Use size_t for new crypto size parameters.

crypto/dh/dh_pmeth.c

@@ -187,7 +187,7 @@ static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 	return DH_generate_key(pkey->pkey.dh);
 	}
 
-static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen)
+static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
 	{
 	int ret;
 	if (!ctx->pkey || !ctx->peerkey)

crypto/dsa/dsa_pmeth.c

@@ -98,8 +98,8 @@ static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
 		OPENSSL_free(dctx);
 	}
 
-static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen)
+static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen)
 	{
 	int ret, type;
 	unsigned int sltmp;
@@ -120,8 +120,8 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
 	}
 
 static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
-					const unsigned char *sig, int siglen,
-					const unsigned char *tbs, int tbslen)
+					const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen)
 	{
 	int ret, type;
 	DSA_PKEY_CTX *dctx = ctx->data;

crypto/ec/ec_pmeth.c

@@ -99,11 +99,11 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
 		}
 	}
 
-static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen)
+static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen)
 	{
 	int ret, type;
-	unsigned int sltmp;
+	size_t sltmp;
 	EC_PKEY_CTX *dctx = ctx->data;
 	EC_KEY *ec = ctx->pkey->pkey.ec;
 
@@ -112,7 +112,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
 		*siglen = ECDSA_size(ec);
 		return 1;
 		}
-	else if(*siglen < ECDSA_size(ec))
+	else if(*siglen < (size_t)ECDSA_size(ec))
 		{
 		ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
 		return 0;
@@ -133,8 +133,8 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
 	}
 
 static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
-					const unsigned char *sig, int siglen,
-					const unsigned char *tbs, int tbslen)
+					const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen)
 	{
 	int ret, type;
 	EC_PKEY_CTX *dctx = ctx->data;
@@ -150,7 +150,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
 	return ret;
 	}
 
-static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen)
+static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
 	{
 	int ret;
 	size_t outlen;

crypto/evp/evp.h

@@ -964,28 +964,28 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
 
 int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
-			unsigned char *sig, int *siglen,
-			const unsigned char *tbs, int tbslen);
+			unsigned char *sig, size_t *siglen,
+			const unsigned char *tbs, size_t tbslen);
 int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
-			const unsigned char *sig, int siglen,
-			const unsigned char *tbs, int tbslen);
+			const unsigned char *sig, size_t siglen,
+			const unsigned char *tbs, size_t tbslen);
 int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
-			unsigned char *rout, int *routlen,
-			const unsigned char *sig, int siglen);
+			unsigned char *rout, size_t *routlen,
+			const unsigned char *sig, size_t siglen);
 int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
-			unsigned char *out, int *outlen,
-			const unsigned char *in, int inlen);
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
 int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
-			unsigned char *out, int *outlen,
-			const unsigned char *in, int inlen);
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
 
 int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen);
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
 
 typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
 
@@ -1013,23 +1013,23 @@ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
 	int (*sign_init)(EVP_PKEY_CTX *ctx),
-	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen));
+	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen));
 
 void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
 	int (*verify_init)(EVP_PKEY_CTX *ctx),
-	int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
-					const unsigned char *tbs, int tbslen));
+	int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen));
 
 void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
 	int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
 	int (*verify_recover)(EVP_PKEY_CTX *ctx,
-					unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen));
+					unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen));
 
 void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
 	int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
-	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
+	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 					EVP_MD_CTX *mctx));
 
 void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
@@ -1039,17 +1039,17 @@ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
 	int (*encrypt_init)(EVP_PKEY_CTX *ctx),
-	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-					const unsigned char *in, int inlen));
+	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen));
 
