 
-    size = (uint32_t)i2d_ASN1_INTEGER(asn1int, &buffer);
-    octet_seq_init(pubkey, buffer, size);
 
-    ASN1_INTEGER_free(asn1int);
-    OPENSSL_free(buffer);
-
-fail_get_pubkey:
-    DH_free(dhkey);
-fail_get_dhkey:
-    return r;
-}
-
-static int
-create_dh_key_ecdh(
-    EVP_PKEY **pkey)
-{
-    int r = 0;
-    EVP_PKEY *params = NULL;
-    EVP_PKEY_CTX *pctx = NULL;
-    EVP_PKEY_CTX *kctx = NULL;
-
-    *pkey = NULL;
-
-    if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate DH parameter context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_paramgen_init(pctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize DH generation context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set DH generation parameter generation method: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_paramgen(pctx, &params) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate DH parameters: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate KEY context %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize KEY context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate :MODP_2048_256 keys %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (kctx) EVP_PKEY_CTX_free(kctx);
-    if (params) EVP_PKEY_free(params);
-    if (pctx) EVP_PKEY_CTX_free(pctx);
-
-    return r;
-}
-
-static int
-get_dh_public_key_ecdh(
-    EVP_PKEY *pkey,
-    struct octet_seq *pubkey)
-{
-    int r = 0;
-    EC_KEY *eckey = NULL;
-    const EC_GROUP *group = NULL;
-    const EC_POINT *point = NULL;
-    size_t sz;
-
-    if (!(eckey = EVP_PKEY_get1_EC_KEY(pkey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get EC key from PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (!(point = EC_KEY_get0_public_key(eckey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get public key from ECKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (!(group = EC_KEY_get0_group(eckey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get group from ECKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((sz = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL)) != 0) {
-        pubkey->data = ddsrt_malloc(sz);
-        pubkey->length = (uint32_t) EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, pubkey->data, sz, NULL);
-        if (pubkey->length == 0) {
-            char *msg = get_openssl_error_message_for_test();
-            printf("Failed to serialize public EC key: %s", msg);
-            ddsrt_free(msg);
-            octet_seq_deinit(pubkey);
-            r = -1;
-        }
-    } else {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to serialize public EC key: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (eckey) EC_KEY_free(eckey);
-
-    return r;
-}
 
 static int
 validate_remote_identities (const char *remote_id_certificate)
diff --git a/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c b/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c
index 7c743e29e1..8d4179fb3e 100644
--- a/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c
+++ b/src/security/builtin_plugins/tests/listeners_authentication/src/listeners_authentication_utests.c
@@ -31,6 +31,7 @@
 #include "dds/security/openssl_support.h"
 #include "CUnit/CUnit.h"
 #include "CUnit/Test.h"
+#include "common/src/handshake_helper.h"
 #include "common/src/loader.h"
 #include "config_env.h"
 #include "auth_tokens.h"
@@ -188,12 +189,6 @@ typedef enum {
     HANDSHAKE_FINAL
 } HandshakeStep_t;
 
-
-struct octet_seq {
-    unsigned char  *data;
-    uint32_t  length;
-};
-
 static struct plugins_hdl *plugins = NULL;
 static dds_security_authentication *auth = NULL;
 static dds_security_access_control *access_control = NULL;
@@ -284,11 +279,11 @@ get_certificate_expiry(
     /*_In_*/ X509 *cert)
 {
     dds_time_t expiry = DDS_TIME_INVALID;
-    ASN1_TIME *ans1;
+    const ASN1_TIME *ans1;
 
     assert(cert);
 
-    ans1 = X509_get_notAfter(cert);
+    ans1 = X509_get0_notAfter(cert);
     if (ans1 != NULL) {
         int days;
         int seconds;
@@ -459,12 +454,12 @@ static DDS_Security_boolean create_certificate_from_csr(const char* csr, long va
     /* ---------------------------------------------------------- *
      * Set X509V3 start date (now) and expiration date (+365 days)*
      * -----------------------------------------------------------*/
-    if (!(X509_gmtime_adj(X509_get_notBefore(newcert), -10))) {
+    if (!(X509_gmtime_adj(X509_getm_notBefore(newcert), -10))) {
         BIO_printf(outbio, "Error setting start time\n");
         return false;
     }
 
