diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index 13067b8f3..152e4b683 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -183,6 +183,15 @@ extern "C" {
  * \{
  */
 
+/**
+ * Basic length-value buffer structure
+ */
+typedef struct mbedtls_x509_buf_raw
+{
+    unsigned char *p;    /*!< The address of the first byte in the buffer. */
+    size_t len;          /*!< The number of Bytes in the buffer.           */
+} mbedtls_x509_buf_raw;
+
 /**
  * Type-length-value structure that allows for ASN1 using DER.
  */
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index 2bb95de16..b035c6c4f 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -75,7 +75,8 @@ typedef struct mbedtls_x509_crl
     int version;            /**< CRL version (1=v1, 2=v2) */
     mbedtls_x509_buf sig_oid;       /**< CRL signature type identifier */
 
-    mbedtls_x509_buf issuer_raw;    /**< The raw issuer data (DER). */
+    mbedtls_x509_buf_raw issuer_raw;           /**< The raw issuer data (DER). */
+    mbedtls_x509_buf_raw issuer_raw_no_hdr;
 
     mbedtls_x509_name issuer;       /**< The parsed issuer data (named information object). */
 
diff --git a/library/x509_crl.c b/library/x509_crl.c
index a56d5e3e8..f07784128 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -428,6 +428,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
         mbedtls_x509_crl_free( crl );
         return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
     }
+    crl->issuer_raw_no_hdr.p = p;
 
     if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
     {
@@ -435,6 +436,7 @@ int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
         return( ret );
     }
 
+    crl->issuer_raw_no_hdr.len = p - crl->issuer_raw_no_hdr.p;
     crl->issuer_raw.len = p - crl->issuer_raw.p;
 
     /*