diff --git a/lib/asn1/der.h b/lib/asn1/der.h
index 5a82037f0..cd2a40a73 100644
--- a/lib/asn1/der.h
+++ b/lib/asn1/der.h
@@ -95,6 +95,8 @@ int decode_unsigned (const unsigned char*, size_t, unsigned*, size_t*);
 int decode_enumerated (const unsigned char*, size_t, unsigned*, size_t*);
 int decode_general_string (const unsigned char*, size_t,
 			   general_string*, size_t*);
+int decode_oid (const unsigned char *p, size_t len, 
+		oid *k, size_t *size);
 int decode_octet_string (const unsigned char*, size_t, octet_string*, size_t*);
 int decode_generalized_time (const unsigned char*, size_t, time_t*, size_t*);
 
@@ -138,6 +140,7 @@ size_t length_unsigned (const unsigned *data);
 size_t length_enumerated (const unsigned *data);
 size_t length_general_string (const general_string *data);
 size_t length_octet_string (const octet_string *k);
+size_t length_oid (const oid *k);
 size_t length_generalized_time (const time_t *t);
 
 int copy_general_string (const general_string *from, general_string *to);
diff --git a/lib/asn1/der_get.c b/lib/asn1/der_get.c
index d81100fa2..65fa69754 100644
--- a/lib/asn1/der_get.c
+++ b/lib/asn1/der_get.c
@@ -143,6 +143,7 @@ der_get_oid (const unsigned char *p, size_t len,
 	     oid *data, size_t *size)
 {
     int n;
+    size_t oldlen = len;
 
     if (len < 1)
 	return ASN1_OVERRUN;
@@ -167,6 +168,8 @@ der_get_oid (const unsigned char *p, size_t len,
 	free_oid (data);
 	return ASN1_OVERRUN;
     }
+    if (size)
+	*size = oldlen;
     return 0;
 }
 
@@ -374,6 +377,38 @@ decode_octet_string (const unsigned char *p, size_t len,
     return 0;
 }
 
+int
+decode_oid (const unsigned char *p, size_t len, 
+	    oid *k, size_t *size)
+{
+    size_t ret = 0;
+    size_t l;
+    int e;
+    size_t slen;
+
+    e = der_match_tag (p, len, UNIV, PRIM, UT_OID, &l);
+    if (e) return e;
+    p += l;
+    len -= l;
+    ret += l;
+
+    e = der_get_length (p, len, &slen, &l);
+    if (e) return e;
+    p += l;
+    len -= l;
+    ret += l;
+    if (len < slen)
+	return ASN1_OVERRUN;
+
+    e = der_get_oid (p, slen, k, &l);
+    if (e) return e;
+    p += l;
+    len -= l;
+    ret += l;
+    if(size) *size = ret;
+    return 0;
+}
+
 static void
 generalizedtime2time (const char *s, time_t *t)
 {