-    if (!(X509_gmtime_adj(X509_get_notAfter(newcert), valid_secs))) {
+    if (!(X509_gmtime_adj(X509_getm_notAfter(newcert), valid_secs))) {
         BIO_printf(outbio, "Error setting expiration time\n");
         return false;
     }
@@ -829,259 +824,6 @@ find_binary_property(
     return result;
 }
 
-
-static void
-octet_seq_init(
-    struct octet_seq *seq,
-    unsigned char *data,
-    uint32_t size)
-{
-    seq->data = ddsrt_malloc(size);
-    memcpy(seq->data, data, size);
-    seq->length = size;
-}
-
-static void
-octet_seq_deinit(
-    struct octet_seq *seq)
-{
-    ddsrt_free(seq->data);
-}
-static char *
-get_openssl_error_message_for_test(
-        void)
-{
-    BIO *bio = BIO_new(BIO_s_mem());
-    char *msg;
-    char *buf = NULL;
-    size_t len;
-
-    if (bio) {
-        ERR_print_errors(bio);
-        len = (uint32_t)BIO_get_mem_data (bio, &buf);
-        msg = ddsrt_malloc(len + 1);
-        memset(msg, 0, len+1);
-        memcpy(msg, buf, len);
-        BIO_free(bio);
-    } else {
-        msg = ddsrt_strdup("BIO_new failed");
-    }
-
-    return msg;
-}
-
-
-static const BIGNUM *
-dh_get_public_key(
-    /*_In_ */DH *dhkey)
-{
-#ifdef AUTH_INCLUDE_DH_ACCESSORS
-    const BIGNUM *pubkey, *privkey;
-    DH_get0_key(dhkey, &pubkey, &privkey);
-    return pubkey;
-#else
-    return dhkey->pub_key;
-#endif
-}
-
-
-
-/* DH Helper Functions */
-
-static int
-create_dh_key_modp_2048(
-    EVP_PKEY **pkey)
-{
-    int r = 0;
-    EVP_PKEY *params = NULL;
-    EVP_PKEY_CTX *kctx = NULL;
-    DH *dh = NULL;
-
-    *pkey = NULL;
-
-    if ((params = EVP_PKEY_new()) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate EVP_PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((dh = DH_get_2048_256()) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate DH parameter: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_set1_DH(params, dh) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set DH parameter to MODP_2048_256: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate KEY context %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize KEY context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate :MODP_2048_256 keys %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (params) EVP_PKEY_free(params);
-    if (kctx) EVP_PKEY_CTX_free(kctx);
-    if (dh) DH_free(dh);
-
-    return r;
-}
-
-static int
-get_dh_public_key_modp_2048(
-    EVP_PKEY *pkey,
-    struct octet_seq *pubkey)
-{
-    int r = 0;
-    DH *dhkey;
-    unsigned char *buffer = NULL;
-    uint32_t size;
-    ASN1_INTEGER *asn1int;
-
-    dhkey = EVP_PKEY_get1_DH(pkey);
-    if (!dhkey) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get DH key from PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-        goto fail_get_dhkey;
-    }
-
-    asn1int = BN_to_ASN1_INTEGER( dh_get_public_key(dhkey) , NULL);
-    if (!asn1int) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to convert DH key to ASN1 integer: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-        goto fail_get_pubkey;
-    }
-
-    size = (uint32_t)i2d_ASN1_INTEGER(asn1int, &buffer);
-    octet_seq_init(pubkey, buffer, size);
-
-    ASN1_INTEGER_free(asn1int);
-    OPENSSL_free(buffer);
-
-fail_get_pubkey:
-    DH_free(dhkey);
-fail_get_dhkey:
-    return r;
-}
-
-static int
-create_dh_key_ecdh(
-    EVP_PKEY **pkey)
-{
-    int r = 0;
-    EVP_PKEY *params = NULL;
-    EVP_PKEY_CTX *pctx = NULL;
-    EVP_PKEY_CTX *kctx = NULL;
-
-    *pkey = NULL;
-
-    if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate DH parameter context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_paramgen_init(pctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize DH generation context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set DH generation parameter generation method: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_paramgen(pctx, &params) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate DH parameters: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate KEY context %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize KEY context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate :MODP_2048_256 keys %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (kctx) EVP_PKEY_CTX_free(kctx);
-    if (params) EVP_PKEY_free(params);
-    if (pctx) EVP_PKEY_CTX_free(pctx);
-
-    return r;
-}
-
-static int
-get_dh_public_key_ecdh(
-    EVP_PKEY *pkey,
-    struct octet_seq *pubkey)
-{
-    int r = 0;
-    EC_KEY *eckey = NULL;
-    const EC_GROUP *group = NULL;
-    const EC_POINT *point = NULL;
-    size_t sz;
-
-    if (!(eckey = EVP_PKEY_get1_EC_KEY(pkey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get EC key from PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (!(point = EC_KEY_get0_public_key(eckey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get public key from ECKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (!(group = EC_KEY_get0_group(eckey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get group from ECKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((sz = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL)) != 0) {
-        pubkey->data = ddsrt_malloc(sz);
-        pubkey->length = (uint32_t)EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, pubkey->data, sz, NULL);
-        if (pubkey->length == 0) {
-            char *msg = get_openssl_error_message_for_test();
-            printf("Failed to serialize public EC key: %s", msg);
-            ddsrt_free(msg);
-            octet_seq_deinit(pubkey);
-            r = -1;
-        }
-    } else {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to serialize public EC key: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (eckey) EC_KEY_free(eckey);
-
-    return r;
-}
-
 CU_Init(ddssec_builtin_listeners_auth)
 {
     int res = 0;
@@ -1176,76 +918,6 @@ set_binary_property_string(
     set_binary_property_value(bp, name, (const unsigned char *)data, length);
 }
 
