diff --git a/src/hpke.rs b/src/hpke.rs
index 7eace9b..f5741ae 100644
--- a/src/hpke.rs
+++ b/src/hpke.rs
@@ -64,7 +64,10 @@ fn extract_and_expand(dh: x25519::SharedSecret, kem_context: &[u8]) -> [u8; 32]
         kem_context,
         &mut shr,
     )
-    .expect("Length of shr is known to be OK");
+    .map_err(|_err| {
+        error!("Length of shr is known to be OK: {_err:?}");
+    })
+    .unwrap();
     shr
 }
 
@@ -170,7 +173,10 @@ fn key_schedule<T: Aead>(_role: Role, shared_secret: [u8; 32], info: &[u8]) -> C
         &key_schedule_context,
         &mut key,
     )
-    .expect("KEY is not too large");
+    .map_err(|_err| {
+        error!("KEY is not too large: {_err:?}");
+    })
+    .unwrap();
     let mut base_nonce = [0; NN];
     labeled_expand(
         T::X25519_HKDF_SHA256_SELF_HPKE_SUITE_ID,
@@ -179,7 +185,10 @@ fn key_schedule<T: Aead>(_role: Role, shared_secret: [u8; 32], info: &[u8]) -> C
         &key_schedule_context,
         &mut base_nonce,
     )
-    .expect("NONCE is not too large");
+    .map_err(|_err| {
+        error!("NONCE is not too large: {_err:?}");
+    })
+    .unwrap();
     let mut exporter_secret = [0; NH];
     labeled_expand(
         T::X25519_HKDF_SHA256_SELF_HPKE_SUITE_ID,
@@ -188,7 +197,10 @@ fn key_schedule<T: Aead>(_role: Role, shared_secret: [u8; 32], info: &[u8]) -> C
         &key_schedule_context,
         &mut exporter_secret,
     )
-    .expect("EXP is not too large");
+    .map_err(|_err| {
+        error!("EXP is not too large: {_err:?}");
+    })
+    .unwrap();
     Context {
         key,
         base_nonce,
@@ -224,7 +236,10 @@ impl Context {
         let mut aead = T::new((&self.key).into());
         let tag = aead
             .encrypt_in_place_detached(nonce, aad, plaintext)
-            .expect("Not used to encrypt data too large");
+            .map_err(|_err| {
+                error!("Not used to encrypt data too large: {_err:?}");
+            })
+            .unwrap();
 
         tag.into()
     }