diff --git a/src/cryptography/RSA.c b/src/cryptography/RSA.c
index abef3e8..02bacf0 100644
--- a/src/cryptography/RSA.c
+++ b/src/cryptography/RSA.c
@@ -5,13 +5,12 @@
 // https://crypto.stackexchange.com/questions/3110/impacts-of-not-using-rsa-exponent-of-65537
 #define DEFAULT_PUBLIC_EXPONENT 65537
 
-bool RSA_generateKeyPair(u32 key_size, 
-    br_rsa_private_key* sk, void* sk_buf, 
-    NULLABLE(br_rsa_public_key*) pk, NULLABLE(void* pk_buf))
-{
+bool RSA_generateKeyPair(u32 key_size, br_rsa_private_key* sk, br_rsa_public_key* pk){
     br_hmac_drbg_context rng_ctx;
     const br_prng_class** rng_class_ptr = &rng_ctx.vtable;
     rng_init_sha256_seedFromTime(&br_hmac_drbg_vtable, rng_class_ptr);
+    void* sk_buf = malloc(BR_RSA_KBUF_PRIV_SIZE(key_size));
+    void* pk_buf = malloc(BR_RSA_KBUF_PUB_SIZE(key_size));
     u32 r = br_rsa_i31_keygen(rng_class_ptr, sk, sk_buf, pk, pk_buf, key_size, DEFAULT_PUBLIC_EXPONENT);
     return r;
 }
diff --git a/src/cryptography/cryptography.h b/src/cryptography/cryptography.h
index acde4e6..b9af828 100755
--- a/src/cryptography/cryptography.h
+++ b/src/cryptography/cryptography.h
@@ -88,9 +88,15 @@ void DecryptorAES_decrypt(DecryptorAES* ptr, Array(u8) src, Array(u8) dst, u32*
 //                                  RSA.c                                   //
 //////////////////////////////////////////////////////////////////////////////
 
-bool RSA_generateKeyPair(u32 key_size, 
-    br_rsa_private_key* sk, void* sk_buf, 
-    NULLABLE(br_rsa_public_key*) pk, NULLABLE(void* pk_buf));
+bool RSA_generateKeyPair(u32 key_size, br_rsa_private_key* sk, br_rsa_public_key* pk);
+
+static inline void RSA_freePrivateKey(br_rsa_private_key* sk){
+    free(sk->p);
+}
+
+static inline void RSA_freePublicKey(br_rsa_public_key* sk){
+    free(sk->n);
+}
 
 /// @param sk some private key 
 /// @param pk out public key. WARNING: .n is allocated on heap
diff --git a/src/main.c b/src/main.c
index 8e77bce..9c73ce6 100755
--- a/src/main.c
+++ b/src/main.c
@@ -15,16 +15,9 @@ int main(const int argc, cstr const* argv){
     const u32 key_size = 2048;
 
     br_rsa_private_key sk;
-    const u32 sk_buf_size = BR_RSA_KBUF_PRIV_SIZE(key_size);
-    u8 sk_buf[sk_buf_size];
-    memset(sk_buf, 0, sk_buf_size);
-
     br_rsa_public_key pk;
-    const u32 pk_buf_size = BR_RSA_KBUF_PUB_SIZE(key_size);
-    u8 pk_buf[pk_buf_size];
-    memset(pk_buf, 0, pk_buf_size);
     
-    if(!RSA_generateKeyPair(key_size, &sk, sk_buf, &pk, pk_buf)){
+    if(!RSA_generateKeyPair(key_size, &sk, &pk)){
         printfe("ERROR: can't generate RSA key pair\n");
         Return 1;
     }