-
-static DDS_Security_ValidationResult_t
-create_asymmetrical_signature_for_test(
-     EVP_PKEY *pkey,
-     void *data,
-     size_t dataLen,
-     unsigned char **signature,
-     size_t *signatureLen,
-     DDS_Security_SecurityException *ex)
-{
-    DDS_Security_ValidationResult_t result = DDS_SECURITY_VALIDATION_OK;
-    EVP_MD_CTX *mdctx = NULL;
-    EVP_PKEY_CTX *kctx = NULL;
-
-    if (!(mdctx = EVP_MD_CTX_create())) {
-        char *msg = get_openssl_error_message_for_test();
-        result = DDS_SECURITY_VALIDATION_FAILED;
-        DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to create signing context: %s", msg);
-        ddsrt_free(msg);
-        goto err_create_ctx;
-    }
-
-    if (EVP_DigestSignInit(mdctx, &kctx, EVP_sha256(), NULL, pkey) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        result = DDS_SECURITY_VALIDATION_FAILED;
-        DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to initialize signing context: %s", msg);
-        ddsrt_free(msg);
-        goto err_sign;
-    }
-
-    if (EVP_PKEY_CTX_set_rsa_padding(kctx, RSA_PKCS1_PSS_PADDING) < 1) {
-        char *msg = get_openssl_error_message_for_test();
-        result = DDS_SECURITY_VALIDATION_FAILED;
-        DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to initialize signing context: %s", msg);
-        ddsrt_free(msg);
-        goto err_sign;
-    }
-
-    if (EVP_DigestSignUpdate(mdctx, data, dataLen) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        result = DDS_SECURITY_VALIDATION_FAILED;
-        DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to update signing context: %s", msg);
-        ddsrt_free(msg);
-        goto err_sign;
-    }
-
-    if (EVP_DigestSignFinal(mdctx, NULL, signatureLen) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        result = DDS_SECURITY_VALIDATION_FAILED;
-        DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg);
-        ddsrt_free(msg);
-        goto err_sign;
-    }
-
-    *signature = ddsrt_malloc(*signatureLen);
-    if (EVP_DigestSignFinal(mdctx, *signature, signatureLen) != 1) {
-        char *msg = get_openssl_error_message_for_test();
-        result = DDS_SECURITY_VALIDATION_FAILED;
-        DDS_Security_Exception_set(ex, "Authentication", DDS_SECURITY_ERR_UNDEFINED_CODE, (int)result, "Failed to finalize signing context: %s", msg);
-        ddsrt_free(msg);
-        ddsrt_free(*signature);
-    }
-
-err_sign:
-    EVP_MD_CTX_destroy(mdctx);
-err_create_ctx:
-    return result;
-}
-
-
 static X509 *
 load_certificate(
    const char *data)
@@ -1305,34 +977,6 @@ get_adjusted_participant_guid(
     return result;
 }
 
