diff --git a/bin/xbps-query/list.c b/bin/xbps-query/list.c
index 1e23ae44..c22ae00d 100644
--- a/bin/xbps-query/list.c
+++ b/bin/xbps-query/list.c
@@ -197,7 +197,7 @@ repo_list_uri(struct xbps_repo *repo)
 		xbps_dictionary_get_uint16(repo->idxmeta, "public-key-size", &pubkeysize);
 		pubkey = xbps_dictionary_get(repo->idxmeta, "public-key");
 		if (pubkey)
-			hexfp = xbps_pubkey2fp(repo->xhp, pubkey);
+			hexfp = xbps_pubkey2fp(pubkey);
 		if (signedby)
 			printf("      Signed-by: %s\n", signedby);
 		if (pubkeysize && hexfp)
diff --git a/include/xbps.h.in b/include/xbps.h.in
index 5d065013..45025d03 100644
--- a/include/xbps.h.in
+++ b/include/xbps.h.in
@@ -2245,13 +2245,12 @@ int xbps_cmpver(const char *pkg1, const char *pkg2);
 /**
  * Converts a RSA public key in PEM format to a hex fingerprint.
  *
- * @param[in] xhp The pointer to an xbps_handle struct.
  * @param[in] pubkey The public-key in PEM format as xbps_data_t.
  *
  * @return The OpenSSH fingerprint in hexadecimal.
  * The returned buffer must be free(3)d when necessary.
  */
-char *xbps_pubkey2fp(struct xbps_handle *xhp, xbps_data_t pubkey);
+char *xbps_pubkey2fp(xbps_data_t pubkey);
 
 /**
  * Returns a buffer with a sanitized path from \a src.
diff --git a/lib/pubkey2fp.c b/lib/pubkey2fp.c
index 2ef6f092..5b36cca4 100644
--- a/lib/pubkey2fp.c
+++ b/lib/pubkey2fp.c
@@ -63,7 +63,7 @@ fp2str(unsigned const char *fp, unsigned int len)
 }
 
 char *
-xbps_pubkey2fp(struct xbps_handle *xhp, xbps_data_t pubkey)
+xbps_pubkey2fp(xbps_data_t pubkey)
 {
 	EVP_MD_CTX *mdctx = NULL;
 	EVP_PKEY *pPubKey = NULL;
diff --git a/lib/repo.c b/lib/repo.c
index e92ff230..c4f19b2a 100644
--- a/lib/repo.c
+++ b/lib/repo.c
@@ -655,7 +655,11 @@ xbps_repo_key_import(struct xbps_repo *repo)
 		rv = EINVAL;
 		goto out;
 	}
-	hexfp = xbps_pubkey2fp(repo->xhp, pubkey);
+	hexfp = xbps_pubkey2fp(pubkey);
+	if (hexfp == NULL) {
+		rv = EINVAL;
+		goto out;
+	}
 	/*
 	 * Check if the public key is alredy stored.
 	 */
diff --git a/lib/verifysig.c b/lib/verifysig.c
index ba51f14b..b32284a5 100644
--- a/lib/verifysig.c
+++ b/lib/verifysig.c
@@ -87,8 +87,7 @@ xbps_verify_signature(struct xbps_repo *repo, const char *sigfile,
 		xbps_dbg_printf("%s: unsigned repository\n", repo->uri);
 		return false;
 	}
-	hexfp = xbps_pubkey2fp(repo->xhp,
-	    xbps_dictionary_get(repo->idxmeta, "public-key"));
+	hexfp = xbps_pubkey2fp(xbps_dictionary_get(repo->idxmeta, "public-key"));
 	if (hexfp == NULL) {
 		xbps_dbg_printf("%s: incomplete signed repo, missing hexfp obj\n", repo->uri);
 		return false;