diff --git a/src/ssl.c b/src/ssl.c
index 9ce4b7c3c..5a09d1959 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -14812,13 +14812,15 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX* ctx,
 
 
 #ifndef NO_DES3
-void wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
+/* 0 on success */
+int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
                                                WOLFSSL_DES_key_schedule* key)
 {
 #ifdef WOLFSSL_CHECK_DESKEY
-    wolfSSL_DES_set_key_checked(myDes, key);
+    return wolfSSL_DES_set_key_checked(myDes, key);
 #else
     wolfSSL_DES_set_key_unchecked(myDes, key);
+    return 0;
 #endif
 }
 
@@ -14836,12 +14838,14 @@ static int DES_check(word32 mask, word32 mask2, unsigned char* key)
 }
 
 
-/* check that the key is odd parity and is not a weak key */
-void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
+/* check that the key is odd parity and is not a weak key
+ * returns -1 if parity is wrong, -2 if weak/null key and 0 on success */
+int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
                                                WOLFSSL_DES_key_schedule* key)
 {
     if (myDes == NULL || key == NULL) {
         WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_set_key_checked");
+        return -2;
     }
     else {
         word32 i, mask, mask2;
@@ -14850,7 +14854,7 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
         /* sanity check before call to DES_check */
         if (sz != (sizeof(word32) * 2)) {
             WOLFSSL_MSG("Unexpected WOLFSSL_DES_key_schedule size");
-            return;
+            return -2;
         }
 
         /* check odd parity */
@@ -14865,7 +14869,7 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
                 ((c >> 6) & 0x01) ^
                 ((c >> 7) & 0x01)) != 1) {
                 WOLFSSL_MSG("Odd parity test fail");
-                return;
+                return -1;
             }
         }
 
@@ -14876,25 +14880,25 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
         mask = 0x01010101; mask2 = 0x01010101;
         if (DES_check(mask, mask2, *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE;
         if (DES_check(mask, mask2, *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1;
         if (DES_check(mask, mask2, *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E;
         if (DES_check(mask, mask2, *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         /* semi-weak *key check (list from same Nist paper) */
@@ -14902,39 +14906,41 @@ void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
         if (DES_check(mask, mask2, *key) ||
            DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         mask  = 0x01E001E0; mask2 = 0x01F101F1;
         if (DES_check(mask, mask2, *key) ||
            DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         mask  = 0x01FE01FE; mask2 = 0x01FE01FE;
         if (DES_check(mask, mask2, *key) ||
            DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         mask  = 0x1FE01FE0; mask2 = 0x0EF10EF1;
         if (DES_check(mask, mask2, *key) ||
            DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         mask  = 0x1FFE1FFE; mask2 = 0x0EFE0EFE;
         if (DES_check(mask, mask2, *key) ||
            DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
             WOLFSSL_MSG("Weak key found");
-            return;
+            return -2;
         }
 
         /* passed tests, now copy over key */
         XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
+
+        return 0;
     }
 }
 
diff --git a/tests/api.c b/tests/api.c
index 3022d7b92..3cd7e0005 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -2241,12 +2241,12 @@ static void test_wolfSSL_DES(void)
     /* check, check of odd parity */
     XMEMSET(key, 4, sizeof(DES_key_schedule));  key[0] = 3; /*set even parity*/
     XMEMSET(myDes, 5, sizeof(const_DES_cblock));
-    DES_set_key_checked(&myDes, &key);
+    AssertIntEQ(DES_set_key_checked(&myDes, &key), -1);
     AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
 
     /* set odd parity for success case */
     key[0] = 4;
-    DES_set_key_checked(&myDes, &key);
+    AssertIntEQ(DES_set_key_checked(&myDes, &key), 0);
     for (i = 0; i < sizeof(DES_key_schedule); i++) {
         AssertIntEQ(key[i], myDes[i]);
     }
@@ -2254,7 +2254,7 @@ static void test_wolfSSL_DES(void)
     /* check weak key */
     XMEMSET(key, 1, sizeof(DES_key_schedule));
     XMEMSET(myDes, 5, sizeof(const_DES_cblock));
-    DES_set_key_checked(&myDes, &key);
+    AssertIntEQ(DES_set_key_checked(&myDes, &key), -2);
     AssertIntNE(key[0], myDes[0]); /* should not have copied over key */
 
     /* now do unchecked copy of a weak key over */
diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c
index 36c8bb07b..a393d2acf 100644
--- a/wolfcrypt/src/evp.c
+++ b/wolfcrypt/src/evp.c
@@ -417,19 +417,22 @@ WOLFSSL_API int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
   if (cipher == NULL) return BAD_FUNC_ARG;
   switch (cipherType(cipher)) {
   #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-      case AES_128_CBC_TYPE: return 16;
-      case AES_192_CBC_TYPE: return 24;
-      case AES_256_CBC_TYPE: return 32;
+      case AES_128_CBC_TYPE:
+      case AES_192_CBC_TYPE:
+      case AES_256_CBC_TYPE:
+                             return AES_BLOCK_SIZE;
   #endif
   #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER)
-      case AES_128_CTR_TYPE: return 16;
-      case AES_192_CTR_TYPE: return 24;
-      case AES_256_CTR_TYPE: return 32;
+      case AES_128_CTR_TYPE:
+      case AES_192_CTR_TYPE:
+      case AES_256_CTR_TYPE:
+                             return AES_BLOCK_SIZE;
   #endif
   #if !defined(NO_AES) && defined(HAVE_AES_ECB)
-      case AES_128_ECB_TYPE: return 16;
-      case AES_192_ECB_TYPE: return 24;
-      case AES_256_ECB_TYPE: return 32;
+      case AES_128_ECB_TYPE:
+      case AES_192_ECB_TYPE:
+      case AES_256_ECB_TYPE:
+                             return AES_BLOCK_SIZE;
   #endif
   #ifndef NO_DES3
       case DES_CBC_TYPE: return 8;
diff --git a/wolfssl/openssl/des.h b/wolfssl/openssl/des.h
index 042551196..d154b72be 100644
--- a/wolfssl/openssl/des.h
+++ b/wolfssl/openssl/des.h
@@ -53,9 +53,9 @@ enum {
 };
 
 
-WOLFSSL_API void wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
+WOLFSSL_API int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
                                                WOLFSSL_DES_key_schedule* key);
-WOLFSSL_API void wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
+WOLFSSL_API int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
                                                WOLFSSL_DES_key_schedule* key);
 WOLFSSL_API void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock*,
                                              WOLFSSL_DES_key_schedule*);