diff --git a/src/internal.c b/src/internal.c
index 71c80dc98..ff0911753 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -30767,7 +30767,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #ifndef NO_ASN_TIME
             c32toa(LowResTimer(), (byte*)&it.timestamp);
 #endif
-            it.haveEMS = ssl->options.haveEMS;
+            it.haveEMS = (byte) ssl->options.haveEMS;
         }
         else {
 #ifdef WOLFSSL_TLS13
diff --git a/src/ssl.c b/src/ssl.c
index e38decf5c..83cb4acbd 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -13519,7 +13519,7 @@ int AddSessionToCache(WOLFSSL_SESSION* addSession, const byte* id, byte idSz,
         cacheTicBuff = cacheSession->ticket;
         ticBuffUsed = 1;
         cacheSession->ticket = ticBuff;
-        cacheSession->ticketLenAlloc = ticLen;
+        cacheSession->ticketLenAlloc = (word16) ticLen;
     }
 #endif
 #ifdef SESSION_CERTS
@@ -19849,7 +19849,7 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
                 WOLFSSL_MSG("Failed to allocate memory for ticket when avoiding"
                         " syscalls");
                 output->ticket = ticBuff;
-                output->ticketLenAlloc = ticLenAlloc;
+                output->ticketLenAlloc = (word16) ticLenAlloc;
                 output->ticketLen = 0;
                 ret = WOLFSSL_FAILURE;
             }
@@ -19873,7 +19873,7 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
         if (ticBuff != NULL && ret == WOLFSSL_SUCCESS) {
             XMEMCPY(ticBuff, input->ticket, input->ticketLen);
             output->ticket = ticBuff;
-            output->ticketLenAlloc = ticLenAlloc;
+            output->ticketLenAlloc = (word16) ticLenAlloc;
         }
     }
     else {
@@ -19891,7 +19891,7 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
                                 "avoiding system calls");
                     ret = WOLFSSL_FAILURE;
                     output->ticket = ticBuff;
-                    output->ticketLenAlloc = ticLenAlloc;
+                    output->ticketLenAlloc = (word16) ticLenAlloc;
                     output->ticketLen = 0;
                 }
             }
@@ -42309,7 +42309,7 @@ int wolfSSL_set_alpn_protos(WOLFSSL* ssl,
     TLSX_Remove(&ssl->extensions, TLSX_APPLICATION_LAYER_PROTOCOL, ssl->heap);
 
     if ((sz = wolfSSL_BIO_get_mem_data(bio, &pt)) > 0) {
-        wolfSSL_UseALPN(ssl, pt, sz, alpn_opt);
+        wolfSSL_UseALPN(ssl, pt, sz, (byte) alpn_opt);
     }
     wolfSSL_BIO_free(bio);
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
diff --git a/src/tls.c b/src/tls.c
index d9b08cbd9..ad0b787b3 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -6706,7 +6706,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
     int ret = 0;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
     word32 keySize = 0;
-    word16 curveId = ECC_CURVE_INVALID;
+    word16 curveId = (word16) ECC_CURVE_INVALID;
     ecc_key* eccKey = (ecc_key*)kse->key;
 
     /* TODO: [TLS13] The key sizes should come from wolfcrypt. */
diff --git a/src/x509.c b/src/x509.c
index 9cd2a3874..0f8acc2db 100644
--- a/src/x509.c
+++ b/src/x509.c
@@ -8182,7 +8182,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
             return BUFFER_E;
         }
 
-        out[0] = t->type;
+        out[0] = (byte) t->type;
         sz = SetLength(t->length, out + 1) + 1;  /* gen tag */
         for (i = 0; i < t->length; i++) {
             out[sz + i] = t->data[i];
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index 9febd9408..f8d6cd5db 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -4582,7 +4582,7 @@ static WC_INLINE void RIGHTSHIFTX(byte* x)
 
