diff --git a/ChangeLog b/ChangeLog
index 4c7338a161f7072f95e69cd515ef22fdec309428..079d01530e9330d4539bc97b62d1c6f8c3682349 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2018-12-26  Niels Möller  <nisse@lysator.liu.se>
+
+	* rsa-sign-tr.c (sec_equal): Fix accidental use of C99 for loop.
+	Reported by Andreas Gustafsson.
+	* testsuite/rsa-sec-decrypt-test.c (test_main): Likewise.
+
 2018-12-04  Niels Möller  <nisse@lysator.liu.se>
 
 	* Released nettle-3.4.1.
diff --git a/rsa-sign-tr.c b/rsa-sign-tr.c
index 59c9bd074d3e897299d302fe429e6a03efda19a1..f824c4ca0460fd3e9ff504208f3f55bd9e4cedfa 100644
--- a/rsa-sign-tr.c
+++ b/rsa-sign-tr.c
@@ -239,8 +239,9 @@ static int
 sec_equal(const mp_limb_t *a, const mp_limb_t *b, size_t limbs)
 {
   volatile mp_limb_t z = 0;
+  size_t i;
 
-  for (size_t i = 0; i < limbs; i++)
+  for (i = 0; i < limbs; i++)
     {
       z |= (a[i] ^ b[i]);
     }
diff --git a/testsuite/rsa-sec-decrypt-test.c b/testsuite/rsa-sec-decrypt-test.c
index 64f0b13c786b4e4dc1748858d34447c5dbf97fb5..fb0ed3a1886007fed53fd467d60968cda5007aa8 100644
--- a/testsuite/rsa-sec-decrypt-test.c
+++ b/testsuite/rsa-sec-decrypt-test.c
@@ -68,6 +68,7 @@ test_main(void)
   unsigned n_size = 1024;
   mpz_t gibberish;
   mpz_t garbage;
+  size_t size;
 
   rsa_private_key_init(&key);
   rsa_public_key_init(&pub);
@@ -78,7 +79,7 @@ test_main(void)
 
   memset(verifybad, 'A', PAYLOAD_SIZE);
 
-  for (size_t size = 1; size < 51; size++)
+  for (size = 1; size < 51; size++)
     {
       ASSERT (rsa_generate_keypair(&pub, &key, &random_ctx,
 			           (nettle_random_func *) knuth_lfib_random,