 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
 	int (*decrypt_init)(EVP_PKEY_CTX *ctx),
-	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-					const unsigned char *in, int inlen));
+	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen));
 
 void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
 	int (*derive_init)(EVP_PKEY_CTX *ctx),
-	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen));
+	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
 
 void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
 	int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),

crypto/evp/evp_locl.h

@@ -273,20 +273,21 @@ struct evp_pkey_method_st
 	int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
 
 	int (*sign_init)(EVP_PKEY_CTX *ctx);
-	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen);
+	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+				const unsigned char *tbs, size_t tbslen);
 
 	int (*verify_init)(EVP_PKEY_CTX *ctx);
-	int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
-					const unsigned char *tbs, int tbslen);
+	int (*verify)(EVP_PKEY_CTX *ctx,
+				const unsigned char *sig, size_t siglen,
+				const unsigned char *tbs, size_t tbslen);
 
 	int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
 	int (*verify_recover)(EVP_PKEY_CTX *ctx,
-					unsigned char *rout, int *routlen,
-					const unsigned char *sig, int siglen);
+				unsigned char *rout, size_t *routlen,
+				const unsigned char *sig, size_t siglen);
 
 	int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
-	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
+	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 					EVP_MD_CTX *mctx);
 
 	int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
@@ -294,15 +295,15 @@ struct evp_pkey_method_st
 					EVP_MD_CTX *mctx);
 
 	int (*encrypt_init)(EVP_PKEY_CTX *ctx);
-	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-					const unsigned char *in, int inlen);
+	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen);
 
 	int (*decrypt_init)(EVP_PKEY_CTX *ctx);
-	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-					const unsigned char *in, int inlen);
+	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen);
 
 	int (*derive_init)(EVP_PKEY_CTX *ctx);
-	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen);
+	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
 
 	int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
 	int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);

crypto/evp/pmeth_fn.c

@@ -66,7 +66,7 @@
 #define M_check_autoarg(ctx, arg, arglen, err) \
 	if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
 		{ \
-		int pksize = EVP_PKEY_size(ctx->pkey); \
+		size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
 		if (!arg) \
 			{ \
 			*arglen = pksize; \
@@ -98,8 +98,8 @@ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
 	}
 
 int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
-			unsigned char *sig, int *siglen,
-			const unsigned char *tbs, int tbslen)
+			unsigned char *sig, size_t *siglen,
+			const unsigned char *tbs, size_t tbslen)
 	{
 	if (!ctx || !ctx->pmeth || !ctx->pmeth->sign)
 		{
@@ -135,8 +135,8 @@ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
 	}
 
 int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
-			const unsigned char *sig, int siglen,
-			const unsigned char *tbs, int tbslen)
+			const unsigned char *sig, size_t siglen,
+			const unsigned char *tbs, size_t tbslen)
 	{
 	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify)
 		{
@@ -171,8 +171,8 @@ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
 	}
 
 int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
-			unsigned char *rout, int *routlen,
-			const unsigned char *sig, int siglen)
+			unsigned char *rout, size_t *routlen,
+			const unsigned char *sig, size_t siglen)
 	{
 	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover)
 		{
@@ -208,8 +208,8 @@ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
 	}
 
 int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
-			unsigned char *out, int *outlen,
-			const unsigned char *in, int inlen)
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen)
 	{
 	if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt)
 		{
@@ -245,8 +245,8 @@ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
 	}
 
 int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
-			unsigned char *out, int *outlen,
-			const unsigned char *in, int inlen)
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen)
 	{
 	if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt)
 		{
@@ -342,7 +342,7 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
 	}
 
 
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *pkeylen)
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
 	{
 	if (!ctx || !ctx->pmeth || !ctx->pmeth->derive)
 		{

