diff --git a/include/polarssl/x509write.h b/include/polarssl/x509write.h
index 5e0d82ad13..159747889d 100644
--- a/include/polarssl/x509write.h
+++ b/include/polarssl/x509write.h
@@ -380,19 +380,19 @@ void x509write_crt_free( x509write_cert *ctx );
 int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size );
 
 /**
- * \brief           Write a RSA public key to a PKCS#1 DER structure
+ * \brief           Write a public key to a DER structure
  *                  Note: data is written at the end of the buffer! Use the
  *                        return value to determine where you should start
  *                        using the buffer
  *
- * \param rsa       RSA to write away
+ * \param key       public key to write away
  * \param buf       buffer to write to
  * \param size      size of the buffer
  *
  * \return          length of data written if successful, or a specific
  *                  error code
  */
-int x509write_pubkey_der( rsa_context *rsa, unsigned char *buf, size_t size );
+int x509write_pubkey_der( pk_context *key, unsigned char *buf, size_t size );
 
 /**
  * \brief           Write a RSA key to a PKCS#1 DER structure
@@ -447,15 +447,15 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
 int x509write_crt_pem( x509write_cert *ctx, unsigned char *buf, size_t size );
 
 /**
- * \brief           Write a RSA public key to a PKCS#1 PEM string
+ * \brief           Write a public key to a PEM string
  *
- * \param rsa       RSA to write away
+ * \param key       public key to write away
  * \param buf       buffer to write to
  * \param size      size of the buffer
  *
  * \return          0 successful, or a specific error code
  */
-int x509write_pubkey_pem( rsa_context *rsa, unsigned char *buf, size_t size );
+int x509write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size );
 
 /**
  * \brief           Write a RSA key to a PKCS#1 PEM string
diff --git a/library/x509write.c b/library/x509write.c
index e1f68dc6f1..3aeb795265 100644
--- a/library/x509write.c
+++ b/library/x509write.c
@@ -434,11 +434,17 @@ int x509write_crt_set_ns_cert_type( x509write_cert *ctx,
     return( 0 );
 }
 
-int x509write_pubkey_der( rsa_context *rsa, unsigned char *buf, size_t size )
+int x509write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
 {
     int ret;
     unsigned char *c;
     size_t len = 0;
+    rsa_context *rsa;
+
+    if( !pk_can_do( key, POLARSSL_PK_RSA ) )
+        return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
+
+    rsa = pk_rsa( *key );
 
     c = buf + size;
 
@@ -730,9 +736,7 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
     ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
     ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) );
 
-    if( !pk_can_do( ctx->key, POLARSSL_PK_RSA ) )
-        return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
-    ASN1_CHK_ADD( pub_len, x509write_pubkey_der( pk_rsa( *ctx->key ),
+    ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->key,
                                                  tmp_buf, c - tmp_buf ) );
     c -= pub_len;
     len += pub_len;
@@ -792,6 +796,11 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size )
     size_t sub_len = 0, pub_len = 0, sig_len = 0;
     size_t len = 0;
 
+    // temporary compatibility hack
+    pk_context subject_key;
+    subject_key.pk_info = pk_info_from_type( POLARSSL_PK_RSA );
+    subject_key.pk_ctx = ctx->subject_key;
+
     c = tmp_buf + sizeof( tmp_buf );
 
     // Generate correct OID
@@ -813,7 +822,7 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size )
     /*
      *  SubjectPublicKeyInfo
      */
-    ASN1_CHK_ADD( pub_len, x509write_pubkey_der( ctx->subject_key,
+    ASN1_CHK_ADD( pub_len, x509write_pubkey_der( &subject_key,
                                                  tmp_buf, c - tmp_buf ) );
     c -= pub_len;
     len += pub_len;
@@ -959,12 +968,12 @@ int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size )
     return( 0 );
 }
 
-int x509write_pubkey_pem( rsa_context *rsa, unsigned char *buf, size_t size )
+int x509write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
 {
     int ret;
     unsigned char output_buf[4096];
 
-    if( ( ret = x509write_pubkey_der( rsa, output_buf,
+    if( ( ret = x509write_pubkey_der( key, output_buf,
                                       sizeof(output_buf) ) ) < 0 )
     {
         return( ret );
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index d051903885..09dfff874d 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -132,7 +132,6 @@ void x509_pubkey_check( char *key_file )
     unsigned char buf[5000];
     unsigned char check_buf[5000];
     int ret;
-    size_t olen = sizeof( check_buf );
     FILE *f;
 
     memset( buf, 0, sizeof( buf ) );
@@ -141,7 +140,7 @@ void x509_pubkey_check( char *key_file )
     pk_init( &key );
     TEST_ASSERT( x509parse_public_keyfile( &key, key_file ) == 0 );
 
-    ret = x509write_pubkey_pem( pk_rsa( key ), buf, sizeof( buf ) - 1);
+    ret = x509write_pubkey_pem( &key, buf, sizeof( buf ) - 1);
     TEST_ASSERT( ret >= 0 );
 
     f = fopen( key_file, "r" );