-static DDS_Security_ValidationResult_t
-create_signature_for_test(
-    EVP_PKEY *pkey,
-    const DDS_Security_BinaryProperty_t **binary_properties,
-    const uint32_t binary_properties_length,
-    unsigned char **signature,
-    size_t *signatureLen,
-    DDS_Security_SecurityException *ex)
-{
-    DDS_Security_ValidationResult_t result;
-    DDS_Security_Serializer serializer;
-    unsigned char *buffer;
-    size_t size;
-
-    serializer = DDS_Security_Serializer_new(4096, 4096);
-
-    DDS_Security_Serialize_BinaryPropertyArray(serializer,binary_properties, binary_properties_length);
-    DDS_Security_Serializer_buffer(serializer, &buffer, &size);
-
-    result = create_asymmetrical_signature_for_test(pkey, buffer, size, signature, signatureLen, ex);
-
-    ddsrt_free(buffer);
-    DDS_Security_Serializer_free(serializer);
-
-    return result;
-}
-
-
 static void
 deinitialize_identity_token(
     DDS_Security_IdentityToken *token)
@@ -1340,8 +984,6 @@ deinitialize_identity_token(
     DDS_Security_DataHolder_deinit(token);
 }
 
-
-
 static void
 fill_auth_request_token(
     DDS_Security_AuthRequestMessageToken *token)
diff --git a/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c b/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c
index 78976438b2..08a5f06ea3 100644
--- a/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c
+++ b/src/security/builtin_plugins/tests/process_handshake/src/process_handshake_utests.c
@@ -46,17 +46,10 @@ typedef enum {
 } HandshakeStep_t;
 
 
-struct octet_seq {
-    unsigned char  *data;
-    uint32_t  length;
-};
-
 static const char * AUTH_DSIGN_ALGO_RSA_NAME   = "RSASSA-PSS-SHA256";
 static const char * AUTH_KAGREE_ALGO_RSA_NAME  = "DH+MODP-2048-256";
 static const char * AUTH_KAGREE_ALGO_ECDH_NAME = "ECDH+prime256v1-CEUM";
 
-
-
 static const char *identity_certificate =
         "data:,-----BEGIN CERTIFICATE-----\n"
         "MIIDYDCCAkigAwIBAgIBBDANBgkqhkiG9w0BAQsFADByMQswCQYDVQQGEwJOTDEL\n"
@@ -438,25 +431,6 @@ static struct octet_seq dh_modp_pub_key = {NULL, 0};
 static struct octet_seq dh_ecdh_pub_key = {NULL, 0};
 static struct octet_seq invalid_dh_pub_key = {NULL, 0};
 
-
-static void
-octet_seq_init(
-    struct octet_seq *seq,
-    unsigned char *data,
-    uint32_t size)
-{
-    seq->data = ddsrt_malloc(size);
-    memcpy(seq->data, data, size);
-    seq->length = size;
-}
-
-static void
-octet_seq_deinit(
-    struct octet_seq *seq)
-{
-    ddsrt_free(seq->data);
-}
-
 static void
 serializer_participant_data(
     DDS_Security_ParticipantBuiltinTopicData *pdata,
@@ -770,200 +744,6 @@ get_adjusted_participant_guid(
     return result;
 }
 
