diff --git a/src/_cffi_src/build_openssl.py b/src/_cffi_src/build_openssl.py
index 7c3bab20f3a0..797c2635234b 100644
--- a/src/_cffi_src/build_openssl.py
+++ b/src/_cffi_src/build_openssl.py
@@ -37,11 +37,14 @@
         "pem",
         "rand",
         "rsa",
+        "context",
         "ssl",
         "x509",
         "x509name",
         "x509v3",
         "x509_vfy",
+        "provider",
+        "store",
     ],
 )
 
diff --git a/src/_cffi_src/openssl/context.py b/src/_cffi_src/openssl/context.py
new file mode 100644
index 000000000000..bbdae5136882
--- /dev/null
+++ b/src/_cffi_src/openssl/context.py
@@ -0,0 +1,26 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+INCLUDES = """
+#include <openssl/crypto.h>
+"""
+
+TYPES = """
+typedef ... OSSL_LIB_CTX;
+"""
+
+FUNCTIONS = """
+OSSL_LIB_CTX *OSSL_LIB_CTX_new(void);
+void OSSL_LIB_CTX_free(OSSL_LIB_CTX *);
+"""
+
+CUSTOMIZATIONS = """
+#if CRYPTOGRAPHY_IS_LIBRESSL || CRYPTOGRAPHY_IS_BORINGSSL \
+    || CRYPTOGRAPHY_IS_AWSLC
+OSSL_LIB_CTX *(*OSSL_LIB_CTX_new)(void) = NULL;
+void (*OSSL_LIB_CTX_free)(OSSL_LIB_CTX *) = NULL;
+#endif
+"""
diff --git a/src/_cffi_src/openssl/provider.py b/src/_cffi_src/openssl/provider.py
new file mode 100644
index 000000000000..9a70df98fc94
--- /dev/null
+++ b/src/_cffi_src/openssl/provider.py
@@ -0,0 +1,35 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+INCLUDES = """
+#include <openssl/provider.h>
+"""
+
+TYPES = """
+typedef ... OSSL_PROVIDER;
+"""
+
+FUNCTIONS = """
+int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *, const char *);
+
+OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *, const char *);
+OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *, const char *, int);
+int OSSL_PROVIDER_unload(OSSL_PROVIDER *);
+"""
+
+CUSTOMIZATIONS = """
+
+#if CRYPTOGRAPHY_IS_LIBRESSL || CRYPTOGRAPHY_IS_BORINGSSL \
+    || CRYPTOGRAPHY_IS_AWSLC
+int (*OSSL_PROVIDER_set_default_search_path)(OSSL_LIB_CTX *,
+      const char *) = NULL;
+
+OSSL_PROVIDER *(*OSSL_PROVIDER_load)(OSSL_LIB_CTX *, const char *) = NULL;
+OSSL_PROVIDER *(*OSSL_PROVIDER_try_load)(OSSL_LIB_CTX *,
+                 const char *, int) = NULL;
+int (*OSSL_PROVIDER_unload)(OSSL_PROVIDER *) = NULL;
+#endif
+"""
diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index a72db401efd5..055d7c83d488 100644
--- a/src/_cffi_src/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
@@ -336,6 +336,7 @@
 
 /*- These aren't macros these arguments are all const X on openssl > 1.0.x -*/
 SSL_CTX *SSL_CTX_new(SSL_METHOD *);
+SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *, const char *, const SSL_METHOD *);
 long SSL_CTX_get_timeout(const SSL_CTX *);
 
