diff --git a/openssl/src/crypto/pkey.rs b/openssl/src/crypto/pkey.rs
index ab9a4a95..9f72464b 100644
--- a/openssl/src/crypto/pkey.rs
+++ b/openssl/src/crypto/pkey.rs
@@ -63,7 +63,7 @@ impl PKey {
         }
     }
 
-    pub fn from_handle(handle: *mut ffi::EVP_PKEY, parts: Parts) -> PKey {
+    pub unsafe fn from_handle(handle: *mut ffi::EVP_PKEY, parts: Parts) -> PKey {
         ffi::init();
         assert!(!handle.is_null());
 
@@ -587,7 +587,7 @@ impl PKey {
         }
     }
 
-    pub unsafe fn get_handle(&self) -> *mut ffi::EVP_PKEY {
+    pub fn handle(&self) -> *mut ffi::EVP_PKEY {
         return self.evp;
     }
 
@@ -606,7 +606,8 @@ impl Drop for PKey {
 
 impl Clone for PKey {
     fn clone(&self) -> Self {
-        let mut pkey = PKey::from_handle(unsafe { ffi::EVP_PKEY_new() }, self.parts);
+        let mut pkey = unsafe { PKey::from_handle(ffi::EVP_PKEY_new(), self.parts) };
+
         // copy by encoding to DER and back
         match self.parts {
             Parts::Public => {
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index c95f2646..7ef8a7a5 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -604,7 +604,7 @@ impl SslContext {
 
     /// Specifies the private key
     pub fn set_private_key(&mut self, key: &PKey) -> Result<(), ErrorStack> {
-        wrap_ssl_result(unsafe { ffi::SSL_CTX_use_PrivateKey(self.ctx, key.get_handle()) })
+        wrap_ssl_result(unsafe { ffi::SSL_CTX_use_PrivateKey(self.ctx, key.handle()) })
     }
 
     /// Check consistency of private key and certificate
diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index 5bb17e35..f81c74a1 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -333,7 +333,7 @@ impl X509Generator {
             // If prev line succeded - ownership should go to cert
             mem::forget(not_after);
 
-            try_ssl!(ffi::X509_set_pubkey(x509.handle(), p_key.get_handle()));
+            try_ssl!(ffi::X509_set_pubkey(x509.handle(), p_key.handle()));
 
             let name = ffi::X509_get_subject_name(x509.handle());
             try_ssl_null!(name);
@@ -359,7 +359,7 @@ impl X509Generator {
             }
 
             let hash_fn = self.hash_type.evp_md();
-            try_ssl!(ffi::X509_sign(x509.handle(), p_key.get_handle(), hash_fn));
+            try_ssl!(ffi::X509_sign(x509.handle(), p_key.handle(), hash_fn));
             Ok(x509)
         }
     }
@@ -381,7 +381,7 @@ impl X509Generator {
             }
 
             let hash_fn = self.hash_type.evp_md();
-            try_ssl!(ffi::X509_REQ_sign(req, p_key.get_handle(), hash_fn));
+            try_ssl!(ffi::X509_REQ_sign(req, p_key.handle(), hash_fn));
 
             Ok(X509Req::new(req))
         }
@@ -425,10 +425,12 @@ impl<'a> X509Ref<'a> {
     }
 
     pub fn public_key(&self) -> PKey {
-        let pkey = unsafe { ffi::X509_get_pubkey(self.0) };
-        assert!(!pkey.is_null());
+        unsafe {
+            let pkey = ffi::X509_get_pubkey(self.0);
+            assert!(!pkey.is_null());
 
-        PKey::from_handle(pkey, Parts::Public)
+            PKey::from_handle(pkey, Parts::Public)
+        }
     }
 
     /// Returns certificate fingerprint calculated using provided hash