--- openssl-1.0.2-beta3/crypto/ec/ec_asn1.c     2014-09-25 21:03:08.000000000 +0200
+++ openssl-1.0.2-beta3.patch/crypto/ec/ec_asn1.c       2015-01-02 13:40:50.000000000 +0100
@@ -1243,8 +1243,9 @@
 int    i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
        {
-       int             ret=0, ok=0;
+       int             ret=0, ok=0, i=0;
        unsigned char   *buffer=NULL;
        size_t          buf_len=0, tmp_len;
        EC_PRIVATEKEY   *priv_key=NULL;
+       BIGNUM          *order=NULL;

        if (a == NULL || a->group == NULL || a->priv_key == NULL ||
@@ -1264,6 +1265,10 @@

        priv_key->version = a->version;
+       tmp_len = (size_t)BN_num_bytes(a->priv_key);
+
+       if ((order = BN_new()) == NULL) goto err;
+       if (!EC_GROUP_get_order(a->group, order, NULL)) goto err;
+       buf_len = (size_t)BN_num_bytes(order);

-       buf_len = (size_t)BN_num_bytes(a->priv_key);
        buffer = OPENSSL_malloc(buf_len);
        if (buffer == NULL)
@@ -1273,6 +1278,7 @@
                goto err;
                }
-
-       if (!BN_bn2bin(a->priv_key, buffer))
+
+       for (i=0;i<buf_len-tmp_len;i++) buffer[i]=0;
+       if (!BN_bn2bin(a->priv_key, buffer+buf_len-tmp_len))
                {
                ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
@@ -1345,4 +1351,6 @@
        ok=1;
 err:
+       if (order)
+               BN_free(order);
        if (buffer)
                OPENSSL_free(buffer);