crypto/evp/pmeth_lib.c

@@ -329,8 +329,8 @@ void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
 	int (*sign_init)(EVP_PKEY_CTX *ctx),
-	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen))
+	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen))
 	{
 	pmeth->sign_init = sign_init;
 	pmeth->sign = sign;
@@ -338,8 +338,8 @@ void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
 	int (*verify_init)(EVP_PKEY_CTX *ctx),
-	int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
-					const unsigned char *tbs, int tbslen))
+	int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen))
 	{
 	pmeth->verify_init = verify_init;
 	pmeth->verify = verify;
@@ -348,8 +348,8 @@ void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
 void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
 	int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
 	int (*verify_recover)(EVP_PKEY_CTX *ctx,
-					unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen))
+					unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen))
 	{
 	pmeth->verify_recover_init = verify_recover_init;
 	pmeth->verify_recover = verify_recover;
@@ -357,7 +357,7 @@ void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
 	int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
-	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
+	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 					EVP_MD_CTX *mctx))
 	{
 	pmeth->signctx_init = signctx_init;
@@ -375,8 +375,8 @@ void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
 	int (*encrypt_init)(EVP_PKEY_CTX *ctx),
-	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-					const unsigned char *in, int inlen))
+	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen))
 	{
 	pmeth->encrypt_init = encrypt_init;
 	pmeth->encrypt = encrypt;
@@ -384,8 +384,8 @@ void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
 	int (*decrypt_init)(EVP_PKEY_CTX *ctx),
-	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-					const unsigned char *in, int inlen))
+	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen))
 	{
 	pmeth->decrypt_init = decrypt_init;
 	pmeth->decrypt = decrypt;
@@ -393,7 +393,7 @@ void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
 
 void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
 	int (*derive_init)(EVP_PKEY_CTX *ctx),
-	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen))
+	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
 	{
 	pmeth->derive_init = derive_init;
 	pmeth->derive = derive;

crypto/rsa/rsa_pmeth.c

@@ -64,9 +64,9 @@
 #include <openssl/evp.h>
 #include "evp_locl.h"
 
-extern int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
-		unsigned char *rm, unsigned int *prm_len,
-		const unsigned char *sigbuf, unsigned int siglen,
+extern int int_rsa_verify(int dtype, const unsigned char *m, size_t m_len,
+		unsigned char *rm, size_t *prm_len,
+		const unsigned char *sigbuf, size_t siglen,
 		RSA *rsa);
 
 /* RSA pkey context structure */
@@ -132,8 +132,8 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
 		}
 	}
 
-static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
-					const unsigned char *tbs, int tbslen)
+static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+					const unsigned char *tbs, size_t tbslen)
 	{
 	int ret;
 	RSA_PKEY_CTX *rctx = ctx->data;
@@ -141,7 +141,7 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
 
 	if (rctx->md)
 		{
-		if (tbslen != EVP_MD_size(rctx->md))
+		if (tbslen != (size_t)EVP_MD_size(rctx->md))
 			{
 			RSAerr(RSA_F_PKEY_RSA_SIGN,
 					RSA_R_INVALID_DIGEST_LENGTH);
@@ -190,8 +190,8 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
 
 
 static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
-					unsigned char *rout, int *routlen,
-                                        const unsigned char *sig, int siglen)
+					unsigned char *rout, size_t *routlen,
+					const unsigned char *sig, size_t siglen)
 	{
 	int ret;
 	RSA_PKEY_CTX *rctx = ctx->data;
@@ -245,12 +245,12 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
 	}
 
 static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
-					const unsigned char *sig, int siglen,
-                                        const unsigned char *tbs, int tbslen)
+					const unsigned char *sig, size_t siglen,
+					const unsigned char *tbs, size_t tbslen)
 	{
 	RSA_PKEY_CTX *rctx = ctx->data;
 	RSA *rsa = ctx->pkey->pkey.rsa;
-	int rslen;
+	size_t rslen;
 	if (rctx->md)
 		{
 		if (rctx->pad_mode == RSA_PKCS1_PADDING)
@@ -298,8 +298,9 @@ static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
 	}
 	
 
-static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-                                        const unsigned char *in, int inlen)
+static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx,
+					unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen)
 	{
 	int ret;
 	RSA_PKEY_CTX *rctx = ctx->data;
@@ -311,8 +312,9 @@ static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
 	return 1;
 	}
 
-static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, int *outlen,
-                                        const unsigned char *in, int inlen)
+static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
+					unsigned char *out, size_t *outlen,
+					const unsigned char *in, size_t inlen)
 	{
 	int ret;
 	RSA_PKEY_CTX *rctx = ctx->data;