     for (i = 0; i < AES_BLOCK_SIZE; i++) {
         int carryOut = (x[i] & 0x01) << 7;
-        x[i] = (x[i] >> 1) | carryIn;
+        x[i] = (byte) ((x[i] >> 1) | carryIn);
         carryIn = carryOut;
     }
     x[0] ^= borrow;
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 5d8c75ed6..0e7512fe2 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -22575,7 +22575,7 @@ int FlattenAltNames(byte* output, word32 outputSz, const DNS_entry* names)
         idx = i - curName->len - len - 1;
         i = idx;
 #endif
-        output[idx] = ASN_CONTEXT_SPECIFIC | curName->type;
+        output[idx] = (byte) (ASN_CONTEXT_SPECIFIC | curName->type);
         if (curName->type == ASN_DIR_TYPE) {
             output[idx] |= ASN_CONSTRUCTED;
         }
diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c
index fad641f7d..a446b6a76 100644
--- a/wolfcrypt/src/evp.c
+++ b/wolfcrypt/src/evp.c
@@ -6381,7 +6381,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
             ctx->authTagSz  = CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE;
             ctx->ivSz       = CHACHA20_POLY1305_AEAD_IV_SIZE;
             if (enc == 0 || enc == 1) {
-                ctx->enc    = enc;
+                ctx->enc    = (byte) enc;
             }
 
             if (key != NULL && iv != NULL && wc_ChaCha20Poly1305_Init(
diff --git a/wolfcrypt/src/sha3.c b/wolfcrypt/src/sha3.c
index 8548ae579..9007b28bc 100644
--- a/wolfcrypt/src/sha3.c
+++ b/wolfcrypt/src/sha3.c
@@ -621,7 +621,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
             t[i] = data[i];
         data += i;
         len -= i;
-        sha3->i += i;
+        sha3->i += (byte) i;
 
         if (sha3->i == p * 8) {
             for (i = 0; i < p; i++)
@@ -639,7 +639,7 @@ static int Sha3Update(wc_Sha3* sha3, const byte* data, word32 len, byte p)
     }
     for (i = 0; i < len; i++)
         sha3->t[i] = data[i];
-    sha3->i += i;
+    sha3->i += (byte) i;
 
     return 0;
 }
diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c
index 1317df0ad..b9980fdcc 100644
--- a/wolfcrypt/src/sp_int.c
+++ b/wolfcrypt/src/sp_int.c
@@ -14527,8 +14527,8 @@ int sp_mont_setup(sp_int* m, sp_int_digit* rho)
     #endif /* SP_WORD_SIZE >= 32 */
     #endif /* SP_WORD_SIZE >= 16 */
 
-        /* rho = -1/m mod b */
-        *rho = -x;
+        /* rho = -1/m mod b, subtract x (unsigned) from 0, assign negative */
+        *rho = (sp_int_digit) ((sp_int_digit)0 - (sp_int_digit)x);
     }
 
     return err;
@@ -14757,7 +14757,7 @@ int sp_to_unsigned_bin_len(sp_int* a, byte* out, int outSz)
             for (i = 0; (j >= 0) && (i < a->used); i++) {
                 int b;
                 for (b = 0; b < SP_WORD_SIZE; b += 8) {
-                    out[j--] = a->dp[i] >> b;
+                    out[j--] = (byte) (a->dp[i] >> b);
                     if (j < 0) {
                         break;
                     }
@@ -15039,11 +15039,11 @@ int sp_tohex(sp_int* a, char* str)
     #endif /* WC_DISABLE_RADIX_ZERO_PAD */
             /* Most-significant word. */
             for (; j >= 0; j -= 4) {
-                *(str++) = ByteToHex(a->dp[i] >> j);
+                *(str++) = ByteToHex((byte) (a->dp[i] >> j));
             }
             for (--i; i >= 0; i--) {
                 for (j = SP_WORD_SIZE - 4; j >= 0; j -= 4) {
-                    *(str++) = ByteToHex(a->dp[i] >> j);
+                    *(str++) = (byte) ByteToHex((byte) (a->dp[i] >> j));
                 }
             }
             *str = '\0';
@@ -15103,14 +15103,14 @@ int sp_todecimal(sp_int* a, char* str)
             i = 0;
             while (!sp_iszero(t)) {
                 sp_div_d(t, 10, t, &d);
-                str[i++] = '0' + d;
+                str[i++] = (char) ('0' + d);
             }
             str[i] = '\0';
 
             for (j = 0; j <= (i - 1) / 2; j++) {
                 int c = (unsigned char)str[j];
                 str[j] = str[i - 1 - j];
-                str[i - 1 - j] = c;
+                str[i - 1 - j] = (char) c;
             }
         }