diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 222cc66b..5a547c06 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -178,7 +178,7 @@
 
 int ssl3_accept(SSL *s) {
   BUF_MEM *buf = NULL;
-  unsigned long alg_a;
+  uint32_t alg_a;
   void (*cb)(const SSL *ssl, int type, int val) = NULL;
   int ret = -1;
   int new_state, state, skip = 0;
@@ -1121,7 +1121,7 @@ int ssl3_get_client_hello(SSL *s) {
   if (s->hit && CBS_len(&cipher_suites) > 0) {
     size_t j;
     int found_cipher = 0;
-    unsigned long id = s->session->cipher->id;
+    uint32_t id = s->session->cipher->id;
 
     for (j = 0; j < sk_SSL_CIPHER_num(ciphers); j++) {
       c = sk_SSL_CIPHER_value(ciphers, j);
@@ -1344,8 +1344,8 @@ int ssl3_send_server_key_exchange(SSL *s) {
   EVP_PKEY *pkey;
   uint8_t *p, *d;
   int al, i;
-  unsigned long alg_k;
-  unsigned long alg_a;
+  uint32_t alg_k;
+  uint32_t alg_a;
   int n;
   CERT *cert;
   BIGNUM *r[4];
@@ -1698,8 +1698,8 @@ int ssl3_get_client_key_exchange(SSL *s) {
   int al, ok;
   long n;
   CBS client_key_exchange;
-  unsigned long alg_k;
-  unsigned long alg_a;
+  uint32_t alg_k;
+  uint32_t alg_a;
   uint8_t *premaster_secret = NULL;
   size_t premaster_secret_len = 0;
   RSA *rsa = NULL;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 97a94a2e..2d92b30e 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2072,11 +2072,9 @@ void ssl_get_compatible_server_ciphers(SSL *s, uint32_t *out_mask_k,
   (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
 
 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) {
-  unsigned long alg_a;
-  int signature_nid = 0, md_nid = 0, pk_nid = 0;
   const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
-
-  alg_a = cs->algorithm_auth;
+  uint32_t alg_a = cs->algorithm_auth;
+  int signature_nid = 0, md_nid = 0, pk_nid = 0;
 
   /* This call populates the ex_flags field correctly */
   X509_check_purpose(x, -1, 0);
@@ -2121,13 +2119,10 @@ CERT_PKEY *ssl_get_server_send_pkey(const SSL *s) {
 }
 
 EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher) {
-  unsigned long alg_a;
-  CERT *c;
+  uint32_t alg_a = cipher->algorithm_auth;
+  CERT *c = s->cert;
   int idx = -1;
 
-  alg_a = cipher->algorithm_auth;
-  c = s->cert;
-
   if (alg_a & SSL_aRSA) {
     if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL) {
       idx = SSL_PKEY_RSA_SIGN;