2 files changed, 27 insertions, 0 deletions

diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c
index bc10dd28c..0e61086b1 100644
--- a/src/libstrongswan/plugins/openssl/openssl_util.c
+++ b/src/libstrongswan/plugins/openssl/openssl_util.c
@@ -126,6 +126,24 @@ bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b)
 /**
  * Described in header.
  */
+bool openssl_bn2chunk(BIGNUM *bn, chunk_t *chunk)
+{
+	*chunk = chunk_alloc(BN_num_bytes(bn));
+	if (BN_bn2bin(bn, chunk->ptr) == chunk->len)
+	{
+		if (chunk->len && chunk->ptr[0] & 0x80)
+		{	/* if MSB is set, prepend a zero to make it non-negative */
+			*chunk = chunk_cat("cm", chunk_from_chars(0x00), *chunk);
+		}
+		return TRUE;
+	}
+	chunk_free(chunk);
+	return FALSE;
+}
+
+/**
+ * Described in header.
+ */
 chunk_t openssl_asn1_obj2chunk(ASN1_OBJECT *asn1)
 {
 	if (asn1)
diff --git a/src/libstrongswan/plugins/openssl/openssl_util.h b/src/libstrongswan/plugins/openssl/openssl_util.h
index 25c692a1a..ce2a9e109 100644
--- a/src/libstrongswan/plugins/openssl/openssl_util.h
+++ b/src/libstrongswan/plugins/openssl/openssl_util.h
@@ -66,6 +66,15 @@ bool openssl_bn_cat(int len, BIGNUM *a, BIGNUM *b, chunk_t *chunk);
  */
 bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b);
 
+/**
+ * Exports the given bignum (assumed to be a positive number) to a chunk in
+ * two's complement format (i.e. a zero byte is added if the MSB is set).
+ *
+ * @param bn		the BIGNUM to export
+ * @param chunk		the chunk (data gets allocated)
+ * @return			TRUE on success, FALSE otherwise
+ */
+bool openssl_bn2chunk(BIGNUM *bn, chunk_t *chunk);
 
 /**
  * Allocate a chunk using the i2d function of a given object