--- src/libp11.h
+++ src/libp11.h
@@ -53,7 +53,7 @@
 typedef struct PKCS11_key_st {
 	char *label;
 	unsigned char *id;
-	int id_len;
+	size_t id_len;
 	unsigned char isPrivate;	/**< private key present? */
 	unsigned char needLogin;	/**< login to read private key? */
 	EVP_PKEY *evp_key;		/**< initially NULL, need to call PKCS11_load_key */
@@ -64,7 +64,7 @@
 typedef struct PKCS11_cert_st {
 	char *label;
 	unsigned char *id;
-	int id_len;
+	size_t id_len;
 	X509 *x509;
 	void *_private;
 } PKCS11_CERT;
@@ -291,7 +291,7 @@
  * @retval -1 error
  */
 
-extern int PKCS11_generate_key(PKCS11_TOKEN * token, int algorithm, unsigned int bits, char *label, unsigned char* id, unsigned int id_len);
+extern int PKCS11_generate_key(PKCS11_TOKEN * token, int algorithm, unsigned int bits, char *label, unsigned char* id, size_t id_len);
 
 /**
  * Store private key on a token
@@ -304,7 +304,7 @@
  * @retval 0 success
  * @retval -1 error
  */
-extern int PKCS11_store_private_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, unsigned int id_len);
+extern int PKCS11_store_private_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, size_t id_len);
 
 /**
  * Store public key on a token
@@ -317,7 +317,7 @@
  * @retval 0 success
  * @retval -1 error
  */
-extern int PKCS11_store_public_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, unsigned int id_len);
+extern int PKCS11_store_public_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, size_t id_len);
 
 /**
  * Store certificate on a token
@@ -332,7 +332,7 @@
  * @retval -1 error
  */
 extern int PKCS11_store_certificate(PKCS11_TOKEN * token, X509 * x509,
-		char *label, unsigned char *id, unsigned int id_len,
+		char *label, unsigned char *id, size_t id_len,
 		PKCS11_CERT **ret_cert);
 
 /* rsa private key operations */
--- src/p11_cert.c
+++ src/p11_cert.c
@@ -174,7 +174,7 @@
 		cert->x509 = d2i_X509(NULL, &p, size);
 	}
 	cert->id_len = sizeof(id);
-	if (!pkcs11_getattr_var(token, obj, CKA_ID, id, (size_t *) & cert->id_len)) {
+	if (!pkcs11_getattr_var(token, obj, CKA_ID, id, &cert->id_len)) {
 		cert->id = (unsigned char *) malloc(cert->id_len);
 		memcpy(cert->id, id, cert->id_len);
 	}
@@ -219,7 +219,7 @@
  */
 int
 PKCS11_store_certificate(PKCS11_TOKEN * token, X509 * x509, char *label,
-			 unsigned char *id, unsigned int id_len,
+			 unsigned char *id, size_t id_len,
 			 PKCS11_CERT ** ret_cert)
 {
 	PKCS11_SLOT *slot = TOKEN2SLOT(token);
--- src/p11_key.c
+++ src/p11_key.c
@@ -31,9 +31,9 @@
 			   CK_SESSION_HANDLE session, CK_OBJECT_HANDLE o,
 			   CK_OBJECT_CLASS type, PKCS11_KEY **);
 static int pkcs11_store_private_key(PKCS11_TOKEN *, EVP_PKEY *, char *,
-				    unsigned char *, unsigned int, PKCS11_KEY **);
+				    unsigned char *, size_t, PKCS11_KEY **);
 static int pkcs11_store_public_key(PKCS11_TOKEN *, EVP_PKEY *, char *,
-				   unsigned char *, unsigned int, PKCS11_KEY **);
+				   unsigned char *, size_t, PKCS11_KEY **);
 
 static CK_OBJECT_CLASS key_search_class;
 static CK_ATTRIBUTE key_search_attrs[] = {
@@ -93,14 +93,14 @@
 /*
  * Store a private key on the token
  */
-int PKCS11_store_private_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, unsigned int id_len)
+int PKCS11_store_private_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, size_t id_len)
 {
 	if (pkcs11_store_private_key(token, pk, label, id, id_len, NULL))
 		return -1;
 	return 0;
 }
 
-int PKCS11_store_public_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, unsigned int id_len)
+int PKCS11_store_public_key(PKCS11_TOKEN * token, EVP_PKEY * pk, char *label, unsigned char *id, size_t id_len)
 {
 	if (pkcs11_store_public_key(token, pk, label, id, id_len, NULL))
 		return -1;
@@ -114,7 +114,7 @@
  */
 int
 PKCS11_generate_key(PKCS11_TOKEN * token,
-		    int algorithm, unsigned int bits, char *label, unsigned char* id, unsigned int id_len)
+		    int algorithm, unsigned int bits, char *label, unsigned char* id, size_t id_len)
 {
 	PKCS11_KEY *key_obj;
 	EVP_PKEY *pk;
@@ -283,7 +283,7 @@
 	if (!pkcs11_getattr_s(token, obj, CKA_LABEL, label, sizeof(label)))
 		key->label = BUF_strdup(label);
 	key->id_len = sizeof(id);
-	if (!pkcs11_getattr_var(token, obj, CKA_ID, id, (size_t *) & key->id_len)) {
+	if (!pkcs11_getattr_var(token, obj, CKA_ID, id, &key->id_len)) {
 		key->id = (unsigned char *) malloc(key->id_len);
 		memcpy(key->id, id, key->id_len);
 	}
@@ -329,7 +329,7 @@
  * Store private key
  */
 static int pkcs11_store_private_key(PKCS11_TOKEN * token, EVP_PKEY * pk,
-		char *label, unsigned char *id, unsigned int id_len,
+		char *label, unsigned char *id, size_t id_len,
 		PKCS11_KEY ** ret_key)
 {
 	PKCS11_SLOT *slot = TOKEN2SLOT(token);
@@ -392,7 +392,7 @@
  * Store public key
  */
 static int pkcs11_store_public_key(PKCS11_TOKEN * token, EVP_PKEY * pk,
-		char *label, unsigned char *id, unsigned int id_len,
+		char *label, unsigned char *id, size_t id_len,
 		PKCS11_KEY ** ret_key)
 {
 	PKCS11_SLOT *slot = TOKEN2SLOT(token);
--- src/pkcs11.h
+++ src/pkcs11.h
@@ -460,7 +460,7 @@
 {
   ck_attribute_type_t type;
   void *value;
-  unsigned long value_len;
+  size_t value_len;
 };