diff --git a/g10/ChangeLog b/g10/ChangeLog
index 74d021271..db17bdbd2 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,5 +1,11 @@
 2003-12-17  David Shaw  <dshaw@localhost.localdomain>
 
+	* build-packet.c (write_fake_data, do_secret_key), seckey-cert.c
+	(do_check): Use an unsigned length for mpi_get_opaque.
+
+	* options.h: It's impolite to assign -1 to an unsigned
+	opt.force_ownertrust.
+
 	* sig-check.c (cmp_help, do_check), sign.c (do_sign): Remove old
 	unused code.
 
diff --git a/g10/build-packet.c b/g10/build-packet.c
index c1022fff5..3d246afe2 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -182,7 +182,7 @@ static void
 write_fake_data( IOBUF out, MPI a )
 {
     if( a ) {
-	int i;
+        unsigned int i;
 	void *p;
 
 	p = mpi_get_opaque( a, &i );
@@ -353,15 +353,17 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
     else if( sk->is_protected && sk->version >= 4 ) {
         /* The secret key is protected - write it out as it is */
 	byte *p;
+	unsigned int ndata;
+
 	assert( mpi_is_opaque( sk->skey[npkey] ) );
-	p = mpi_get_opaque( sk->skey[npkey], &i );
-	iobuf_write(a, p, i );
+	p = mpi_get_opaque( sk->skey[npkey], &ndata );
+	iobuf_write(a, p, ndata );
     }
     else if( sk->is_protected ) {
         /* The secret key is protected te old v4 way. */
 	for(   ; i < nskey; i++ ) {
             byte *p;
-            int ndata;
+            unsigned int ndata;
 
             assert (mpi_is_opaque (sk->skey[i]));
             p = mpi_get_opaque (sk->skey[i], &ndata);
diff --git a/g10/options.h b/g10/options.h
index 7f7585f55..0832abf21 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -97,7 +97,7 @@ struct {
       {
 	TM_CLASSIC=0, TM_PGP=1, TM_EXTERNAL=2, TM_ALWAYS, TM_AUTO
       } trust_model;
-    unsigned int force_ownertrust;
+    int force_ownertrust;
     enum
       {
 	CO_GNUPG=0, CO_RFC2440, CO_RFC1991, CO_PGP2, CO_PGP6, CO_PGP7, CO_PGP8
diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c
index 5730735b8..d0b57f14b 100644
--- a/g10/seckey-cert.c
+++ b/g10/seckey-cert.c
@@ -86,7 +86,7 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
 	cipher_setiv( cipher_hd, sk->protect.iv, sk->protect.ivlen );
 	csum = 0;
 	if( sk->version >= 4 ) {
-	    int ndata;
+	    unsigned int ndata;
 	    byte *p, *data;
             u16 csumc = 0;
 
@@ -140,7 +140,7 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
                     }
                 }
             }
-                
+
             /* must check it here otherwise the mpi_read_xx would fail
                because the length may have an arbitrary value */
             if( sk->csum == csum ) {
@@ -159,8 +159,7 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
 	    for(i=pubkey_get_npkey(sk->pubkey_algo);
 		    i < pubkey_get_nskey(sk->pubkey_algo); i++ ) {
                 byte *p;
-                int ndata;
-                unsigned int dummy;
+                unsigned int ndata;
 
                 assert (mpi_is_opaque (sk->skey[i]));
                 p = mpi_get_opaque (sk->skey[i], &ndata);
@@ -173,8 +172,7 @@ do_check( PKT_secret_key *sk, const char *tryagain_text, int mode,
                 cipher_decrypt (cipher_hd, buffer+2, p+2, ndata-2);
                 csum += checksum (buffer, ndata);
                 mpi_free (sk->skey[i]);
-                dummy = ndata;
-                sk->skey[i] = mpi_read_from_buffer (buffer, &dummy, 1);
+                sk->skey[i] = mpi_read_from_buffer (buffer, &ndata, 1);
                 assert (sk->skey[i]);
 		m_free (buffer);
 /*  		csum += checksum_mpi (sk->skey[i]); */