diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c
index dc73d5223..4ed48ba36 100644
--- a/src/libstrongswan/crypto/hashers/hasher.c
+++ b/src/libstrongswan/crypto/hashers/hasher.c
@@ -177,6 +177,72 @@ hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
 	return HASH_UNKNOWN;
 }
 
+/*
+ * Described in header.
+ */
+integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
+													size_t length)
+{
+	switch (alg)
+	{
+		case HASH_MD5:
+			switch (length)
+			{
+				case 12:
+					return AUTH_HMAC_MD5_96;
+				case 16:
+					return AUTH_HMAC_MD5_128;
+			}
+			break;
+		case HASH_SHA1:
+		case HASH_PREFERRED:
+			switch (length)
+			{
+				case 12:
+					return AUTH_HMAC_SHA1_96;
+				case 16:
+					return AUTH_HMAC_SHA1_128;
+				case 20:
+					return AUTH_HMAC_SHA1_160;
+			}
+			break;
+		case HASH_SHA256:
+			switch (length)
+			{
+				case 12:
+					return AUTH_HMAC_SHA2_256_96;
+				case 16:
+					return AUTH_HMAC_SHA2_256_128;
+				case 32:
+					return AUTH_HMAC_SHA2_256_256;
+			}
+			break;
+		case HASH_SHA384:
+			switch (length)
+			{
+				case 24:
+					return AUTH_HMAC_SHA2_384_192;
+				case 48:
+					return AUTH_HMAC_SHA2_384_384;
+
+			}
+			break;
+		case HASH_SHA512:
+			switch (length)
+			{
+				case 32:
+					return AUTH_HMAC_SHA2_512_256;
+			}
+			break;
+		case HASH_MD2:
+		case HASH_MD4:
+		case HASH_SHA224:
+		case HASH_UNKNOWN:
+			break;
+	}
+	return AUTH_UNDEFINED;
+}
+
 /*
  * Described in header.
  */
diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h
index 759f6a23c..4e46fca10 100644
--- a/src/libstrongswan/crypto/hashers/hasher.h
+++ b/src/libstrongswan/crypto/hashers/hasher.h
@@ -153,6 +153,17 @@ hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg);
 hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
 												 size_t *length);
 
+/**
+ * Conversion of hash algorithm to integrity algorithm (if based on a hash).
+ *
+ * @param alg			hash algorithm
+ * @param length		length of the signature
+ * @return				integrity algorithm, AUTH_UNDEFINED if none is known
+ * 						based on the given hash function
+ */
+integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
+													size_t length);
+
 /**
  * Conversion of hash algorithm into ASN.1 OID.
  *