diff --git a/common/iobuf.c b/common/iobuf.c
index 3c5dc800c..f70ab9879 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -2641,20 +2641,20 @@ iobuf_get_filelength (iobuf_t a)
 }
 
 
-int
+gnupg_fd_t
 iobuf_get_fd (iobuf_t a)
 {
   for (; a->chain; a = a->chain)
     ;
 
   if (a->filter != file_filter)
-    return -1;
+    return GNUPG_INVALID_FD;
 
   {
     file_filter_ctx_t *b = a->filter_ov;
     gnupg_fd_t fp = b->fp;
 
-    return FD2INT (fp);
+    return fp;
   }
 }
 
diff --git a/common/iobuf.h b/common/iobuf.h
index 4a723908d..4354c718d 100644
--- a/common/iobuf.h
+++ b/common/iobuf.h
@@ -590,7 +590,7 @@ uint64_t iobuf_get_filelength (iobuf_t a);
 
 /* Return the file descriptor designating the underlying file.  This
    only works with file_filter based pipelines.  */
-int  iobuf_get_fd (iobuf_t a);
+gnupg_fd_t iobuf_get_fd (iobuf_t a);
 
 /* Return the real filename, if available.  This only supports
    pipelines that end in file filters.  Returns NULL if not
diff --git a/g10/main.h b/g10/main.h
index 38e6a9c22..c202dacb8 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -107,7 +107,7 @@ char *make_radix64_string( const byte *data, size_t len );
 void trap_unaligned(void);
 void register_secured_file (const char *fname);
 void unregister_secured_file (const char *fname);
-int  is_secured_file (int fd);
+int  is_secured_file (gnupg_fd_t fd);
 int  is_secured_filename (const char *fname);
 u16 checksum_u16( unsigned n );
 u16 checksum( const byte *p, unsigned n );
diff --git a/g10/misc.c b/g10/misc.c
index d1f0efc6e..ec9b9025d 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -160,7 +160,7 @@ unregister_secured_file (const char *fname)
 /* Return true if FD is corresponds to a secured file.  Using -1 for
    FS is allowed and will return false. */
 int
-is_secured_file (int fd)
+is_secured_file (gnupg_fd_t fd)
 {
 #ifdef ENABLE_SELINUX_HACKS
   struct stat buf;