check DSA_sign() return value properly

[openssl.git] / crypto / dsa / dsa_pmeth.c

diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 18b57aab79f4dc58d10c332f4b2784efc1ceeba1..4ce91e20c64375899819bdecfb839bb23220d61f 100644 (file)
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -1,4 +1,4 @@
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
 /* ====================================================================
@@ -132,7 +132,7 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 
        ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
 
-       if (ret < 0)
+       if (ret <= 0)
                return ret;
        *siglen = sltmp;
        return 1;
@@ -186,6 +186,7 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
                case EVP_PKEY_CTRL_MD:
                if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1   &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_dsa    &&
                    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
                    EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
                        {