 const SSL_CIPHER *SSL_get_current_cipher(const SSL *);
@@ -650,6 +651,9 @@
                                               size_t *,
                                               SSL_SESSION **
                                           )) = NULL;
+
+SSL_CTX *(*SSL_CTX_new_ex)(OSSL_LIB_CTX *,
+           const char *, const SSL_METHOD *) = NULL;
 #if CRYPTOGRAPHY_IS_BORINGSSL
 const SSL_CIPHER *(*SSL_CIPHER_find)(SSL *, const unsigned char *) = NULL;
 #endif
diff --git a/src/_cffi_src/openssl/store.py b/src/_cffi_src/openssl/store.py
new file mode 100644
index 000000000000..99a19ef9d1c7
--- /dev/null
+++ b/src/_cffi_src/openssl/store.py
@@ -0,0 +1,73 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import annotations
+
+INCLUDES = """
+#include <openssl/store.h>
+"""
+
+TYPES = """
+typedef ... OSSL_STORE_CTX;
+typedef ... OSSL_STORE_INFO;
+typedef ... OSSL_PARAM;
+typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
+                                                            void *);
+"""
+
+FUNCTIONS = """
+OSSL_STORE_CTX * OSSL_STORE_open(const char *, const UI_METHOD *,
+                   void *, OSSL_STORE_post_process_info_fn, void *);
+OSSL_STORE_CTX * OSSL_STORE_open_ex(const char *, OSSL_LIB_CTX *, const char *,
+                   const UI_METHOD *, void *,
+                   const OSSL_PARAM [],
+                   OSSL_STORE_post_process_info_fn,
+                   void *);
+int OSSL_STORE_close(OSSL_STORE_CTX *);
+const char *OSSL_STORE_INFO_type_string(int);
+
+OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *);
+void OSSL_STORE_INFO_free(OSSL_STORE_INFO *);
+int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *);
+EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *);
+EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *);
+EVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *);
+EVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *);
+EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *);
+EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *);
+X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *);
+X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *);
+X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *);
+X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *);
+"""
+
+CUSTOMIZATIONS = """
+#if CRYPTOGRAPHY_IS_LIBRESSL || CRYPTOGRAPHY_IS_BORINGSSL \
+    || CRYPTOGRAPHY_IS_AWSLC
+OSSL_STORE_CTX * (*OSSL_STORE_open)(const char *, const UI_METHOD *,
+                   void *, OSSL_STORE_post_process_info_fn, void *) = NULL;
+OSSL_STORE_CTX * (*OSSL_STORE_open_ex)(const char *, OSSL_LIB_CTX *,
+                   const char *,
+                   const UI_METHOD *, void *,
+                   const OSSL_PARAM [],
+                   OSSL_STORE_post_process_info_fn,
+                   void *) = NULL;
+int (*OSSL_STORE_close)(OSSL_STORE_CTX *) = NULL;
+const char *(*OSSL_STORE_INFO_type_string)(int) = NULL;
+
+OSSL_STORE_INFO *(*OSSL_STORE_load)(OSSL_STORE_CTX *) = NULL;
+void (*OSSL_STORE_INFO_free)(OSSL_STORE_INFO *) = NULL;
+int (*OSSL_STORE_INFO_get_type)(const OSSL_STORE_INFO *) = NULL;
+EVP_PKEY *(*OSSL_STORE_INFO_get0_PARAMS)(const OSSL_STORE_INFO *) = NULL;
+EVP_PKEY *(*OSSL_STORE_INFO_get1_PARAMS)(const OSSL_STORE_INFO *) = NULL;
+EVP_PKEY *(*OSSL_STORE_INFO_get0_PUBKEY)(const OSSL_STORE_INFO *) = NULL;
+EVP_PKEY *(*OSSL_STORE_INFO_get1_PUBKEY)(const OSSL_STORE_INFO *) = NULL;
+EVP_PKEY *(*OSSL_STORE_INFO_get0_PKEY)(const OSSL_STORE_INFO *) = NULL;
+EVP_PKEY *(*OSSL_STORE_INFO_get1_PKEY)(const OSSL_STORE_INFO *) = NULL;
+X509 *(*OSSL_STORE_INFO_get0_CERT)(const OSSL_STORE_INFO *) = NULL;
+X509 *(*OSSL_STORE_INFO_get1_CERT)(const OSSL_STORE_INFO *) = NULL;
+X509_CRL *(*OSSL_STORE_INFO_get0_CRL)(const OSSL_STORE_INFO *) = NULL;
+X509_CRL *(*OSSL_STORE_INFO_get1_CRL)(const OSSL_STORE_INFO *) = NULL;
+#endif
+"""