diff --git a/rsa.c b/rsa.c
index 6c69eb02823c0a2b33617e9dd908032a3111d5f8..87e811111ecbb3ea27e6ab8d7437d0990f2d39a6 100644
--- a/rsa.c
+++ b/rsa.c
@@ -37,6 +37,24 @@
  * one can link in the signature functions without also getting the
  * verify functions. */
 
+void
+rsa_init_public_key(struct rsa_public_key *key)
+{
+  mpz_init(key->n);
+  mpz_init(key->e);
+
+  /* Not really necessary, but it seems cleaner to initialize all the
+   * storage. */
+  key->size = 0;
+}
+
+void
+rsa_clear_public_key(struct rsa_public_key *key)
+{
+  mpz_clear(key->n);
+  mpz_clear(key->e);
+}
+
 int
 rsa_prepare_public_key(struct rsa_public_key *key)
 {
@@ -63,12 +81,39 @@ rsa_prepare_public_key(struct rsa_public_key *key)
     }
 }
 
+void
+rsa_init_private_key(struct rsa_private_key *key)
+{
+  rsa_init_public_key(&key->pub);
+
+  mpz_init(key->d);
+  mpz_init(key->p);
+  mpz_init(key->q);
+  mpz_init(key->a);
+  mpz_init(key->b);
+  mpz_init(key->c);
+}
+
+void
+rsa_clear_private_key(struct rsa_private_key *key)
+{
+  rsa_clear_public_key(&key->pub);
+
+  mpz_clear(key->d);
+  mpz_clear(key->p);
+  mpz_clear(key->q);
+  mpz_clear(key->a);
+  mpz_clear(key->b);
+  mpz_clear(key->c);
+}
+
 int
 rsa_prepare_private_key(struct rsa_private_key *key)
 {
   return rsa_prepare_public_key(&key->pub);
 }
 
+
 #ifndef RSA_CRT
 #define RSA_CRT 1
 #endif
diff --git a/rsa.h b/rsa.h
index 47c56185176f77090e6fadf3edb424f1e6cc792d..08df531dba5c9e67de6bed6935819e87261d1726 100644
--- a/rsa.h
+++ b/rsa.h
@@ -84,15 +84,33 @@ struct rsa_private_key
  * The signature is represented as a mpz_t bignum. This call also
  * resets the hashing context.
  *
- * When done with the key, don't forget to call mpz_clear.
+ * When done with the key and signature, don't forget to call
+ * mpz_clear.
  */
 
+/* Calls mpz_init to initialize bignum storage. */
+void
+rsa_init_public_key(struct rsa_public_key *key);
+
+/* Calls mpz_clear to deallocate bignum storage. */
+void
+rsa_clear_public_key(struct rsa_public_key *key);
+
 int
 rsa_prepare_public_key(struct rsa_public_key *key);
 
+/* Calls mpz_init to initialize bignum storage. */
+void
+rsa_init_private_key(struct rsa_private_key *key);
+
+/* Calls mpz_clear to deallocate bignum storage. */
+void
+rsa_clear_private_key(struct rsa_private_key *key);
+
 int
 rsa_prepare_private_key(struct rsa_private_key *key);
 
+
 /* PKCS#1 style signatures */
 void
 rsa_md5_sign(struct rsa_private_key *key,