diff --git a/src/eap_common/eap_eke_common.c b/src/eap_common/eap_eke_common.c
index b603e32b3..621746821 100644
--- a/src/eap_common/eap_eke_common.c
+++ b/src/eap_common/eap_eke_common.c
@@ -44,9 +44,7 @@ static int eap_eke_dhcomp_len(u8 dhgroup, u8 encr)
 	int dhlen;
 
 	dhlen = eap_eke_dh_len(dhgroup);
-	if (dhlen < 0)
-		return -1;
-	if (encr != EAP_EKE_ENCR_AES128_CBC)
+	if (dhlen < 0 || encr != EAP_EKE_ENCR_AES128_CBC)
 		return -1;
 	return AES_BLOCK_SIZE + dhlen;
 }
@@ -166,14 +164,11 @@ int eap_eke_dh_init(u8 group, u8 *ret_priv, u8 *ret_pub)
 	size_t pub_len, i;
 
 	generator = eap_eke_dh_generator(group);
-	if (generator < 0 || generator > 255)
+	dh = eap_eke_dh_group(group);
+	if (generator < 0 || generator > 255 || !dh)
 		return -1;
 	gen = generator;
 
-	dh = eap_eke_dh_group(group);
-	if (dh == NULL)
-		return -1;
-
 	/* x = random number 2 .. p-1 */
 	if (random_get_bytes(ret_priv, dh->prime_len))
 		return -1;
@@ -411,11 +406,8 @@ int eap_eke_shared_secret(struct eap_eke_session *sess, const u8 *key,
 	size_t len;
 	const struct dh_group *dh;
 
-	if (sess->encr != EAP_EKE_ENCR_AES128_CBC)
-		return -1;
-
 	dh = eap_eke_dh_group(sess->dhgroup);
-	if (dh == NULL)
+	if (sess->encr != EAP_EKE_ENCR_AES128_CBC || !dh)
 		return -1;
 
 	/* Decrypt peer DHComponent */
@@ -654,10 +646,8 @@ int eap_eke_prot(struct eap_eke_session *sess,
 		pos += pad;
 	}
 
-	if (aes_128_cbc_encrypt(sess->ke, iv, e, data_len + pad) < 0)
-		return -1;
-
-	if (eap_eke_mac(sess->mac, sess->ki, e, data_len + pad, pos) < 0)
+	if (aes_128_cbc_encrypt(sess->ke, iv, e, data_len + pad) < 0 ||
+	    eap_eke_mac(sess->mac, sess->ki, e, data_len + pad, pos) < 0)
 		return -1;
 	pos += icv_len;
 
@@ -685,9 +675,8 @@ int eap_eke_decrypt_prot(struct eap_eke_session *sess,
 	else
 		return -1;
 
-	if (prot_len < 2 * block_size + icv_len)
-		return -1;
-	if ((prot_len - icv_len) % block_size)
+	if (prot_len < 2 * block_size + icv_len ||
+	    (prot_len - icv_len) % block_size)
 		return -1;
 
 	if (eap_eke_mac(sess->mac, sess->ki, prot + block_size,
@@ -738,22 +727,14 @@ int eap_eke_session_init(struct eap_eke_session *sess, u8 dhgroup, u8 encr,
 	sess->mac = mac;
 
 	sess->prf_len = eap_eke_prf_len(prf);
-	if (sess->prf_len < 0)
-		return -1;
 	sess->nonce_len = eap_eke_nonce_len(prf);
-	if (sess->nonce_len < 0)
-		return -1;
 	sess->auth_len = eap_eke_auth_len(prf);
-	if (sess->auth_len < 0)
-		return -1;
 	sess->dhcomp_len = eap_eke_dhcomp_len(sess->dhgroup, sess->encr);
-	if (sess->dhcomp_len < 0)
-		return -1;
 	sess->pnonce_len = eap_eke_pnonce_len(sess->mac);
-	if (sess->pnonce_len < 0)
-		return -1;
 	sess->pnonce_ps_len = eap_eke_pnonce_ps_len(sess->mac);
-	if (sess->pnonce_ps_len < 0)
+	if (sess->prf_len < 0 || sess->nonce_len < 0 || sess->auth_len < 0 ||
+	    sess->dhcomp_len < 0 || sess->pnonce_len < 0 ||
+	    sess->pnonce_ps_len < 0)
 		return -1;
 
 	return 0;