--- openssl-1.0.2-beta3/crypto/ec/ec_asn1.c     2014-09-25 21:03:08.000000000 +0200
+++ openssl-1.0.2-beta3.ec_pk/crypto/ec/ec_asn1.c       2015-01-02 13:40:50.000000000 +0100
@@ -1243,8 +1243,9 @@
 int	i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
 	{
-	int             ret=0, ok=0;
+	int             ret=0, ok=0, i=0;
 	unsigned char   *buffer=NULL;
 	size_t          buf_len=0, tmp_len;
 	EC_PRIVATEKEY   *priv_key=NULL;
+	BIGNUM          *order=NULL;
 
 	if (a == NULL || a->group == NULL || a->priv_key == NULL ||
@@ -1264,6 +1265,10 @@
 
 	priv_key->version = a->version;
+	tmp_len = (size_t)BN_num_bytes(a->priv_key);
+
+	if ((order = BN_new()) == NULL) goto err;
+	if (!EC_GROUP_get_order(a->group, order, NULL)) goto err;
+	buf_len = (size_t)BN_num_bytes(order);
 
-	buf_len = (size_t)BN_num_bytes(a->priv_key);
 	buffer = OPENSSL_malloc(buf_len);
 	if (buffer == NULL)
@@ -1273,6 +1278,7 @@
 		goto err;
 		}
-	
-	if (!BN_bn2bin(a->priv_key, buffer))
+
+	for (i=0;i<buf_len-tmp_len;i++) buffer[i]=0;
+	if (!BN_bn2bin(a->priv_key, buffer+buf_len-tmp_len))
 		{
 		ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
@@ -1345,4 +1351,6 @@
 	ok=1;
 err:
+	if (order)
+		BN_free(order);
 	if (buffer)
 		OPENSSL_free(buffer);