-static int
-create_dh_key_modp_2048(
-    EVP_PKEY **pkey)
-{
-    int r = 0;
-    EVP_PKEY *params = NULL;
-    EVP_PKEY_CTX *kctx = NULL;
-    DH *dh = NULL;
-
-    *pkey = NULL;
-
-    if ((params = EVP_PKEY_new()) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate EVP_PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((dh = DH_get_2048_256()) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate DH parameter: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_set1_DH(params, dh) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set DH parameter to MODP_2048_256: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate KEY context %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize KEY context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate :MODP_2048_256 keys %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (params) EVP_PKEY_free(params);
-    if (kctx) EVP_PKEY_CTX_free(kctx);
-    if (dh) DH_free(dh);
-
-    return r;
-}
-
-static int
-get_dh_public_key_modp_2048(
-    EVP_PKEY *pkey,
-    struct octet_seq *pubkey)
-{
-    int r = 0;
-    DH *dhkey;
-    unsigned char *buffer = NULL;
-    uint32_t size;
-    ASN1_INTEGER *asn1int;
-
-    dhkey = EVP_PKEY_get1_DH(pkey);
-    if (!dhkey) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get DH key from PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-        goto fail_get_dhkey;
-    }
-
-    asn1int = BN_to_ASN1_INTEGER( dh_get_public_key(dhkey) , NULL);
-    if (!asn1int) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to convert DH key to ASN1 integer: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-        goto fail_get_pubkey;
-    }
-
-    size = (uint32_t) i2d_ASN1_INTEGER(asn1int, &buffer);
-    octet_seq_init(pubkey, buffer, size);
-
-    ASN1_INTEGER_free(asn1int);
-    OPENSSL_free(buffer);
-
-fail_get_pubkey:
-    DH_free(dhkey);
-fail_get_dhkey:
-    return r;
-}
-
-static int
-create_dh_key_ecdh(
-    EVP_PKEY **pkey)
-{
-    int r = 0;
-    EVP_PKEY *params = NULL;
-    EVP_PKEY_CTX *pctx = NULL;
-    EVP_PKEY_CTX *kctx = NULL;
-
-    *pkey = NULL;
-
-    if ((pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate DH parameter context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_paramgen_init(pctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize DH generation context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to set DH generation parameter generation method: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_paramgen(pctx, &params) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate DH parameters: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((kctx = EVP_PKEY_CTX_new(params, NULL)) == NULL) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to allocate KEY context %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen_init(kctx) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to initialize KEY context: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (EVP_PKEY_keygen(kctx, pkey) <= 0) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to generate :MODP_2048_256 keys %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (kctx) EVP_PKEY_CTX_free(kctx);
-    if (params) EVP_PKEY_free(params);
-    if (pctx) EVP_PKEY_CTX_free(pctx);
-
-    return r;
-}
-
-static int
-get_dh_public_key_ecdh(
-    EVP_PKEY *pkey,
-    struct octet_seq *pubkey)
-{
-    int r = 0;
-    EC_KEY *eckey = NULL;
-    const EC_GROUP *group = NULL;
-    const EC_POINT *point = NULL;
-    size_t sz;
-
-    if (!(eckey = EVP_PKEY_get1_EC_KEY(pkey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get EC key from PKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (!(point = EC_KEY_get0_public_key(eckey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get public key from ECKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if (!(group = EC_KEY_get0_group(eckey))) {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to get group from ECKEY: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    } else if ((sz = EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL)) != 0) {
-        pubkey->data = ddsrt_malloc(sz);
-        pubkey->length = (uint32_t) EC_POINT_point2oct(group, point, POINT_CONVERSION_COMPRESSED, pubkey->data, sz, NULL);
-        if (pubkey->length == 0) {
-            char *msg = get_openssl_error_message_for_test();
-            printf("Failed to serialize public EC key: %s", msg);
-            ddsrt_free(msg);
-            octet_seq_deinit(pubkey);
-            r = -1;
-        }
-    } else {
-        char *msg = get_openssl_error_message_for_test();
-        printf("Failed to serialize public EC key: %s", msg);
-        ddsrt_free(msg);
-        r = -1;
-    }
-
-    if (eckey) EC_KEY_free(eckey);
-
-    return r;
-}
-
 static int
 validate_remote_identities (const char *remote_id_certificate)
 {
diff --git a/src/security/builtin_plugins/tests/validate_begin_handshake_reply/src/validate_begin_handshake_reply_utests.c b/src/security/builtin_plugins/tests/validate_begin_handshake_reply/src/validate_begin_handshake_reply_utests.c
index 3e2de239e5..138c960e6e 100644
--- a/src/security/builtin_plugins/tests/validate_begin_handshake_reply/src/validate_begin_handshake_reply_utests.c
+++ b/src/security/builtin_plugins/tests/validate_begin_handshake_reply/src/validate_begin_handshake_reply_utests.c
@@ -22,6 +22,7 @@
 #include "dds/security/openssl_support.h"
 #include "CUnit/CUnit.h"
 #include "CUnit/Test.h"
+#include "common/src/handshake_helper.h"
 #include "common/src/loader.h"
 #include "config_env.h"
 #include "auth_tokens.h"
@@ -342,21 +343,6 @@ static bool future_challenge_done = false;
 #error "version not found"
 #endif
 
