diff --git a/src/ssl.c b/src/ssl.c
index 387455cf5..cd2acef55 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -2382,7 +2382,7 @@ int wolfSSL_Init(void)
 static int wolfssl_decrypt_buffer_key(buffer* der, byte* password,
                                       int passwordSz, EncryptedInfo* info)
 {
-    int ret;
+    int ret = SSL_BAD_FILE;
 
 #ifdef WOLFSSL_SMALL_STACK
     byte* key      = NULL;
@@ -2434,7 +2434,7 @@ static int wolfssl_decrypt_buffer_key(buffer* der, byte* password,
                                         key, info->iv);
 #endif /* NO_DES3 */
 #ifndef NO_AES
-    else if (XSTRNCMP(info->name, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
+    if (XSTRNCMP(info->name, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
         ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,
                                       key, AES_128_KEY_SIZE, info->iv);
     else if (XSTRNCMP(info->name, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
@@ -2444,8 +2444,6 @@ static int wolfssl_decrypt_buffer_key(buffer* der, byte* password,
         ret = wc_AesCbcDecryptWithKey(der->buffer, der->buffer, der->length,
                                       key, AES_256_KEY_SIZE, info->iv);
 #endif /* NO_AES */
-    else
-        ret = SSL_BAD_FILE;
 
 #ifdef WOLFSSL_SMALL_STACK
     XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -2465,7 +2463,7 @@ static int wolfssl_decrypt_buffer_key(buffer* der, byte* password,
 static int wolfssl_encrypt_buffer_key(byte* der, word32 derSz, byte* password,
                                       int passwordSz, EncryptedInfo* info)
 {
-    int ret;
+    int ret = SSL_BAD_FILE;
 
 #ifdef WOLFSSL_SMALL_STACK
     byte* key      = NULL;
@@ -2509,7 +2507,7 @@ static int wolfssl_encrypt_buffer_key(byte* der, word32 derSz, byte* password,
         ret = wc_Des3_CbcEncryptWithKey(der, der, derSz, key, info->iv);
 #endif /* NO_DES3 */
 #ifndef NO_AES
-    else if (XSTRNCMP(info->name, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
+    if (XSTRNCMP(info->name, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
         ret = wc_AesCbcEncryptWithKey(der, der, derSz,
                                       key, AES_128_KEY_SIZE, info->iv);
     else if (XSTRNCMP(info->name, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
@@ -2519,8 +2517,6 @@ static int wolfssl_encrypt_buffer_key(byte* der, word32 derSz, byte* password,
         ret = wc_AesCbcEncryptWithKey(der, der, derSz,
                                       key, AES_256_KEY_SIZE, info->iv);
 #endif /* NO_AES */
-    else
-        ret = SSL_BAD_FILE;
 
 #ifdef WOLFSSL_SMALL_STACK
     XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -8332,17 +8328,15 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
     }
 
 
-    /* SSL_SUCCESS on ok */
+    /* return SSL_SUCCESS on ok, 0 on failure to match API compatibility */
     int  wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
                                const WOLFSSL_EVP_CIPHER* type, byte* key,
                                byte* iv, int enc)
     {
-#if defined(NO_AES) && defined(NO_DES3) && !defined(HAVE_IDEA)
+        int ret = -1;  /* failure local, during function 0 means success
+                          because internal functions work that way */
         (void)iv;
         (void)enc;
-#else
-        int ret = 0;
-#endif
 
         WOLFSSL_ENTER("wolfSSL_EVP_CipherInit");
         if (ctx == NULL) {
@@ -8475,7 +8469,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
 #endif /* NO_AES */
 
 #ifndef NO_DES3
-        else if (ctx->cipherType == DES_CBC_TYPE ||
+        if (ctx->cipherType == DES_CBC_TYPE ||
                  (type && XSTRNCMP(type, EVP_DES_CBC, EVP_DES_SIZE) == 0)) {
             WOLFSSL_MSG(EVP_DES_CBC);
             ctx->cipherType = DES_CBC_TYPE;
@@ -8515,7 +8509,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
         }
 #endif /* NO_DES3 */
 #ifndef NO_RC4
-        else if (ctx->cipherType == ARC4_TYPE || (type &&
+        if (ctx->cipherType == ARC4_TYPE || (type &&
                                      XSTRNCMP(type, "ARC4", 4) == 0)) {
             WOLFSSL_MSG("ARC4");
             ctx->cipherType = ARC4_TYPE;
@@ -8523,10 +8517,11 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                 ctx->keyLen = 16;  /* default to 128 */
             if (key)
                 wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen);
+            ret = 0;  /* success */
         }
 #endif /* NO_RC4 */
 #ifdef HAVE_IDEA
-        else if (ctx->cipherType == IDEA_CBC_TYPE ||
+        if (ctx->cipherType == IDEA_CBC_TYPE ||
                  (type && XSTRNCMP(type, EVP_IDEA_CBC, EVP_IDEA_SIZE) == 0)) {
             WOLFSSL_MSG(EVP_IDEA_CBC);
             ctx->cipherType = IDEA_CBC_TYPE;
@@ -8544,17 +8539,18 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                 wc_IdeaSetIV(&ctx->cipher.idea, iv);
         }
 #endif /* HAVE_IDEA */
-        else if (ctx->cipherType == NULL_CIPHER_TYPE || (type &&
+        if (ctx->cipherType == NULL_CIPHER_TYPE || (type &&
                                      XSTRNCMP(type, "NULL", 4) == 0)) {
             WOLFSSL_MSG("NULL cipher");
             ctx->cipherType = NULL_CIPHER_TYPE;
             ctx->keyLen = 0;
+            ret = 0;  /* success */
         }
+
+        if (ret == 0)
+            return SSL_SUCCESS;
         else
-            return 0;   /* failure */
-
-
-        return SSL_SUCCESS;
+            return 0;  /* overall failure */
     }