3 files changed, 11 insertions, 4 deletions

diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py
index 033cd3b1..a48b167d 100644
--- a/src/cryptography/hazmat/backends/openssl/rsa.py
+++ b/src/cryptography/hazmat/backends/openssl/rsa.py
@@ -534,11 +534,9 @@ class _RSAPrivateKey(object):
         return _enc_dec_rsa(self._backend, self, ciphertext, padding)
 
     def public_key(self):
-        ctx = self._backend._lib.RSA_new()
+        ctx = self._backend._lib.RSAPublicKey_dup(self._rsa_cdata)
         self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
         ctx = self._backend._ffi.gc(ctx, self._backend._lib.RSA_free)
-        ctx.e = self._backend._lib.BN_dup(self._rsa_cdata.e)
-        ctx.n = self._backend._lib.BN_dup(self._rsa_cdata.n)
         res = self._backend._lib.RSA_blinding_on(ctx, self._backend._ffi.NULL)
         self._backend.openssl_assert(res == 1)
         evp_pkey = self._backend._rsa_cdata_to_evp_pkey(ctx)
diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index 22edd94f..53795732 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -45,6 +45,7 @@ else:
         while len(data) > 0:
             digit, = struct.unpack('>I', data[:4])
             result = (result << 32) + digit
+            # TODO: this is quadratic in the length of data
             data = data[4:]
 
         return result
diff --git a/src/cryptography/x509/__init__.py b/src/cryptography/x509/__init__.py
index 3f0ac14d..8d7bad27 100644
--- a/src/cryptography/x509/__init__.py
+++ b/src/cryptography/x509/__init__.py
@@ -4,6 +4,7 @@
 
 from __future__ import absolute_import, division, print_function
 
+from cryptography import utils
 from cryptography.x509.base import (
     Certificate, CertificateBuilder, CertificateRevocationList,
     CertificateRevocationListBuilder,
@@ -31,12 +32,19 @@ from cryptography.x509.general_name import (
 )
 from cryptography.x509.name import Name, NameAttribute
 from cryptography.x509.oid import (
-    AuthorityInformationAccessOID, CRLEntryExtensionOID, CRLExtensionOID,
+    AuthorityInformationAccessOID, CRLEntryExtensionOID,
     CertificatePoliciesOID, ExtendedKeyUsageOID, ExtensionOID, NameOID,
     ObjectIdentifier, SignatureAlgorithmOID, _SIG_OIDS_TO_HASH
 )
 
 
+CRLExtensionOID = utils.deprecated(
+    CRLEntryExtensionOID,
+    __name__,
+    "CRLExtensionOID has been renamed to CRLEntryExtensionOID",
+    utils.DeprecatedIn12
+)
+
 OID_AUTHORITY_INFORMATION_ACCESS = ExtensionOID.AUTHORITY_INFORMATION_ACCESS
 OID_AUTHORITY_KEY_IDENTIFIER = ExtensionOID.AUTHORITY_KEY_IDENTIFIER
 OID_BASIC_CONSTRAINTS = ExtensionOID.BASIC_CONSTRAINTS