-
-static const BIGNUM *
-dh_get_public_key(
-    DH *dhkey)
-{
-#ifdef AUTH_INCLUDE_DH_ACCESSORS
-    const BIGNUM *pubkey, *privkey;
-    DH_get0_key(dhkey, &pubkey, &privkey);
-    return pubkey;
-#else
-    return dhkey->pub_key;
-#endif
-}
-
-
 static void
 serializer_participant_data(
     DDS_Security_ParticipantBuiltinTopicData *pdata,
@@ -704,13 +690,11 @@ set_dh_public_key(
     int r = 0;
     BIO *bio = NULL;
     EVP_PKEY *pkey;
-    DH *dhkey;
     unsigned char *buffer = NULL;
     ASN1_INTEGER *asn1int;
 
     *pubkey = NULL;
 
-
     /* load certificate in buffer */
     bio = BIO_new_mem_buf((void *) keystr, -1);
     if (!bio) {
@@ -730,17 +714,7 @@ set_dh_public_key(
         goto fail_key_read;
     }
 
-    dhkey = EVP_PKEY_get1_DH(pkey);
-    if (!dhkey) {
-        char *msg = get_openssl_error();
-        r = -1;
-        printf("Failed to get DH key from PKEY: %s", msg);
-        ddsrt_free(msg);
-        goto fail_get_dhkey;
-    }
-
-    asn1int = BN_to_ASN1_INTEGER(dh_get_public_key(dhkey), NULL);
-
+    asn1int = get_pubkey_asn1int(pkey);
     if (!asn1int) {
         char *msg = get_openssl_error();
         r = -1;
@@ -758,8 +732,6 @@ set_dh_public_key(
     ASN1_INTEGER_free(asn1int);
 
 fail_get_pubkey:
-    DH_free(dhkey);
-fail_get_dhkey:
     EVP_PKEY_free(pkey);
 fail_key_read:
     BIO_free(bio);
diff --git a/src/security/core/tests/common/cert_utils.c b/src/security/core/tests/common/cert_utils.c
index e6a8709565..49a2d5892e 100644
--- a/src/security/core/tests/common/cert_utils.c
+++ b/src/security/core/tests/common/cert_utils.c
@@ -25,8 +25,8 @@ static X509 * get_x509(int not_valid_before, int not_valid_after, const char * c
   X509 * cert = X509_new ();
   CU_ASSERT_FATAL (cert != NULL);
   ASN1_INTEGER_set (X509_get_serialNumber (cert), 1);
-  X509_gmtime_adj (X509_get_notBefore (cert), not_valid_before);
-  X509_gmtime_adj (X509_get_notAfter (cert), not_valid_after);
+  X509_gmtime_adj (X509_getm_notBefore (cert), not_valid_before);
+  X509_gmtime_adj (X509_getm_notAfter (cert), not_valid_after);
 
   X509_NAME * name = X509_get_subject_name (cert);
   X509_NAME_add_entry_by_txt (name, "C",  MBSTRING_ASC, (unsigned char *) "NL", -1, -1, 0);
diff --git a/src/security/openssl/include/dds/security/openssl_support.h b/src/security/openssl/include/dds/security/openssl_support.h
index eec09a6519..352c16bb9f 100644
--- a/src/security/openssl/include/dds/security/openssl_support.h
+++ b/src/security/openssl/include/dds/security/openssl_support.h
@@ -38,7 +38,8 @@
 #include <WinSock2.h>
 #endif
 
-#define OPENSSL_API_COMPAT 10101
+/* Setting this macro to 30000 specifies that the code will be compatible with openssl version 3 and lower like version 1.1 */
+#define OPENSSL_API_COMPAT 30000
 
 #include <openssl/opensslv.h>
 #include <openssl/opensslconf.h>
@@ -52,6 +53,9 @@
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
 #define AUTH_INCLUDE_DH_ACCESSORS
 #endif
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#include <openssl/core_names.h>
+#endif
 #else
 #error "OpenSSL version is not supported"
 #endif