diff --git a/client/crypto/libpcrypto.c b/client/crypto/libpcrypto.c
index 030be15a..896048bf 100644
--- a/client/crypto/libpcrypto.c
+++ b/client/crypto/libpcrypto.c
@@ -16,6 +16,7 @@
 #include <mbedtls/asn1.h>
 #include <mbedtls/aes.h>
 #include <mbedtls/cmac.h>
+#include <mbedtls/pk.h>
 #include <mbedtls/ecdsa.h>
 #include <mbedtls/sha256.h>
 #include <mbedtls/ctr_drbg.h>
@@ -208,6 +209,31 @@ char *ecdsa_get_error(int ret) {
 	return retstr;
 }
 
+int ecdsa_public_key_from_pk(mbedtls_pk_context *pk, uint8_t *key, size_t keylen) {
+	int res = 0;
+	size_t realkeylen = 0;
+	if (keylen < 65) 
+		return 1;
+	
+	mbedtls_ecdsa_context ctx;
+	mbedtls_ecdsa_init(&ctx);
+	
+	res = mbedtls_ecp_group_load(&ctx.grp, MBEDTLS_ECP_DP_SECP256R1); // secp256r1
+	if (res)
+		goto exit;
+	
+	res = mbedtls_ecdsa_from_keypair(&ctx, mbedtls_pk_ec(*pk) );
+	if (res)
+		goto exit;
+	
+	res = mbedtls_ecp_point_write_binary(&ctx.grp, &ctx.Q, MBEDTLS_ECP_PF_UNCOMPRESSED, &realkeylen, key, keylen);
+	if (realkeylen != 65)
+		res = 2;
+exit:
+	mbedtls_ecdsa_free(&ctx);
+	return res;
+}
+
 int ecdsa_signature_create(uint8_t *key_d, uint8_t *key_xy, uint8_t *input, int length, uint8_t *signature, size_t *signaturelen) {
 	int res;
 	*signaturelen = 0;
diff --git a/client/crypto/libpcrypto.h b/client/crypto/libpcrypto.h
index 8d4b4a0d..7ac6c3b0 100644
--- a/client/crypto/libpcrypto.h
+++ b/client/crypto/libpcrypto.h
@@ -14,6 +14,7 @@
 #include <stdint.h>
 #include <stdbool.h>
 #include <stddef.h>
+#include <mbedtls/pk.h>
 
 extern int aes_encode(uint8_t *iv, uint8_t *key, uint8_t *input, uint8_t *output, int length);
 extern int aes_decode(uint8_t *iv, uint8_t *key, uint8_t *input, uint8_t *output, int length);
@@ -23,6 +24,7 @@ extern int aes_cmac8(uint8_t *iv, uint8_t *key, uint8_t *input, uint8_t *mac, in
 extern int sha256hash(uint8_t *input, int length, uint8_t *hash);
 
 extern int ecdsa_key_create(uint8_t * key_d, uint8_t *key_xy);
+extern int ecdsa_public_key_from_pk(mbedtls_pk_context *pk, uint8_t *key, size_t keylen);
 extern int ecdsa_signature_create(uint8_t *key_d, uint8_t *key_xy, uint8_t *input, int length, uint8_t *signature, size_t *signaturelen);
 extern int ecdsa_signature_verify(uint8_t *key_xy, uint8_t *input, int length, uint8_t *signature, size_t signaturelen);
 extern char *ecdsa_get_error(int ret);